Overview of Cyber Security in Industry
Cyber security deals with identification of the major cyber security issues that can be experienced in the internal network of an business or an industry. A threat of cyber security can be indicated as a malicious act that has the capability of disruption the digital resources (Abawajy 2014). Cyber security provides an industry, an opportunity to combat against several threats, which include, malware attack, denial of service attack and others.
Cyber security is given a primary importance in an industry as it helps in identification of the key cyber security issues and threats that can result in industrial data loss leading to severe other complications (Fielder et al. 2016). The aim of this report is to appraise the existing literature in the field of cyber security and the prominence of cyber security in the industry. The report provides a detailed overview of the research problem that will be addressed through the literature review. In the following paragraphs, certain research questions are identified. The undertaken literature review aims in finding solutions to the identified research questions. It is integral to research on cyber security as it helps in protection of the confidential data stored in the internal network of a business organization. The literature review will contribute to evaluation of the studies and the researches that has been directed in the field of cyber security. The research problem, the research question and the detailed review of the literature are represented in the subsequent sections.
Cyber security mainly refer to the preventive techniques that are generally undertaken to protect the integrity of a particular network. The cyber security solutions is needed to be undertaken by every industry to address the key security concerns. With the advantage of cyber security, it is possible to defend the network and the computers from the malicious attacks. Cyber security provides an option to protect an internal network of an organization from any types of malicious attack and therefore, cyber security becomes a necessity. Cyber security in the industry is of significant importance as it pertains in protection of the personal information that is stored in a particular network. The undertaken study aims in outlining the importance of cyber security, why it is necessary to undertake cyber security measures (Jang-Jaccard and Nepal 2014). Cyber security is critically important for an industry as a single mail can be critical in infecting the entire corporate network which can be addressed by taking proper cyber security measures.
Importance of Cyber Security in Industry
Having an ineffective understanding of the cyber security might be risky for the entire network and therefore, it is integral to invest in proper cyber security practices. Through this study and the undertake review of the literature, the need of investing in cyber security measures for an industry is established.
The undertaken study aims in finding solutions to the succeeding research questions-
- What is cyber security?
- Why is cyber security imperative for an industry?
- What are the cyber security measures that are needed to be taken to ensure effective data protection?
- What are the recommendations for effective cyber security measure?
The literature review that is conducted will find answer to the above indicated research questions.
The aim of the review of literature is to explore the key concepts linked with cyber security. The works of the other authors in this field will be evaluated to discuss the importance of cyber security. The literature review is directed towards finding answers to the identified research question. In the following sub section, the key cyber security risks, the concept of cyber security and the details of the preventive measures that an industry need to take to address the cyber security issues are discussed.
Craigen, Diakun-Thibault and Purse (2014), has defined cyber security as a practise of solving various problems and resolve the complex cyber security challenges. The field of cyber security offers a number of opportunities and advances in basis of a multi-disciplinary approach. Cyber security provides a significantly large defensive method of detecting an intruder into a system and hence it is considered to be of significant importance. Cyber security generally reduces the risks linked with the use of malicious software or attacks due to the use of malware. It is a process of blocking all the malicious access by enforcing proper authentication and data encryption.
According to Bada, Sasse and Nurse (2019), cyber security can be described as an effective gathering of policies, tools and procedures that outlines the risk management approaches required to be taken to manage a threat persisting in a digital network. Cyber security is important for an organization as it provides an ability of managing any unauthorized data access that can result in loss of the private and the confidential data. Thus it can be indicated that cyber security is an important need of protecting the information as well as the data asset of an organization to reduce the probability of data or information misuse.
McLaughlin et al. (2016), indicated that cyber security is mostly associated with a gathering of several interacting processes, and the aim of those processes is to make the cyber space safe and secure. The domain of cyber security is mostly linked with the practise of protecting a particular system or digital asset from any unauthorized access.
Research Problem and Questions
Cyber security is important to protect a system or a network from a cybersecurity attack. A cyber security measure enabled an effective option of investing in proper infrastructure that can contribute to handling the major cyber security issues. It is therefore recommended for an organization to keep the security infrastructure up to date. It is recommended that the technical infrastructure to be maintained by the professionals to ensure that the key risks linked with the system is addressed and mitigated in real time.
