IT Security
There are many types of IT security breaches. There's malware, ransomware, theft of sensitive information, DDoS attacks...the list goes on. The reason that these threats exist is simple -- there's money in it. Ransomware is used to get quick payment from companies, and stolen information can be sold on the dark web. But what companies need to know is that most cyberattacks rely on somebody within the company making a mistake, for the criminals to get the access they need. So training is key to preventing cybercrime. This isn't something that happens randomly -- companies are often specifically targeted, with criminals focused on key vulnerabilities that can be exploited (Ramanan, 2015).
Slide 2: There are a few things that companies can do to prevent cybercrime. It starts with awareness at the highest levels of the company. Two reasons for this -- first off top official need to prioritize the resources to combat cybercrime. The second reason is that the people at the top have the best access to sensitive information, so they are the ones most likely to be targeted. Awareness is not just in general terms -- the awareness needs to be specific. Risks need to be evaluated and measured. The different gaps in cybersecurity at the firm need to be identified, so that they can be addressed.
Slide 3: Awareness is the first step, but then there needs to be training to put that awareness into action. IT security is not a matter for the IT department, contrary to what many people think. Human beings are usually the weakest security link in any organization, according to Kaspersky Lab (2016). People fail to protect passwords, they leave sensitive data lying around, and generally fail to realize that IT security is their problem, too.
Slide 4: There are several best practices. First, using multi-factor authentication for sensitive areas can mitigate the risks associated with losing passwords. It is more difficult to hack an area of the site with MFA. Policies that forbid employees from uploading sensitive data to the cloud, especially on their personal devices, can help avoid some issues. In fact, the use of personal devices for business is one of the key areas of security weakness for many companies. And of course, poor awareness.
You’re 78% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.