The Dominance of Digital Devices

Discuss about the Challenges in Cyber Security for Business.

The modern times are characterized by the presence of computers and other digital devices. All around us we see the digital devices that have engulfed us. No office, no house or no vehicle can be spotted that does not make use of the technology. It has made our life very easy, and something that would take months and weeks are solved in matter of hours with help of these digital devices. One can hardly imagine an activity that would not involve the computer and other digital equipment being used in them. Their usage is further more visible in the organizational structures, both on managerial front, educational and governmental level.

Having explained its dominance and presence all over in our surrounding, at the same time, it must be said that computing world which is an online world is a fragile one and is extremely vulnerable to the external threats and challenges. These threats come in form of security concerns. While it is an outer world where there is no restriction on any one who may want to join the network of World Wide Web, it becomes imperative to create a security factor consideration which would enable safe operations. Since all kinds of activities are being performed over the computer and internet, ranging from private data exchange to financial records, governmental records, other documents of national security, central data bases and various other elements, in such cases it becomes important to establish a mechanism that would ensure safer operations on the internet.

Internet is being termed as one of the least equipped and least reliable source of communication when it comes to privacy and security. This has been proven in cases and forms of all kinds of breaches in different parts of the world from time to time. No bank, no individual, no organization, no website is safe from the attack of these insurgents who pose threat to the common flow of traffic across the board (Al, Pujolle, & Ali, 2015).

Cyber world is just like the society of human being. While over 3 billion people from across the world are on board on the digital interface, it does require patrolling and controlling of the entire traffic. Just like the society would need law and order, police control and patrol, in the same way a medium that has over 3 billion users would require a scheme which would ensure safe usage of internet and computers. With all kinds of operations subject to the usage of online resources, it is highly imperative to create a zone that is shielded with secure browsing of computers and the world of internet.

The Fragility of Cyber World

The scope of cyber security is a very large one and it finds its application in any place where there is computer and internet in function. It would find its usage in home applications, official applications, educational institutes, governmental, even in the aero planes where most of the transmission is done over computer and digital means, require safe coding methods. Anything that is on the board of online interface is included in the scope of cyber security since it requires protection in one way or other.  Even the domestic users of computer who may use it for ordinary online operations, require security and safety since any kind of malware or bug can penetrate into their computer and cause the desired damaged.

Understanding what the cyber security concept means, what challenges are faced by it, what are the agents and elements that contribute towards it and finally, the remedial actions that can be suggested towards counteracting and mitigating the impact of overall cyber security threats. In other words cyber security pertains to all the elements both that work in its favor and those that work against it. It is the overall study of the scenario with aim to bring about the most and best out of the situation.

McAfee that has been in the business of cyber security and cyber protection for a long while, took an initiative and conducted a thorough study on a massive scale to understand the overall scenario of cyber security, the possible threats, the factors that contribute towards the cyber security, the factors that act against it and those reasons due to which the cyber security remains a constant loophole and menace on all levels which ranges from individual level to massive level on organizational front as well as international level (Andress & Winterfeld, 2014).

The study took into account number of factors, and it was an extensive research in this field which involved questionnaires, surveys and interviews from various stakeholders in the field of computing. The studies aimed at addressing the core issues and problems that are faced in the field of cyber security and computing (Grauman, Security & Defence Agenda, & McAfee, 2012).

The study took into account the opinions and observations of over 200 renown companies and big wigs from the field of computing and technology and sought their opinion about the overall standing and position and their understanding of the concept of the cyber vulnerabilities and threats that are faced in different segments (“Cyber Security Evolution,” 2012).

The Scope of Cyber Security

Although Lars Nicander explains this in the view point of governmental and nationwide security that suffers from threats in form of cyber war fare.

The speed with which the attacks are being carried out has risen by extremely higher proportions in recent years compared to the yester years. H.P (Hewlett Packard) a pioneer in the field of digital devices and computers that has long affiliation with these devices conducted a survey in 2011 to find out the reasons and the possible impacts of the security vulnerabilities. According to the report the recent times have seen more attacks directed towards the organizations and computer enterprises of large scale. These include the service providers like Google Inc., Microsoft’s Msn, Sony, H.P’s own website and many other interfaces. The report findings state that new means of attacks have been launched in recent times which are totally new in their nature and type and have taken the users of computer both on individual level and on organizational level by total surprise (“Cyber Security Objectives,” 2012).

