Discuss about the Business Research for Protecting National Infrastructure.
Internet in the modern days has become one of the most essential elements of our day to day life. This has not only benefited the individuals but has also made work process easier for the organisations. Almost each and every industry has adopted the facilities of cyber world so as to conduct their operations. Connecting with such a large network there are many challenges faced by the organisations. All these challenges had negative effect on the operations of the companies. With the development of smart devices the popularity of the cyber connected business has enhanced. Cybercrime has been noticed in the many fields which are posing greater threats to the business. Companies are trying hard to safeguard their businesses from such crimes. This is declined towards the challenges that are faced by the business in the cyber security.
The prime objective of this work is to conduct a literature review on various challenges that is faced by the business because of the increasing cyber security threats. This research will address the cyber-attacks and the mediums that have been chosen for such attacks. Its secondary objective includes recommendations about safeguarding from challenges that are faced by the firms.
This research will evaluate the impact of online web services and internet facilities on the working of the firm. It also helps in acknowledging the functionality changes in order to analyse their vulnerability linked with cyber threats. This research will give focus towards various threats related to cyber security. Many professional advice and theories is showcased in this research.
According to Choo, (2011) Internet has penetrated deep into the lives of the people. This has forced the firms to make their business online. The dependence of firms on the online business for their growth has increased at much faster speed. Several smaller and bigger firms are present all around the world which runs their business totally on online mediums for doing business. This is probably because a larger number of target sections are present on these sites. Internet has empowered the firms to reach to larger section of the society with minimum efforts. Cyber business has become extremely crucial for the smaller firms which are facing huge competition from the larger firms. Dunn Cavelty, (2013) has a point of view that internet facilitated business to make a long term relationship with the clients by continuously connecting with them. It has benefited the firm as they can make stronger connect with the clients by continuously taking feedbacks from them. Such a large network brings many challenges with it.
Katal, Wazid and Goudar, (2013) believes that the cases of cyber-attacks have increased in past few years. This increase in the frequency has proved as a major challenge for the global firms. This has not only affected the businesses of the firm but has also impacted on the lives of the stakeholders. This is due to the reason that there are many people who have the targeted through the cyber-attacks. It is due to the reason that many kind of private data that are highly sensitive are stored on the cyber mediums. All these data gets highly vulnerable to the cyber-attacks. Because of the poor security measures used by the firms, they are highly easily targeted in the cyber-attacks. It is seen that individuals who have the poor knowledge about the cyber security are often gets attacked by the hackers.
In the views of Parmar, (2017) hackers try to find loop holes in any network. They utilise these loop holes for attack. A hacker generally does this for their personal benefit or to make some heavy loses to others. With the number of devices increasing in the internet mediums, the probability of attack has increased. Among the large numbers of reasons because of which cyber-attacks happens, the poor infrastructure of the network is the biggest one.
On the contrary Reddy and Reddy, (2014) believes that there are larger numbers of platforms using which attacks on systems are taking place. With the expansion of mobile technology in every hand, cyber-attacks through mobile internet have increased at much faster speed. Many businesses today have adopted mobile mediums for their operations. This can be easily seen in the case of banking sector. The most common attacks in the past decade have been in the mobile banking solutions (Jing, et al., 2014). For example the App related business has faced many kinds of Cyber-attacks. These Apps are the major sources of data leaks and most of them are carried out the company itself. In the mobile business solutions, phishing has been one of the most common forms of attack. This is a serious threat to both business and the individuals that are attached with it. Since the number of mobile phone users are increasing at much faster rate. This has become one of the biggest challenges for the companies. On the contrary Sadeghi, Wachsmann and Waidner, (2015) suggests that mobile transaction shave become the common area on which attacks have been conducted. The services like Pay Pal have further increased the threat. Financial data present with the online mediums if gets leaked into the hands of unauthorised individuals can lead to huge monetary loses. Hackers usually attacks at the targets which has so many faults.
In the views of Zhu, Joseph and Sastry, (2011) online ways of doing business are most prone to cyber-attacks. Most of the frauds done by hackers are through the online mediums. Many types of operations apart from transactions are performed through these sites are at the treats of such attacks. In the case of JP Morgan the attack was only done to steal the crucial information associated with 83 million consumers. Apart from this the attack on the Tesco Bank was done by the hackers for stealing approximately 2 million dollars from their clients’ accounts. In both the cases it was seen that major reason for these attacks is due to poor security measures adopted by them. The poor infrastructure of the network acts as a major reason for the conduction of such attacks. In order to save money companies usually do not spend on Cyber-attacks. Firms needs to spend a lot on the filling the loop holes as hackers easily break down the whole network capitalising on these loop holes. A research suggested that 19 out of the 20 banks present in U.S. have adopted “C” grade security measures. Companies usually neglect the advanced security infrastructure because of higher maintenance and infrastructure adoption cost.
On the other hand Shackelford, (2014) believes that the major sources of attacks are through social media. The major form of attack that is done on social media sites is of stealing the private data. With approximately 3 billion social media users, it proves to a wonderful place where company can market its products. Advertisements are posted on such sites as well as the feedbacks can be easily taken through this medium. Since these sites have minimum security standards hence attacks usually take place at these sites. Data theft has been major form of attack. It has also been highlighted that Facebook Inc. has itself made many data theft.
