The information technology (IT) industry has advanced significantly over the past few decades. Technology is not only ubiquitous, but also integral to every aspect of the society. Since the devices and components related to IT are interdependent, any disruption caused to one may affect the other. Over the past years, there has been a raising concern with regards to protecting IT systems from cyber-attacks, which have increased drastically over time. Therefore, cyber security refers to the act of protecting IT systems, including computers, software, hardware and related devices from attacks, threats and disruption . It plays a significant role in safeguarding privacy, unauthorized surveillance, intelligence gathering and information sharing. However, there are certain issues associated with cyber security. These issues depend on three factors, namely, threats, vulnerabilities and impacts. While threats refer to who are the attackers, vulnerabilities refer to how they attack . On the other hand, impact refers to the consequences of the attack.
While it is possible to deal with external cyber-attacks through effective measures, insider crime is one of the most critical issues that require emphasis. It refers to the crime in which an employee within the organization tries to alter copy, steal or replace the data. This is a significant cyber security issue as employees engage in the transfer of money or data, and use programs to scan consumer accounts and sell sensitive information to outsiders (Bayuk et al., 2012). Cyber-attacks from hackers are hazardous as they lead to violation of privacy and misuse of information. In some cases, malware or malicious codes get into a computer network, thereby stealing valuable information or replicating data . This issue is difficult to tackle as the chances of identifying the perpetrator is remote, which makes it easier for hackers and crackers to carry out their attacks.
One of the most crucial cyber issues faced by the world today is attacks on information grid and critical infrastructure. Cyber attackers make use of addresses and logos that resemble trusted organizations, such as banks, in order to obtain privacy information of users, such as credit card details and passwords, thereby attacking the critical infrastructure. Easy availability of hacking tools on the Internet has increased the rate of cyber-attacks occurring worldwide. Other common cyber security issues faced now-a-days are phishing, email spoofing and pharming . These issues have been faced by people who simply browse the Internet or carry out bank transactions. Recently, security experts have identified some of the vulnerable cyber security issues caused by two-faced malware, headless worms, jailbreaking, machine-to-machine attacks, ghostware . These attacks are increasingly sophisticated and have the capability of attacking everything ranging from medical devices to critical infrastructure.
The concept of Internet of Things or connected devices offers unprecedented opportunities to hackers to attack sensitive corporate information and computer information . The task becomes easy for hackers as most of the consumer connected devices fail to prioritize security. The evolution of cloud computing in the recent years has elevated the significance of cyber security as there is a higher likelihood of a multitude of attacks, such as malicious applications. Malicious applications lead to drive-by attacks, which refer to websites fingerprinting the information present on IT devices and smartphones, thereby making them vulnerable to security breach (Bayuk et al., 2012). There has been an increase in the propagation of new viruses and worms that are capable of destroying the critical software present in IT systems. The emergence of headless worms is a major issue of concern as such worms target headless devices, such as smart watches, smartphones and medical devices.
There has been an increase in the cyber security issues with regards to cloud and its related infrastructure. Growing reliance and dependence on virtualization allows cyber attackers to destroy private as well as hybrid clouds. Simultaneously, since a majority of the applications rely on cloud-based systems, it becomes easier for hackers to attack the cloud and gain access corporate networks . Improvements in forensic capabilities have encouraged hackers to adapt methods that evade detection. Ghostware poses a serious security threat to IT systems as it penetrates networks, steals information and makes it extremely challenging for companies to monitor and track the amount of data that has been compromised during the attack . Hackers make use of blastware, which destroys IT systems when security experts attempt to discover the attack. This type of attack is damaging in nature and mainly targets critical infrastructure of organizations and nations.
