Abstract

Due to this paper's focus, the research is limited to evaluating and assessing the effectiveness of the three previously mentioned interventions in preventing and mitigating cyberattacks. These interventions include effective management of information system security, identifying potential cyber threats, and clarifying information security policies. Although other strategies exist to prevent and mitigate cyberattacks, this paper ignores them and limits itself to the three aforementioned strategies.

The security of an organization's information systems is tied to their brand reputation, and therefore, organizations might feel uncomfortable sharing factual information concerning their information systems security. In this regard, this study assumes that firms will be honest in their responses and will not hide past or present cyber attacks on their systems.

As aforementioned, cyberspace users increase every day, creating a corresponding increase in cyber-attacks. Cybercriminals are devising new and sophisticated cyber threats each day, making cyberspace dangerous to conduct business operations. These cyberattacks ravage organizations, leaving losses amounting to billions of dollars. Annual losses correlated to cybercrimes amount to $600 billion, a figure that represents 1% of the United States' Gross Domestic Product (Pal et al., 2020, p. 7360). The most common types of these cyber-attacks include malware, phishing, man-in-the-middle attacks, and a denial-of-service attack. Malware describes malicious programs and software, which include ransomware, worms, viruses, and spyware.

Malware attacks breach organizational networks through exploiting security vulnerabilities, often occurring when unsuspecting information system users click infected links or emails to install risky software. The installed risky software then installs malware of additional dangerous software. The most popular form of malware among cybercriminals is ransomware. Ransomware is classified into two categories, crypto Ransomware and locker ransomware. In crypto Ransomware, cyber attackers encrypt user's data, demanding ransom in exchange for a decryption key. Crypto Ransomware attacks do not encrypt the whole victim's hard disks; instead, the attack identifies vital file extensions vital to the user (Humayun et al., 2021, p. 106).

Some common Crypto-Ransomware attacks include PadCrypt, DirtyDecrypt, and TeslaCrypt (Humayun et al., 2021, p. 107). On the other hand, the Locker Ransomware attack completely locks its victim's machine, cutting off the user from accessing the target machine's computing resources. Consequently, the attackers demand ransom in bitcoins or other untraceable currencies to unlock the devices. The predicted damage cost arising from ransomware in 2021 is $210 billion (Humayun et al., 2021, p. 107). With these colossal amounts of financial losses, it is evident that organizations need to learn the various interventions that can be used to prevent and mitigate malware attacks. Malware attacks are prevented using antiviruses, keeping software updated, controlling access to security systems, and educating users on cybersecurity issues.

Phishing is a social engineering attack where cyber attackers are dupped into revealing sensitive information like credit card details or information systems login credentials. Additionally, attackers can trick victims into installing malware into their machines. Often the attackers send fraudulent communications such as emails. Unsuspecting users trust the communications, believing that the communication is from legitimate sources. In this regard, phishing attacks obtain information from victims through impersonation. Over the years, phishing attacks have been growing exponentially, showing a 65% increase to 1,220 523 cases in 2016 globally, compared to phishing attacks in 2015 (Chiew et al., 2018, p. 108).

Additionally, there has been an immense increase in phishing attacks over previous years, with Anti-Phishing Working Group reporting a 5,753% increase of monthly phishing attacks from 2004 to 2006 (Chiew et al., 2018, p. 108). From these statistics, phishing is a prevalent cyber-attack that has adverse effects on organizations and individuals. With organizations adopting technology, these attacks are expected to rise to millions, leaving organizations in irreversible losses. Hence, knowledge and expertise on the operation of phishing attacks are vital to the design and development of competent anti-phishing interventions.

A phishing attack entails three components: the phishing medium, the attack vector, and technical approaches. The phishing medium is the base method that cyber attackers use to deliver phishing attacks to the victims. The commonly used bases include Short Messaging Service, Internet, and voice. From the three bases, the ubiquity of the internet has created an opportunity for attackers to conduct phishing efficiently. On the other hand, phishing vectors refer to the platforms which enable phishing attacks to be launched. Such vectors include email, websites, social networks, and instant messages. On the technical component, there are various technical approaches that attackers use to conduct phishing attacks. Such methods include man-in-the-middle, search engine optimization, drive-by download, malvertising, spear phishing, social engineering, among others. Phishing attacks can be prevented using antiviruses, employing firewalls, verifying site security, keeping the browser updated, and updating users' knowledge of current phishing techniques.

