Importance Of Security Awareness Training For Modern Infotech Employees

December 28, 2023/

Uncategorized

The Need for Security Awareness Training in Modern Infotech

Security awareness training is the training for raising awareness among the employs, management as well as among the stakeholders of the organization to identify various threats related to the business and help them to take appropriate action against the security threats. Security awareness training in today’s digital age is essential for every organization to deal with security issues (Shaw et al.).

The modern InfoTech, one of the leading startup company in the information sector, needs proper security training for the employees as well as the authorities of the organization as deals with customer data which needs to be secured (McCrohan, Kathryn Engel and James W. Harvey). Along with that, the database of the company stores important information about the organization, transactional data and other important data as well. In order to ensure that the employees and the stakeholders deal with this data efficiently it is important to have the proper security guidelines as well as security awareness program to ensure proper data security.

The policy has been developed to ensure that it not only meets the organizational need for data security but strengthen it as well. The policy statements are the following:

Formal participation as well as security awareness program review by all the full time and part time faculty and staff
Report on security issues to respective departments in a timely manner with proper documentation
Newly hired faculty and staff will also be provided with the training, and that will be completed within 10 days
Newly hired faculty and staff will not be entertained to resign from the organization once training is availed. If so the training cost has to be paid by the individual
The training is available in both online and offline mode
No training material including the audio, video, the document is allowed to download and distribute with the permission of the organization
Employees need to provide feedback after the training to assess the program better and identify opportunities to improve the quality of the program

The policy if implemented will bring the following improvement:

Increased awareness among the employees
Proper and effective reporting and documentation of security threats
Reduction in security issues due to lack of knowledge among the employees

The training program will not require huge investment, and the policy has been developed with reference to that. However, it will help the company to save millions which the company might need to be addressed if security breaches occur due to lack of employee knowledge about the cybersecurity issues.

The training will help the employee of modern InfoTech to identify security issues and techniques to avoid that which will help them to work efficiently and increase the production.

Motivations of cybercriminals

There are several motivations for the cybercriminal to perform cybercrime such as (Hayden):

Money
Popularity
Entertainment
Status

Although the money is the major motivation for the cybercriminals, it is not the only one. The other factors also serve as motivations for the cybercriminals as well.

The money associated with the cybercrimes is worth millions, however depending on the size and strength of the organizations (Anderson et al.). This might be higher or lower but what is important here is that whenever organizational data is breached, the organization in most of the cases is asked to pay a huge amount to get back the data which brings additional cost well. The smaller companies can even go bankrupt due to one data breach (Weber). Hence appropriate knowledge about the issue is not only important but essential as well.

Policy Statements to Ensure Data Security

Industrial espionage/trade secrets

It is identified as the theft of business trade secret by the competitive companies for the competitive advantage (Carlos Roca, Juan José García and Juan José de la Vega). According to the Economic Espionage Act, this is not only illegal, it is not ethically permissible and considered a criminal offense as well.

The Hacktivism is considered important and popular internet activism (Ratnasingam). The hackers with the rebellious attitude deploy the computer and computer network aims to promote some social change or some financed political agenda

When a nation through cybercrimes tries to bring damage to another nation, it is termed as cyberwar (Jordan and Paul Taylor). In this age of technology, cyberwar is becoming more popular than the traditional war. It might also be regarded as the virtual war between two nations.

When hackers have a more notorious purpose to hack officials or government agencies, the motivation for the crime is much higher than just the financial gain. Sometimes hackers also demand full control over the entire organization or the government through the exploitation of the cybersecurity framework (Armstrong, Helen L. and Patrick J. Forde). It is termed as the “bragging rights” in the cybercrime context.

According to the Ponemon Institute data breach report in 2018, the average cost of the data breach has increased in the past few years. However, according to the report, the Costs of cleaning up after a breach will still depend on the nature of the crime (“Ponemon.org”). The report has been prepared with the responses of the responses of 2,182 interviews from 254 companies in seven countries—Australia, France, Germany, Italy, Japan, United Kingdom and the United States.

According to the report, in the case of the organized crime, the average cost ranges from $65 million to $100 million. However, this cost will still depend on the organization infrastructure and existing strategy for addressing the cybercrime.

The report specifies that as an entire nation is involved in the cybercrime and the target is also a nation, this type of cybercrimes will require the highest cost than the other crimes. The Nation-States cybercrime involves various organizations, government as well as industries both small and large ones and the individuals of the nation too. The average cost according to the report is approx. $57 billion to $109 billion.

This type of crimes according to the report will also require major investment for cleaning up after a breach as more than one hacking gang will be involved. The average cost is likely to be $210 million to $425 million.