Another recent cyber security issue is the two-faced malware. This malware uses the functionalities of sandbox, which enables IT experts to deeply inspect the changing behaviors of software. Two-faced malware is benevolent under surveillance, yet transforms into a malicious code when it is not under suspicion . Statistics suggest that two-faced malware attacks occur at a rate of half a million per minute. The different types of cyber security issues mentioned above make the core internet protocols insecure, thereby leading to an increase in vulnerabilities. Furthermore, an increase in the broad range of IT activities, such as e-commerce, hospitality, e-governance, telecommunications and health care makes it difficult for organizations to keep an eye on security attacks in spite of the availability of tools and methods that are capable of detecting threats . Therefore, the following section offers significant recommendations that help to tackle cyber security issues, thereby protecting IT systems from threats and vulnerabilities.
Minimization of cyber security issues usually involves eliminating the source of threat, minimizing the botnets for cyber attackers, effectively addressing vulnerabilities through software solutions and reducing the impact of cyber-attacks by lessening damage and employing back-up resources . It is necessary that organizations conduct security assessment in order to minimize the risks of threat to security. Security assessment is the vital step that helps to identify security requirements through the establishment of a standard of critical assets, thereby providing a gap analysis . The next step is to formulate security strategies on the basis of current security measures implemented by the organization. It is also important to define the security perimeter as it helps to define efficient objectives and cyber security measures. This is possible through security audits, assurance and testing.
It is the responsibility of organizations to integrate their security solutions through various services, such as Identity as a Service (IDaaS) . IDaaS embraces conventional elements of access management and identity solutions in a secure offering. Organizations should implement effective access management systems that offer a provision for social login, risk-based authorization and authentication, scalability and consumer analytics. Access management ensures accessing right resources through risk-based controls and contexts. Identity governance is another possible recommendation, which implements the concept of “the right user, the right access at the right time” . In addition to implementing identity and access management, organizations should also monitor their IT systems so that they could detect possible threats in advance. Organizations should dedicate a substantial amount of their funds towards cyber security as it helps to effectively handle the issues of information sharing, data breach and loss of privacy.
Risk management approach should prioritize the level of criticality of each cyber security threat. This in turn helps to develop risk based controls and formulate solutions on the basis of the severity of consequences of an attack. Organizations should develop an information security policy as it is the key to securing data and IT systems. In order to prevent insider crime, the organization should train its employees about their roles and responsibilities with regards to cyber security and devise strict disciplinary actions in case of security breach . Organizations should also keep a track of network logs and system logs in order to ensure early identification of computer viruses as unusual web traffic patterns and log entries indicate any compromise in cyber security (Bayuk et al., 2012). It is equally important for organizations to develop incident response plans, which play a critical role in the minimization of damage caused by cyber-attacks.
Last but not the least, organizations should ensure strict restrictions to their end user systems, thereby limiting administrative privileges to end users. Since most of the computer viruses run on end user systems, restricting access to these systems in turn restricts access to the virus. Organizations should restore their systems from time to time to make sure that their IT systems are free from any attacks. They should frequently update their vulnerability tools, such as firewalls and intrusion detection systems, in order to manage the vulnerabilities. Storing the backups in offsite locations in the form of portable drives helps to recover sensitive data from getting damaged during cyber-attacks . Recovery solutions should be able to allow complete recovery of IT systems, if not, at least business continuity as organizations cannot afford to close down in the event of cyber-attacks.
References
Bayuk, J. L., Healey, J., Rohmeyer, P., Sachs, M. H., Schmidt, J., & Weiss, J. (2012). Cyber Security Policy Guidebook. New York, NY: John Wiley & Sons.
Graham, J., Olson, R., & Howard, R. (2010). Cyber Security Essentials. Boca Raton, FL: CRC Press.
Kizza, J. M. (2013). Guide to Computer Network Security. Berlin, Germany: Springer Science & Business Media.
Kohnke, A., Shoemaker, D., & Sigler, K. E. (2016). The Complete Guide to Cybersecurity Risks and Controls. Boca Raton, FL: CRC Press.
Trim, P., & Lee, Y.-I. (2014). Cyber Security Management: A Governance, Risk and Compliance Framework. Farnham, UK: Ashgate Publishing Ltd.
Vacca, J. R. (2013). Cyber Security and IT Infrastructure Protection. Rockland, MA: Syngress.