These attacks occur when a third-party intruder inserts themselves in a two-party communication through eavesdropping. In this case, the attackers can listen to, interrupt, steal or alter traffic in transit (Bhushan et al., 2017, p. 2). The two most common entry points of intruders in man-in-the-middle attacks are unsecured public Wi-Fi and malware. In unsecured networks, the intruder can place themselves between the network and the user's device, with the victim passing information through the attacker without knowing. Besides that, when attackers bread victim's devices, they can install malware to tap and process the victim's data. Organizations prevent these attacks using mechanisms such as strong router login credentials, force HTTPS, and public-based key authentication mechanisms.

Denial-of-service Attacks

In this attack, attackers flood computer systems and network resources such as servers, exhausting the resources and bandwidth to deny legitimate users the information systems services. A denial-of-service attack is one of the most vital attacks in the modern cyber world. The attack's potent yet straightforward mechanism poses significant cyber threats to the global internet community. The number of distributed denial of service attacks has recently increased by 241%, an alarming figure for individuals and organizations (Howarth, 2021, p. 1). This trend of increasing DoS attack cases has been emphasized by Arbor Network, who reported in their 12th annual report that DoS attacks were highest in 2016 (Mahjabin et al., 2017, p. 2). In this year, the volume of DoS attacks rose to 800 Gigabits per second. Due to the prevalence of denial of service and distributed denial-of-service attacks, there is an urgent need to devise up-to-date interventions to address the dangers of denial-of-service attacks.

Literature Review

Cyberattacks pose enormous risks to organizations, affecting business operations, consumer trust and exposing business organizations to potential civil litigations. These impacts, in turn, lead to significant financial losses. As previously mentioned, annual cybersecurity losses amount to $600 billion, a figure which is equivalent to 1% of the United States GDP (Pal et al., 2020, p. 7360).

Cyber attacks expose organizations to substantial financial losses through avenues such as theft of money, theft of corporate data, and disruption of business. Attacks such as ransomware have been documented to cost organizations billions of dollars as they pay the needed ransom to access their decrypted data. For example, Medstar Health was a victim of a ransomware attack in 2016 where the attackers demanded a $19000 ransom to release stolen medical files. In response, the FBI forced the health institution to close down ten hospitals and 250 outpatient centers. In this regard, Medstar Health suffered significant cyber-attack losses due to loss of business (Trautman et al., 2018, p. 17).

Moreover, in the same year, Hollywood Presbyterian Medical Center paid attackers an approximated $17000 in the form of bitcoins, aiming to restore access to their encrypted files (Trautman et al., 2018, p. 17). Besides that, the NotPetya cyber-attack brought losses amounting to $10 billion, according to estimates from the US government. 33 Besides ransomware, cyberattack victims spend a considerable amount of resources repairing their affected information systems and computer networks. Therefore, cyber-attacks pose significant financial losses to organizations, consequently requiring effective measures to prevent and mitigate them.

Data breaches and other cyber attacks are correlated to brand image. Organizations fear disclosing cyberattacks on their information systems due to the potential impact of damaging their brand equity. Cyber-attacks often lead to loss of customer and partner's trust, translating to low sales and reduced profits. Yahoo Inc. is one of the companies whose mishandling of consumer data and lack of transparency in handling the data breach presented massive damage to its brand image. A day after Yahoo announced that hackers had compromised 1 billion user accounts, Yahoo lost $1.5 billion in its stock's market value, emphasizing the connection between cyberattacks and brand image (Whitler & Farris, 2017, p. 4). Additionally, the attack derailed Yahoo's merger with Verizon.

Data protection law mandates organizations to protect user's private information. In this regard, the organizations are expected to enact the necessary measures and ensure that users' confidential data is protected from unauthorized access, alterations, or modifications. Hence, if the private information is deliberately or accidentally compromised, organizations might face legal action such as fines or regulatory sanctions. Due to legal mandate, Target, a US retailer's security breach in 2013, cost the company $100 million in settlements to multiple US credit card companies and US banks who had suffered losses from the cyber attack (Whitler & Farris, 2017, p. 4). Therefore, cyber attacks adversely impact organizations when they are subjected to legal procedures.

Methodology

This study has been guided using the following research questions towards the formulation of the hypothesis. Firstly, does the effective management of security systems ensure the protection of organizations' information systems? Secondly, does early identification of potential cyber threats and risks on organizational information systems positively impact information security? Lastly, is the clarification of corporate security policies correlated with improved information security? These research questions consequently led to the formulation of this study's hypotheses which are; Effective management of an organization's security systems ensures protection of an organization's information systems. Early identification of an organization's potential information systems' cyber threats and risks positively affects information security. Lastly, clarification of organizational security policies is correlated with improved corporate information security. These hypotheses will guide the study to produce conclusive research.