The major motivation of the Hacktivist is to bring social change or promote some political agenda (Klein). The cost might not be a major factor here. However, it will still require investment from the organizations if the cybercrime occurs. The cost according to the report will depend on the nature of the organization though. The report specifies that the recent cybercrime has caused NASA $500,000. Another cybercrime by the Hacktivist has caused PayPal £3.5m.

The cyber war is another form of cybercrime that also involves two nations, organizations or as per the choice of the cyber criminals who are involved in the virtual war (Clarke and Robert). If one nation is successful in the cyber war against other nation, it will cost a huge amount of money to the other nation. The average cost of a cyberwar, according to the report is $600 billion for large companies, for small organizations it is around $200 million.

References:

Anderson, Ross, et al. “Measuring the cost of cybercrime.” The economics of information security and privacy. Springer, Berlin, Heidelberg, 2013. 265-300.

Armstrong, Helen L., and Patrick J. Forde. “Internet anonymity practices in computer crime.” Information management & computer security 11.5 (2015): 209-215.

Carlos Roca, Juan, Juan José García, and Juan José de la Vega. “The importance of perceived trust, security and privacy in online trading systems.” Information Management & Computer Security 17.2 (2017): 96-113.

Clarke, Richard Alan, and Robert K. Knake. Cyber war. Tantor Media, Incorporated, 2014.

Hayden, Lance. IT security metrics: A practical framework for measuring security & protecting data. McGraw-Hill Education Group, 2017.

Jordan, Tim, and Paul Taylor. Hacktivism and cyberwars: Rebels with a cause?. Routledge, 2017.

Klein, Adam G. “Vigilante media: unveiling Anonymous and the hacktivist persona in the global press.” Communication Monographs 82.3 (2015): 379-401.

McCrohan, Kevin F., Kathryn Engel, and James W. Harvey. “Influence of awareness and training on cyber security.” Journal of internet Commerce 9.1 (2014): 23-41.

Ponemon Study Shows The Cost Of A Data Breach Continues To Increase – News And Press Releases. Ponemon.Org, 2018, https://www.ponemon.org/news-2/23. Accessed 13 Oct 2018.

Ratnasingam, Pauline. “The importance of technology trust in web services security.” Information Management & Computer Security 10.5 (2015): 255-260.

Shaw, Ruey Shiang, et al. “The impact of information richness on information security awareness training effectiveness.” Computers & Education 52.1 (2015): 92-100.

Weber, Rolf H. “Internet of Things–New security and privacy challenges.” Computer law & security review 26.1 (2016): 23-30.

Turn in your highest-quality paper
Get a qualified writer to help you with

“ Importance Of Security Awareness Training For Modern Infotech Employees ”

Get high-quality paper

NEW! AI matching with writer

Marketing Analysis For The Retail Industry: A Report By MIT University Students

Task Overview The term marketing management means giving directions to an organization’s resources in order to implement the best possible strategy so as to meet the desires of the customers. The goal should be maximize the sales of the particular product or service. The person responsible for overseeing, planning the development of new products is […]

Developing An Audit Program For A Selected Listed Company

Introduction and Project Requirements Auditing is an independent examination of financial information of an entity whether profit making or not and irrespective of its size that is small, medium or big or its legal form whether it is a company(whether listed or unlisted), partnership or any other body corporate and when such examination is conducted […]

Organizational Factors That Hinder Employee Productivity: A Survey Study

Thesis statement 1). Thesis statement Save Time On Research and Writing Hire a Pro to Write You a 100% Plagiarism-Free Paper. Get My Paper Due to low productivity in most organizations, high labor turnover and job unsatisfactory, several issues emerge on whether there are factors that may hinder or motivate employees from working and producing […]

Legal Issues Arising From Two Cases

Case 1: Liability of Meghan and Rachel for Misappropriation of Funds by Charles Windsor III Facts Save Time On Research and Writing Hire a Pro to Write You a 100% Plagiarism-Free Paper. Get My Paper Harry Spencer,a long-time client of Charles Windsor & Sons Solicitors, gave Charles Windsor III some money to invest on his […]

Charter Development For Stud Farm Online Management System Project

Part One MOV – Measurable Organisational Value Save Time On Research and Writing Hire a Pro to Write You a 100% Plagiarism-Free Paper. Get My Paper Area of Impact Rank (1 to 5) Operational 1 Save Time On Research and Writing Hire a Pro to Write You a 100% Plagiarism-Free Paper. Get My Paper Strategy […]

Report On Organisational Performance Of An Allocated Company

Components of the Report The report is developed to provide an analysis of the organizational performance of a selected company listed on ASX. It provides an evaluation of the financial performance of the selected company with analyzing its profitability position. This is carried out by providing comparison of the current year financial figure of the […]

Connect With Us