Threat Agents Related to Cyber Security

Discuss about the Cyber Security and Solutions for Gigantic Corporation.

Cyber security is a major risk faced by Gigantic Corporation due to a number of issues related to the internet network used by the company. Cyber security issues occur from various threat agents like malwares, malicious files, attempted breach of security attacks and others. The prime reason behind increased chances of this risk includes lack of sufficient network security, bring your own device policy, phishing and others [5]. Hence, the top priority of the company should always be to prevent cyber attacks at any cost or risk losing confidential files and documents to these attacks. For this purpose, significant amount of funding is required on the implementation of cyber security in the system.

In this report, the threat agents related to cyber security have been discussed and possible solutions for Gigantic Corporation have been provided.

There is a number of emerging threat agents of cyber security that must be considered and addressed by the company. These threat agents are discussed as follows.

Malwares – In all organizations, within the private network server to which all the workstations are connected, sufficient security systems are deployed including system firewalls in each of the workstations. However, such firewalls may not be present in the users’ personal devices [3]. Hence, chances of malwares entering the server of the company rise significantly if BYOD policy is used as these unprotected systems act as an open gateway for the malwares.

Deliberate Injections – Some unethical employees deliberately inject malicious files into the system while working with personal workstations. They do so by carrying flash drives like pen drive that they insert into the workstation while plugged in to the company network. These cases also occur when sufficient monitoring is done on the activities of the employees during office hours.

Hackers – Hackers are by far the most significant threat agents to any cyber security system. By running complex codes and programs, they are able to break through a particular server and steal secure information from the same. Even if there some firewalls in the system, advanced hackers can easily break through them and steal data either for ransom or for selling to rival organizations for monetary benefits [7]. One of the strongest techniques used by the hacks is injection of ransomwares into the system. Ransomware is an extremely strong encryption malware that can capture files and folders with strong and unbreakable encryptions and demand ransom for unlocking the files. Generally, the ransom amount is extremely high and failing to pay results in permanent deletion of the files.

Potential Damages Faced by the Corporation

From these threat agents, there are many potential damages to the company. These damages are discussed as follows.

Stealing of Confidential Information: One of the major potential damages faced by the company is stealing of confidential information is breach of security paired with stealing of confidential information [6]. Often the stored data and information stores in data are stolen by hackers who have entered the system using some strong techniques to breach the entire system. Once stolen, there files and information cannot be retrieved and are generally forever.

Destroy of Data: Sometimes, instead of just stealing of the files, the files get encrypted by some unknown entities called ransomwares. These ransomwares lock the files and demand high amount of ransom in return for the decryption of the files [1]. If the user fails to pay the ransom within a specified time period, the malicious software destroys all the files and information permanently.

Due to the major impacts of the threat agents on the daily working schedule and requirement of Gigantic Corporation, some specific measures must be taken immediately. The main challenges and issues faced by the corporation are as follows.

Limited Access to Internet Sites: In order to prevent entry of malicious files and malwares into the system, the company has blocked access to many internet sites from the workstations of the employees. As a result, internet accessibility has been reduced by a significant margin.

Expenses: Due to the use of high end system security softwares that also need to be repurchased after a certain period, the company experiences huge amount of expenses every 6 months [4]. Further expenses are incurred for system upgrade and maintenance that are required to minimize chances of cyber security breach.

There are several mitigation and countermeasure strategies that can be deployed by the company in order to prevent the cyber security issues. Some of these are discussed below.

Do Not Apply BYOD Policy: As discussed previously, it has been found that BYOD is one of the main reasons behind the cyber security issues in the company’s internal server. Due to unethical use of personal resources or use of no firewalls in the personal devices of the employees, malwares and malicious files can easily enter into the office server and infect it [10]. Hence, in order to prevent this, the BYOD policy should not be implemented by the company at all.

System Firewalls: The first line of defense that the company can produce to prevent cyber attacks is by implementing system firewalls on all the connected workstations on the server. These firewalls are able to block most of the security attacks and also alert the system in case of any strong data breach attempts. Furthermore, these firewalls can block any suspicious activities regarding download of files and hence, can be utilized to prevent unwarranted file transfer by the workstation users.

Challenges and Issues Faced by the Corporation

System Architecture: Another main mitigation system can be done by the company by changing the entire internal system architecture. The architecture should be developed such that there are several stages of verification processes for the files and data that are to be stored inside the server [6]. During these stages, the origin and authenticity of the files are to be checked using their digital signatures and certificates before they are allowed to enter the server.

Network Encryption: This is another possible countermeasure that can be deployed by the company. This is done by applying encryption of the transport layer of the network i.e. whenever a file is to be sent from a workstation to a different source, the file will be encrypted into a secure data packet and then sent over to the destination. Similarly, the network will receive data in encrypted form so as to prevent any type security breach attacks trying to view and steal the contents of the data sent and received over the network transport layer.

Monitoring: In addition to the technical countermeasures, one major step that the company has to take is monitoring the activities of the employees in their workstations [2]. The monitoring should include the websites that they access throughout the day, files uploaded and downloaded using the workstations, use of flash drives in the workstations and others. Furthermore, certain unwanted websites can be blocked from accessing by using system firewalls to prevent any chances of entry of malwares into the workstations.

Conclusion

It can be concluded that being based on IT system and internet based work requirements, Gigantic Corporation faces some serious issues regarding the cyber security. While a central server is being used and all the workstations are connected to the same central server, the entire system is vulnerable to security attacks and data breach attempts. In order to prevent these attacks, the company needs to take some countermeasures that have been discussed in this report. In addition to these countermeasures, the company also needs to raise awareness among the employees regarding the safe use of the internet in order to prevent any data breach or security attacks.

References

C.S. Glantz, G.P. Landine, P.A. Craig Jr and R.B. Bass. Lessons Learned in Over a Decade of Technical Support for US Nuclear Cyber Security Programmes. In International Conference on Nuclear Security: Enhancing Global Efforts. Proceedings of the Interational Conference, 2014.

A.L. Buczak and E. Guven. A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 2016, pp.1153-1176.

Y. Liu, A. Sarabi, J. Zhang, P. Naghizadeh, M. Karir, M. Bailey and M. Liu. Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents. In USENIX Security Symposium, 2015, pp. 1009-1024.

N.S.M.S. Yip. The Effect of Cyber Supply Chain Security Towards Lean and Agile Supply Chain Performance in Healthcare Industry: The Mediating Effect of Organizational Capabilities (Doctoral dissertation, Universiti Sains Malaysia), 2015.

L.A. Gordon, M.P. Loeb, W. Lucyshyn and L. Zhou. Externalities and the magnitude of cyber security underinvestment by private sector firms: a modification of the Gordon-Loeb model. Journal of Information Security, 6(1), 2015, p.24.

B. Gupta, D.P. Agrawal and S. Yamaguchi. Handbook of research on modern cryptographic solutions for computer and cyber security, 2016. IGI Global.

N. Ben-Asher and C. Gonzalez. Effects of cyber security knowledge on attack detection. Computers in Human Behavior, 48, 2015, pp.51-61.

J. Graham, R. Olson and R. Howard. Cyber security essentials, 2016. CRC Press.

A.M. Bates, D. Tian, K.R. Butler and T. Moyer. Trustworthy Whole-System Provenance for the Linux Kernel. In USENIX Security Symposium, 2015, pp. 319-334.

A. Fielder, E. Panaousis, P. Malacaria, C. Hankin and F. Smeraldi. Decision support approaches for cyber security investment. Decision Support Systems, 86, 2016, pp.13-23.