H.P report focuses on the basic point and that is of understanding the impact, the possible repercussions that are attached to the attack and the real motives that may be based on the attack on a certain area. Knowing the potential target areas, the objectives behind it, knowing which areas could cost the respective organization more are few of the factors that need to be taken into account in order to devise a better strategy towards cyber security enhancement (Ulsch, 2014).

H.P has adopted a special software and data base for this purpose in the name of Open Source Vulnerability Database (O.S.V.D), which takes into account various factors related to the cyber security, the trends, the target areas and many other areas and based on it, it helps creating reports that further enable creating strategies towards reducing any threats that may exist in the computer world of communications. OSVD generated a ten year report based on the target zones and the areas that have been brought into attention by the hackers (Grauman, Security & Defence Agenda, & McAfee, 2012).

The report tries to investigate and unearth the methods that are adopted towards security infiltration and the report states that new methods have been adopted which are a total surprise to the members of the field. It’s just like saying that the thieves have adopted new methods of robbing the property and valuables.

Initiative by McAfee

H.P in its report for the year 2011 expresses deep concern over the growing rate of threats in various forms yet it recommends the remedial actions towards it in form of prioritizing the level of work along with the functions and content those need more security relative to the other elements and functions which may require relatively less security.

The overall report aims to find out the inclination of the hackers and other spammers as to in what way do they target the sites and sources. Based on the findings it is being underscored that areas of financial importance are high value targets. These include the banking sectors as well as the governmental organizations which serve the common citizens.

The threats may not be only in form of external links and threats, rather they can be from within and it has been seen many a time that the insiders cause more damage to the organization than would outsiders (Shoemaker & Conklin, 2012). One similar instance was seen in case of soft drinks giants Coca Cola, where an internal member was convicted and caught in the process of sharing the company’s secret information to the rivals in the market. This could have been avoided if safe and protective measures were being adopted in the organization which would not allow any individual unchecked access to all the documents and all the segments of organization which can be of any strategic importance or could be used against the company in any circumstances. This can be ensure in form of multiple protective layers within the organization (Harkins, 2013).

There is a survey that was undertaken in 2009 by Verizon. The main point of the entire point is concluded against a single point and that states that over 80 percent of the online mishaps that took place in one form or another could have been avoided provided there was an infrastructure available, or people were a little more aware about their roles, responsibilities in case of fulfilling their duties towards making the network a safe medium to use for all kinds of purposes and usages. The report further emphasizes that any kind of threat or weakness must not be taken lightly and it is these threats that lead up to failures in longer run (Harley & David, 2011).

Verizon further looks into the possible reasons that contribute to them miss happenings and why this menace persists to remain in the surrounding despite the realization of how dangerous it is. Verizon conducted survey across hundred countries and tried to find out how they go about their online operations, how much consideration do they give to the challenges and threats that are present in the networks and many other factors which would enable creating a system that is better suited to the needs of governments and military organizations.

Cyber Security Threats and Vulnerabilities

The report states that the kind of network that is in place also defines the kind of vulnerability it may be faced with (Santanam, Sethumadhavan, & Virendra, 2011). For example a commercial network may not be in direct jurisdiction of the government agencies, rather the private service providers or international organizations that bring about investment in the respective countries, only they can handle this in time and enable saving much more loss that may be incurred afterwards once the attacks have taken place. The possible solutions presented by this extensive report also include the consideration of the guidance and training that may be provided to the users of internet in these organizations which would enable them performing in a better way towards improved existence of the cyber world functions. Providing the users with sufficient technical knowledge, adapting them to the everyday changes in form of the hardware and software can make things relatively easier with regard to the cyber security (Howard & Prince, 2011).

Having highlighted the areas of weakness, counter measures can be proposed as well. This can be done in one of the following approaches and methods. Addressing the core issue: realization of the need of cyber security:

It is normally being said that a problem identified is problem half resolved. This rule aptly applies to the field of cyber security as well and the pertinent threats that are being faced by users in one form or other (Samuels & Rohsenow, 2015). The realization of the fact as to what can go wrong, how dangerous the concept of lack of cyber security is, what possible harms can it inflict over the individuals and organizations, all these would enable understanding the problem at hand in a better way and subsequently prevention and overcoming  any vulnerability that may exist in the system. Once that is identified, various measures are possible to be taken, while some may be as preventive ones, others corrective and the rest can be possibly that of entire overhauling of system or network (In Cleary & In Felici, 2014).