This research is based on both quantitative and qualitative research methods. Qualitative research methods will enable the researchers to understand the diverse subjective beliefs and experiences in cybersecurity. Additionally, qualitative research methods shall grant researchers a deep understanding of various organizational information security cultures. On the other hand, the quantitative approach will assist in researching measuring variables and understanding their correlations. Hence, integrating both methods enables a researcher to have a complete picture of cybersecurity in organizations, strengthening this research's conclusions.

The independent variables in this study include threats, organizational cybersecurity policies, and risks. On the other hand, dependent variables in this research include operating systems, people, security of computers, communication systems, and other factors that ensure data security.

This research shall employ probability sampling, with the sample population being selected using a random technique. Moreover, the population sample in this research shall be 15 firms with ICT departments with over 100 employees.

Data collection in this research shall be undertaken using surveys. Due to the blending of qualitative and quantitative research approaches in this research, questionnaires and interviews shall be employed as the survey methods. Due to the COVID-19 pandemic, research questionnaires shall be distributed via mail and over the internet. Additionally, interviews shall be conducted online and via the phone. Out of the selected 50 companies, the researchers will visit 25 of these firms in person to collect data.

Data analysis shall be undertaken using both manual and computerized methods. Quantitative data shall be analyzed using descriptive statistics, focusing on distribution and measures of central tendency. On the other hand, qualitative data shall be analyzed using coding techniques to uncover key themes in the data.

The nature of the research topic is a significant constraint to attaining credible conclusions in this research. As aforementioned, organizations' brand image is correlated to their cybersecurity status. In this regard, obtaining truthful information from organizations about cyberattacks might be challenging as most organizations will be tempted to guard their reputation and conceal legitimate data. Hence, inadequate correct information might tamper with this research's credibility.

Conclusion

Information technology has revolutionized organizational business practices enabling firms to be more competitive and productive. However, the adoption of technology such as information systems has exposed corporates to significant risks such as malware, man-in-the-middle attacks, phishing, and denial of service attacks. These cyberthreats have produced adverse impacts to organizations, such as loss of revenue, damage to brand reputations, and exposed firms to legal consequences. Due to their adverse effects, organizations should devise various interventions to curb them.

Alani, M. M. (2021). Big data in cybersecurity: a survey of applications and future trends. Journal of Reliable Intelligent Environments, 1-30.

Chiew, K. L., Yong, K. S. C., & Tan, C. L. (2018). A survey of phishing attacks: Their types, vectors and technical approaches. Expert Systems with Applications, 106, 1-20.

Howarth, F. (2021). EU Cybersecurity Strategy for the Digital Decade.

Humayun, M., Jhanjhi, N. Z., Alsayat, A., & Ponnusamy, V. (2021). Internet of things and ransomware: Evolution, mitigation and prevention. Egyptian Informatics Journal, 22(1), 105-117.

Mahjabin, T., Xiao, Y., Sun, G., & Jiang, W. (2017). A survey of distributed denial-of-service attack, prevention, and mitigation techniques. International Journal of Distributed Sensor Networks, 13(12), 1550147717741463.

Pal, R., Huang, Z., Yin, X., Lototsky, S., De, S., Tarkoma, S., ... & Sastry, N. (2020). Aggregate cyber-risk management in the IoT age: Cautionary statistics for (re) insurers and likes. IEEE Internet of Things Journal, 8(9), 7360-7371.

Trautman, L. J., & Ormerod, P. C. (2018). Wannacry, ransomware, and the emerging threat to corporations. Tenn. L. Rev., 86, 503.

Whitler, K. A., & Farris, P. W. (2017). The impact of cyber attacks on brand image: Why proactive marketing expertise is needed for managing data breaches. Journal of Advertising Research, 57(1), 3-9.

Bar, J.G. (2021). Protecting Manufacturing Systems from Cyber Attacks. Faulkner Information

Services.

Bhushan, B., Sahoo, G., & Rai, A. K. (2017, September). Man-in-the-middle attack in wireless and computer networking—A review. In 2017 3rd International Conference on Advances in Computing, Communication & Automation (ICACCA)(Fall) (pp. 1-6). IEEE.