Understanding Information Security Attacks and Security Awareness in an Organization
Roshan Dhakal 11407004
Email:droshan_2005@yahoo.com
(Doctor of Information Technology, Charles Sturt University)
Table of Contents
Introduction 3
Importance 4
Future research 5
Conclusion 5
References 6
Abstract
In today’s information technology age, many organizations are facing the security attacks. These kinds of attacks occur to two different forms which can be classified as external attacks and internal attacks. Organizations can mitigate the external attacks of implementing firewall, anti-virus and other defense perimeters but internal attacks are even hard to identify. Internal attacks take place in terms of employees negligence in their work performance, theft and stealing the organizational assets and selling to competitors, script kiddies, eaves dropping and spying other employees, etc. Even latest technologies are not being able to identify and detect those types of attacks. Therefore organizations have to implement security education, awareness and training program to educate the internal employees to minimize the risk of insider attacks. This paper further discuss about how security education, training and awareness program helps to mitigate the insider attacks and why it is important to organization.
Keywords:- Security Education, Training and Awareness Program, Internal and
Despite the presence of network security devices such as firewalls and other security appliances, today's corporate networks are still vulnerable to both internal and external attacks by hackers intent on creating havoc. By proactively
Security and ethical employees will continue to be a vital aspect of ensuring the success of an organization. There will always be a need for ethical IT security professional as hackers will continue to force organizations to make adjustments in their business models to protect their employees, data and customers. Many organizations and managers believe application security requires simply installing a perimeter firewall, or taking a few configuration measures to prevent applications or operating systems from being attacked. This is a risky misconception. By understanding threats and respect impacts, organizations will be equipped to maintain confidentiality, availability and
As such, our company’s people resources pose the greatest risk for security breach. Our way to help mitigate risk in this area is to keep communication lines open in this area and to continually mandate security knowledge training, with mandatory updates on a regular basis. When the employees are informed of company policy when facing a security matter, they are better equipped to act in the best or right way. In this way knowledge is power – or at least empowerment to act in the best interest of the company’s information security.
In the final chapter of CompTIA Security + Study Guide eBook, it covers some great topics, key elements of implementation, support, and managing the security efforts in a company or organization. It’s important for IT Professionals to understand their role in a company/ organization. It’s also extremely important for them to understand the boundaries of security within that company/organization. Adopting best security practices while adhering to company policies will ensure that both parties are happy. There are many fines lines with security management.
Some of the items that will need to be made aware of and shared with executives, employee and the stakeholders of the organization is the managing and protection of Access Control and attack monitoring system, each and every member of the company will need to understand and abide by the policies that govern access control in the workplace, allowing other employees to enter a facility without each employee scanning their badges will be a breach of security. The awareness of securing network architecture and network communications components, raise awareness on security governance concepts and policies and risk and personal management. The support of the entire organization in the changes and improvement will results in an effective strategic
Finally the company should update the employees with the security policies and procedures to prevent the attacks.