Just like a physical society may face threats in different forms, the cyber world is no exception and it is faced with challenges and obstacles in various forms. These come in form of cyber security concerns. They may show up in form of:

1. Banking frauds,
2. Access to the private data of people,

• Forgery of accounts and data that has long been saved,

1. Violating of privacy of different kinds,
2. Intellectual property infringement,
3. Credit card frauds,

• Other kinds of embezzlements,
• Identity stealing (Conklin et.al),

Threat to the common people in form of unknown ids and unknown location usage and various others which may include harassing over the digital medium and possible victimization. All these may be conducted in different methods and there is no uniform method to the implementation of the hacking operations, it is like gout which may show up from any corner that is least expected.  Their impact is highly severe and one is lucky if it does not cause the entire operating system to stop working (In Vacca, 2014).

Recommendations and Reports

Identity stealing is the phenomena in which a particular I.P may pretend to be one which it is actually not. It may impersonate to be the local I.P address or one that is established in the network and has ease of access to the data inside the network (Reveron, 2012). Once the access is gained into the network, various forms of actions can be performed by this particular I.P ranging from entire blocking of the network to breaching of private data and jamming of certain segments of the network.

Having identified various possible forms of attacks, types of vulnerabilities and the possible targets, this part of the paper addresses the various techniques and approaches which may be adopted towards the mitigation of cyber threats (Probst, 2010). These remedies come in an array of options with each having its own special functioning and each complimenting other towards the best yield in form of safer internet operations.

Number of techniques can be used with regard to cyber security. These techniques range from very basic ones to the very technical ones. While the basic ones may require the ordinary users to implement them, the technical ones are related to the experts in the field who may adopt and implement these techniques in the systems to make them less vulnerable to the threats (Institute of Medicine (U.S.), 2014). The basic techniques can be more of recommendation against such open world of internet which involves safe usage of computers, not leaving any important data on the hard drives upon, not allowing any privileged access to any client who may not be known. On technical front the techniques include the following:

1. Encryption
2. Authentication process:

• Ciphering and deciphering at either end of sending data

1. Anti-viruses
2. Firewalls
3. Digital signatures usage

• Frequent change of passwords
• Usage of cyber security software

1. Not allowing access to non-authentic users

This is one of the methods which can make hacking relatively difficult. This can be done by preparing software with due consideration of the hacking menace. This can be achieved by creating code and writing the software programs in languages that are more secure and less prone to any hackers’ access and target. The lower the chances of breaking through the software code, the lower the changes of hackers getting into the system and hence higher the chances of sustainable actions by the computers and computer users (IT Governance Publishing, 2013).

Firewalls are special devices and software that enable security to the network. Firewalls are usually effective and implemented in situations of servers and giant networks that may include multiple routers, switches and hubs. Firewalls as the name implies ensures protection of data and traffic and make sure that no unauthorized element infiltrates in to the network. Firewalls are often installed at back end (Privacy Commissioner of Canada, 2015). Even in the domestic computers firewalls come in along with the windows and operating system packages and they make sure that no unauthorized element may damage the system in any way.

The Role of Insiders

Making use of the particular protocols that are reliable and dedicated towards the purpose of network safety must be used within the network. Their usage in remote networks and proxy servers can help to a greater extend and make the networks more reliable. Protocols enable dictating and choosing particular nodes, transmission paths, and servers along with I.ps for traffic and network functioning (Kizza, 2013). Protocols also enable identifying the rightful I.Ps and access points, at the same time it separates the nodes which may pose any kind of threat to the network in one way or other.

Public awareness is one of the largest and possibly easiest ways towards ensuring cyber security. This is a non-technical aspect unlike protocol creation, yet it is one of the most important factor, and the realization and awareness can help creating ideas and policies towards better working in the cyber field and cyber security domain. Creating the awareness and concept of what is right, what is wrong, what should be done online, what must be refrained form, which connections must be trusted and which must not be trusted (“One Government’s Approach to Cyber Security Policy,” 2012). What could be the possible impacts of using and accessing unauthorized and less secure networks and website interfaces, all these can make a larger difference. The awareness may be created amongst the users and members of organizations as well. Especially the users of and employees of banking sector, government organizations and military and defense organizations (Li & Clark, 2015). Providing them with proper training, creating awareness amongst them as to what may be trusted and what be kept away from can make the world of internet and computer operations far more easy and better to work in. finally the individual users at home must be given the directions never to give away their credit cards or other private information such as social security number or bank accounts to unknown and unauthorized people (Kizza, 2017). Finally clicking on ads at random is also a threat and hazard that is constantly persistent over the internet medium which can be a direct form of threat.