Rid and Buchanan, (2015) has a point of view that these attacks are common because of the lack of digital literacy in the common masses. Individuals make the companies prone to attacks due to their faults. They usually do not follow the ways in which the attacks can possibly be avoided. Few years back the attack on the Apple Inc. has resulted in stealing of data related to the celebrities. Its result was seen as posting of 500 personal photos of celebrity on the internet mediums. Since data has become the most valuable tool of modern day business hence safeguarding it is a major challenge for the company.
Musman, et al., (2011) suggests that Distributed Denial of Service (DDoS) on servers have increased the traffic of servers which limits them from performing several task. Hackers attack on the node or systems that are most vulnerable and through it they get control of the whole networks and elements present in it. Many a time attacks gets possible due to excessive traffic load on the network. This is possible because access load results in a node failure in the network, this situation is capitalised by the hackers to have control on the network. Use of the tools like mails, Spams, advertisements and form of viruses are used for increasing the traffic load. Most common DDoS example was the attack on BBC, Five Russian bank, Rio Olympics, DYN, Presidential election of America in which Donald Trump’s campaign was attacked.
On the contrary Amoroso, (2012) suggest that the technology developments like IOT has empowered the growth of cyber focused business. But the IOT has brought many kinds of challenges for the cyber security of the firm. In the research done by McAfee, it was suggested that by start of 2020 there will be around 1.8 billion devices gets connected to internet. IOT is smarter connection of devices where they can easily share information easily hence it is considered as the future of the modern day business. Since the number of nodes connected with IOT is in very high quantity hence the probability of attacks has enhanced. Due to availability of huge amount of sensors, there is a huge chance that the devices can get hacked. With the control over these sensors one can access the environment of that place which can give them indirect control over the operations of the firm. Since all the devices are interlinked with each other hence the challenge for the firms gets bigger.
Apart from this Gandhi, et al., (2011) suggests that smartphone Malware has proved out to be one of the greatest challenge for the business. As smart phones have huge amount of personal data hence if it gets hacked then it might lead to huge losses to the individuals. These data can be used for the personal vendetta. Malwares of mobile like ‘Plankton’ can steal the data. Apart from this mobile malware of similar affect is ‘DroneKungFu’.
Gonsalves, et al., (2011) stated that Hacktivism is the biggest challenge to business’s cyber security. Attacks have increased in past few decade, the number of hackers who have emerged is in large number. They have the motive to collect data for their personal Vendetta. It results in failure of business for the firms especially in terms of financial disability. For example an unidentified hacking organisation attacks on Sony Corporation because of their PlayStation Lawsuit. The same was the case with Bank of America so as to expose the illegal work that the bank was conducting. Another example was Panama paper leak where tax evasion scandal’s information associated with bigger personalities got out.
Watkins, (2014) considers Ransomware as another kind of Malware that attacks systems within the organisation and does not let the have control over their own data. They also start having control over the business operations. This is extremely bad for the image of the firm. For giving back the access hackers demand of Ransom in some or the other monetary ways. Some examples of Ransomware are Cryptolocker, Locky, WannaCry. FedEx and Nissan motors have faced this attack in the past. This is very dangerous as it is not sure that hackers will give back the control over the system hence this is a serious problem for the firms. Usually the ransom amount is very large and can cost the firm heavy lose.
Spyridopoulos, et al., (2013) suggest that the greater challenge to cyber-security lies from within. Insider threats were the reason for around 60% of the cyber-attacks which took place in the year 2016. Employees intentionally or unintentionally had given access to hackers which result in some kind of data breach. Edward Snowden and Jun Xie are the examples of such threats.
In the views of Sood and Enbody, (2013) many changes needs to be done in order to ensure that number of attacks get reduced. Data Encryption can be one of the most effective methods for safeguarding data. In the connected networks like IOT, this is a highly effective method. This allows the data to get transferred and received between two distinctive points without getting hacked. It improves usability of device as additional security layer is attached with it. Firms neglect this method as additional time is required for data processing.
Taylor, Fritsch and Liederbach, (2014) believes in the idea that physical safeguarding of servers and systems is essential for ensuring secured data within organisation. Use of security cameras, locks working on biometrics can help in protection against insider threats. Manual checking of employees helps in safeguarding against leakage of data with the use of removable devices.
Khorshed, Ali and Wasimi, (2011) believes that a company should not resist them from investing into security software as it helps in protection against the threats. An extra budget should be utilised for upgrading technology which would help in increasing security against cyber-attacks. Utilisation of antivirus, security software and firewalls can reduce the potential risk. Regular research needs to be done on upgrading technology so as to safeguard data against any potential threats. This is required because the challenges are getting more complex in terms of cyber-security. It will reduce the chances of any kind of reputational failures to organisation.