However, anti-malware detection products are available to detect and prevent attacks. These products can better ensure protection on computers. Group three believes that training employees to be aware of security issues in companies, along with different type’s attacks can prevent employees from clicking on suspicious emails, links, and downloads. It also gives the companies systems’ a better chance of not being compromised. Group three predicts that the amount of attacks similar to the Sony data breach will increase as technology advances along with news ways to compromise systems. Collectively, group three believes there is not true solution to this type of attack. In the future group three believes that for a company to be truly safe, the network has to be completely secure, servers and connections have to be checked and updated regularly, and employees must be aware of the attacks that hackers will try to do to infect a network
Before my team assessed the efficacy of an insider threat program, we lacked several essential aspects crucial for mitigating, detecting, and preventing insider threats. Our former insider threat program lacked a lot of essential things and thus, made Goliath National Bank vulnerable to insider threats that could have potentially harmed its assets and intellectual property like trade secrets, strategic plans, and other confidential information. In order to protect the organization, Avatar should have placed more emphasis upon behavioral indicators instead of directing most of their effort and attention on technical indicators. If Goliath National Bank had noticed the red flags and realized that the insider threat was a disgruntled employee, he wouldn’t have been able to create and inflict so much damage through espionage. Thus, it is crucial for organizations to monitor their employee’s network on their personal or work device. In addition, our insider threat program lacked two of the five NIST framework core functions (i.e. identify, protect, detect, respond, and recover), which are important for risk management. Our insider threat program failed to address the respond and recover function. Since all the functions are interdependent upon one another and are necessary for proper, prompt, and efficient risk management, without any one of them, a lot of damage can result. The response function is essential because it has to do with the actions needed to be taken after a cyber security threat is detected. An organization has to know prior what specific action they want to take, whether it plans to gather data for law enforcement or take legal action to prevent the situation from escalating. The decision is crucial because it impacts the direction the organization takes. The recover function is crucial because it serves to decrease the impact and restore
According to “How Much Does Cybercrime Cost?” in America, companies spend $1 billion every year, either trying to prevent future attacks or trying to recuperate from a previous attack. What does this money do if the real problem is based on a lack of awareness of their employees? And its not only small companies who are getting attack like previous years (greengard). Cybercriminals are now beginning to take the risk of attacking large companies because they contain more credit card information, money and information in general. Whether the company is large or small, they are still affected by insider threats. Insider threats are the largest problem among companies when it comes to cybercrime attacks; however, most don’t understand that there are many different ways to retrieve information from a company. They can use special malware, spyware or botnets, or wait for the employees to make a mistake. Some attacks are thoroughly planned and can take a while. Recently, Britain and American spies found their way into a company called Gemalto. (Alleged Hack). The lack of background checks and ability to suspect these spies lead to this breach. According to _____, conversations all over Australia were in put in danger because of the work of these spies. The hack affected millions of SIM cards which allowed outside sources to display any information that was on the phone. It even
Internal attacks come from employees working in the organization or those who have left. Employees tend to be trusted and they end up misusing this trend. WebTechMsn has put in place policies such as passwords policy to ensure restriction to some sensitive information to some employees. Employees have been given a form to fill as an ought between him and the organization information to keep them safely at all times possible. This comes with huge penalties if found violating.
Insider threat has become a significant issue. There have been considerably more reported insider threat incidents over the past few years. According to the 2009 e-Crime Watch Survey in which 523 organizations were involved, 51% of the organizations experienced an insider attack, which increased from 39% three years ago. Since these were only reported incidents of attacks, it is likely more than 51% of organizations experience such attacks. From the recent Cyber-Ark Global Survey conducted in the spring of
According to Wallace Mcgee (2008), “IT Threats to organizational information come from outside as well as inside.” Insider threats can be just as guilty of attacking systems of security measures in place. This is why it is important to understand ways to protect a business even from employees. Having some safety nets in place may be very beneficial and save a company from having some unnecessary losses. A security company shutting down due to poor planning is not a best practice. Cognizance needs to happen before a facility is even built or an organization is up and running.
The threat of insider threats within our company is made possible by emerging technologies. It is important that a security polices and training be required to assist in preventing these threats from occurring. Insider threats come from people who attempt to gain access to our systems in order to cause problems to our organization. It has been estimated that insider threats make up to 30% of all major security breaches. These threats include sabotage, theft, fraud, black mail, and violent actions. It is important to note people who commit such acts are normally former employees, current employees, and third party contractors. The following security proposal should be implemented with great hast due to the nature of our work overseas (Deloitte, 2016).
Individual employees should be protected from penalties with regard to sensitive data that has been compromised/released. Since a majority of security breaches result from corporate culture, malicious attacks, or glitches in the system, employees should be protected from misdirected penalization. Such breaches may also stem from improper training of computer illiterate employees. With the many factors involved in a data breach, a company will benefit more from providing a great employee with proper safeguard procedures than from hiring a fresh employee, one just as likely to make such mistakes.
| Security policies must be fully implemented in order to protect BA information. This CR affects large numbers of BA users.