MacAfee International, which conducted an extensive research in this field also proposed number of recommendations, with aim to provide guidelines to the users of computer, both on individual level and organizational level. These recommendations were in form of multiple points policies each directed towards the resolution of glitches that are present in the present world of communication and technologies (Linta & Khan, 2012).

Verizon Survey on Cyber Security

In order to provide protection to computers on permanent basis, a resolution must be sought and suggested to stop the ever expanding chain of the race between the viruses and anti-viruses.

Conclusion

The common saying of “a stitch in time saves nice” aptly applies to the field of cyber security. This can be done so in multiple ways, the first being creating sense of awareness, second about safe practices, third technical knowledge and increasing research in this field for further advancements and finally making long term policies that are designed towards safer operations of computers. Billions of dollars are being lost, and not just the monitory factor, rather other valuable information is being breached through weak mechanism of cyber security, this all can be overcome through vigorously keen interest based policies crafting by the stakeholders on international level as well as local level in different parts of the world to make the world of world wide web a better and more reliable one.

Internet operations are termed as once those are without borders, without walls and without fences, everyone can barge into the network and can cause any damage what so ever. However this damage can be controlled and checked if proper measures are adopted and implemented in form of network security. Network security comes in various forms, such as hardware implementation, software installation and many other factors relevant.

References

Al, A. K., Pujolle, G., & Ali, Y. T. (2015). Mobile and Wireless Networks. Somerset: Wiley.

Andress, J., & Winterfeld, S. (2014). Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners.

Cyber Security Evolution. (2012). Cyber Security Policy Guidebook, 15-38. doi:10.1002/9781118241530.ch2

Cyber Security Objectives. (2012). Cyber Security Policy Guidebook, 39-67. doi:10.1002/9781118241530.ch3

Grauman, B., Security & Defence Agenda, & McAfee. (2012). Cyber-security: The vexed question of global rules : An independent report on cyber-preparedness around the world. Brussels: Security & Defence Agenda.

Harkins, M. (2013). Managing risk and information security: Protect to enable. New York: Apress.

Harley, & David. (2011). AVIEN Malware Defense Guide for the Enterprise. Syngress.

Howard, D., & Prince, K. (2011). Security 2020: Reduce security risks this decade. Indianapolis, IN: Wiley Pub.

In Cleary, F., & In Felici, M. (2014). Cyber Security and Privacy: Third Cyber Security and Privacy EU Forum, CSP Forum 2014, Athens, Greece, May 21-22, 2014, Revised Selected Papers. Cham: Springer International Publishing.

In Vacca, J. R. (2014). Cyber security and IT infrastructure protection.

Institute of Medicine (U.S.). (2014). Advancing workforce health at the Department of Homeland Security: Protecting those who protect us.

IT Governance Publishing. (2013). Cyber Security. Ely, Cambridgeshire: It Governance Publishing.

Kizza, J. M. (2013). Guide to computer network security. London: Springer.

Kizza, J. M. (2017). Guide to computer network security.

Linta, S. R., & Khan, M. R. (2012). Today’s Impact on Communication System by IP Spoofing and Its Detection and Prevention. Mu?nchen: GRIN Verlag GmbH.

Li, Q., & Clark, G. (2015). Security intelligence: A practitioner’s guide to solving enterprise security challenges.

One Government’s Approach to Cyber Security Policy. (2012). Cyber Security Policy Guidebook, 211-237. doi:10.1002/9781118241530.ch7

Privacy Commissioner of Canada. (2015). Privacy and cyber security: Emphasizing privacy protection in cyber security activities.

Probst, C. W. (2010). Insider threats in cyber security. New York: Springer.

Reveron, D. S. (2012). Cyber challenges and national security: Threats, opportunities, and power in a virtual world. Washington, DC: Georgetown University Press.

Samuels, D., & Rohsenow, T. (2015). Cyber security. New York: Arcler Press.

Santanam, R., Sethumadhavan, M., & Virendra, M. (2011). Cyber security, cyber crime and cyber forensics: Applications and perspectives. Hershey, PA: Information Science Reference.

Shoemaker, D., & Conklin, W. A. (2012). Cybersecurity: The essential body of knowledge. Boston, MA: Course Technology Cengage Learning.

Ulsch, N. M. (2014). Cyber threat!: How to manage the growing risk of cyber attacks