In the views of Jajodia, et al., (2011) taking use of authentication tools like OTP or password protected systems can be beneficial in the case of attacks like phishing. Taking use of strong passwords is highly beneficial. It is necessary for the business organisations to regularly upgrade their passwords so as to make sure that it gets safeguarded in a proper manner. Credible data loss can be avoided by adopting this method. Apart from this firm can establish a culture where the security and data privacy has been given greater importance. A cyber security training having a formal structure needs to be provided so that data leaks because of human errors can be avoided. A check and balance measures should be adopted where employees fault can be corrected by some other employees. This culture will helps in ensuring that unintentional fault may not occur in an organisation.
Conclusion
A conclusion can be derived from above research it can be suggested that the use of internet mediums and computers for doing business have enhanced. It has helped the company in many ways but with this it has also resulted in many types of threats like data theft, hacking of sites etc. All these can result in huge loses. Use of the technologies like IOT, Mobile banking have enhanced the problems related with cyber security. There are various forms of cyber threats like DDoS, Hacktivism, IOT, ransomware, mobile malware etc. There are several examples in the past Sony, DYN, FedEx, BBC, Bank of America and several others. A company has to make sure that they have effective protection measures that could help in facing the cyber-security challenges posed by the hackers. With the increasing number of hackers in the world security concern have sharply risen. Effective security infrastructure, enhancing budget for security measures as well as password protection systems can be highly beneficial. Data encryption can also be one of the best ways in which attacks can be avoided. Organisational culture where data privacy has been higher importance needs to be installed.
References
Amoroso, E.G., (2012) Cyber attacks: protecting national infrastructure. Elsevier.
Choo, K.K.R., (2011) The cyber threat landscape: Challenges and future research directions. Computers & Security, 30(8), pp.719-731.
Dunn Cavelty, M., (2013) From cyber-bombs to political fallout: Threat representations with an impact in the cyber-security discourse. International Studies Review, 15(1), pp.105-122.
Gandhi, R., Sharma, A., Mahoney, W., Sousan, W., Zhu, Q. and Laplante, P., (2011) Dimensions of cyber-attacks: Cultural, social, economic, and political. IEEE Technology and Society Magazine, 30(1), pp.28-38.
Gonsalves, P.G., Call, C.D., Ho, S. and Lapsley, D., Charles River Analytics Inc, (2011) Security system for and method of detecting and responding to cyber attacks on large network systems. U.S. Patent 7,930,256.
Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C. and Wang, X.S. eds., (2011) Moving target defense: creating asymmetric uncertainty for cyber threats (Vol. 54). Springer Science & Business Media.
Jing, Q., Vasilakos, A.V., Wan, J., Lu, J. and Qiu, D., (2014) Security of the Internet of Things: perspectives and challenges. Wireless Networks, 20(8), pp.2481-2501.
Katal, A., Wazid, M. and Goudar, R.H., (2013) August. Big data: issues, challenges, tools and good practices. In Contemporary Computing (IC3), 2013 Sixth International Conference on (pp. 404-409). IEEE.
Khorshed, M.T., Ali, A.S. and Wasimi, S.A., (2011) December. Trust issues that create threats for cyber attacks in cloud computing. In Parallel and Distributed Systems (ICPADS), 2011 IEEE 17th International Conference on (pp. 900-905). IEEE.
Musman, S., Tanner, M., Temin, A., Elsaesser, E. and Loren, L., (2011) April. Computing the impact of cyber attacks on complex missions. In Systems Conference (SysCon), 2011 IEEE International (pp. 46-51). IEEE.
Parmar, H., (2017) The top 10 cyber security challenges for businesses. [Online]. Available at: https://www.barclaysimpson.com/industrynews/the-top-10-cyber-security-challenges-for-businesses-801833525. [Accessed on: 28rd April 2018].
Reddy, G.N. and Reddy, G.J., (2014) A Study of Cyber Security Challenges and its emerging trends on latest technologies. arXiv preprint arXiv:1402.1842.
Rid, T. and Buchanan, B., (2015) Attributing cyber attacks. Journal of Strategic Studies, 38(1-2), pp.4-37.
Sadeghi, A.R., Wachsmann, C. and Waidner, M., (2015) June. Security and privacy challenges in industrial internet of things. In Proceedings of the 52nd annual design automation conference (p. 54). ACM.
Shackelford, S.J., (2014) Managing cyber attacks in international law, business, and relations: In search of cyber peace. Cambridge University Press.
Sood, A.K. and Enbody, R.J., (2013) Targeted cyberattacks: a superset of advanced persistent threats. IEEE security & privacy, 11(1), pp.54-61.
Spyridopoulos, T., Karanikas, G., Tryfonas, T. and Oikonomou, G., (2013) A game theoretic defence framework against DoS/DDoS cyber attacks. Computers & Security, 38, pp.39-50.
Taylor, R.W., Fritsch, E.J. and Liederbach, J., (2014) Digital crime and digital terrorism. Prentice Hall Press.
Watkins, B., (2014) The impact of cyber attacks on the private sector. Briefing Paper, Association for International Affair, p.12.
Zhu, B., Joseph, A. and Sastry, S., (2011) October. A taxonomy of cyber attacks on SCADA systems. In Internet of things (iThings/CPSCom), 2011 international conference on and 4th international conference on cyber, physical and social computing (pp. 380-388). IEEE.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download