Emerging threats

profilesindhu16
HomeDepot.docx

Running Head: Emerging Threats 1

Emerging Threats 3

The Home Depot was a vulnerable spot for cyber-attack due to the several security controls that were not secure and fully functional. For a heist of that nature to occur over a period of time without being detected by the company or the employees shows the laxity in controls and there needs to be more scrutiny on the systems.

Administrative controls are controls that are concerned with the human aspect of the use of the security systems. Most of the time, human error or misuse of controls usually leads to loopholes that can be exploited. In this case, the management directives and policies on information security of the system was too lax and there were no regular checks on the system. This allowed the perpetrators to commit the crime for the extended period of three months. A system that deals with information and data needs to be constantly monitored and updated against vulnerabilities that may present itself.

Physical controls are related with the physical aspects of the system security. In this scenario, the vulnerability arose when the company utilized systems that were outdated that allowed for the installing of custom-made malware. This shows that the hackers were aware of the vulnerable outdated system and used specified attacks to be able to conduct their activities without being found out. As such, the company needs to update its system to more advanced machine that are more difficult to access and custom design malware.

The last form of security control, technical control, deals with the use of technology aspects within the system. Firewalls, Anti-virus software, and authentication protocols need to be implemented in order to provide verification security for the company and their customers. Being able to protect the information of their users through preventive measures ensures that they are able to save a lot of financial expenditure that may come after the attacks. This aspect plays the most crucial role and it requires expertise and knowhow with the vulnerabilities and stronghold of such systems.

References

Olzak T., (2013), Insider threats: Implementing the right controls

Accessed at: https://www.techrepublic.com/blog/it-security/insider-threats-implementing-the-right-controls/