Cyber security is important in industry as the smart and the technologically advanced devices that are used in the industry can be indicated as a gate way to the major cyber security problems and the cyber-attacks (Bada, Sasse and Nurse 2019). The systems that are connected with the internet are more prone to cyber-attacks and therefore, it is integral for the industries and the business organization to invest on the preventive actions that can be engaged to address the key cyber security risks.
An industry is linked with several cyber security threats an issues and therefore, management of these issues becomes a necessity. Abomhara (2015), indicates that with advent and increasing dependence on the internet of things (IOT), an industry is exposed to several critical cyber security risks that are required to be addressed. The risk mainly arise as the IOT devices are rapidly becoming ubiquitous and pervasive. Cyber-attacks are common in the industries as the industries are investing on smart devices and technologies to enhance their business operations (Jenab and Moslehpour 2016). Security is the process of defining a process of protecting an object against any damage. These security issues can be effectively managed by undertaking proper cyber security mechanism. An industry is generally exposed to several cyber security issues that are required to be mitigated.
Unsecured Resources: An industry such as manufacturing industry is exposed to several risks and threats. The rising cyber security threats in manufacturing is mostly because of the generation large number of information resources (Almeshekah and Spafford 2016). It is observed that metals, capital goods, chemicals and the electronics are mostly becoming prone to cyber security risk with an increase in the amount of data generated. The large amount of data that is generated is needed to be secured to ensure proper protection in the internal network.
Unauthorized Data Access: The unauthorized data access can be a major source of cyber security threat in an industry (Flatt et al. 2016). The unauthorized data access might result in increase of the key cyber security issues and this is one of the critical cyber security threats that an industry is exposed to.
Risks Associated with Cyber Security in Industry
Distributed Denial of Service: This is one of the most common cyber security issue in the in industry that seizes its operations. A DDoS attack generally attempt to disrupt the service of a network and therefore a DDOS attack can result in severe loss in an industry.
Phishing: Phishing is a common way of launching a cybersecurity attack in an internal network of an organization. Phishing attacks are mostly sent via email and in case one system accesses that malicious link sent over email, there is a high possibility that the virus or the malware would be spread to the entire system (Lezzi, Lazoi and Corallo 2018)
Internal Privilege Misuse: In an industry, this is a common cyber security threat as if a malicious insider leak any information it might result in major cyber security issue.
The cyber security risks associated with an industry can cost as firm several million dollars as the private and the confidential data of the industry is at risk. Companies involving highest level of innovation are required to address the cyber security concerns so that the data stored within the industry is properly secured. Taking protection against the cyber security issues become a necessity for an industry as beyond monetary concerns, the cyber security breach has the possibility of ruining the intangibles, which include company’s reputation and customers’ goodwill (Craig, Shackelford and Hiller 2015.). It is observed that the industries that showcases highest levels of business innovation are mostly prone to costlier attacks and therefore, cyber security measures is required to be taken. The following data provides an idea of the average cost of per data breach, which illustrates the need of taking preventive measures against cyber-attacks in the industries.
An industry can suffer severe monetary loss apart from the reputation loss as a consequence of the cyber security issues and threats and therefore, it is integral for an industry to take preventive measures against cyber-attacks.
According to Prasanthi and Ishwarya (2015), an industry is required to invest on effective data and information protection so as to ensure that the major security risks can be effectively managed. There are certain common cyber security measures, that can be taken by an industry to ensure proper data protection. Shafqat and Masood (2016), outlines the need of effective monitoring of the internal system of the organization to detect any type of intrusion in the system. An advanced monitoring of all the key networking essentials is needed to manage the cyber security issues and the threats persisting within the industry.
Preventive Measures for Cyber Security in Industry
Lam (2016), outlines the importance of access control in prevention of the cyber security issues and threats. It is integral to monitor who are given an access of using the information system that stores confidential or key business data. If only the authorized personnel are given an access to the system, it is possible to manage the cyber security risk linked with the industry. Therefore, access control can be considered as a significant preventive measure.
al Khateeb and Epiphaniou (2016), indicates that cyber security issues within an organization or an industry might increase if the staffs of the organization are not aware of the controls that are required to be taken to manage the risks that are persisting in the system. Therefore, for an industry, the first preventive measure against the cyber threats would be training its employees regarding the cyber security issues and the controls that are required to be taken.
A cyber security data breach can be prevented with the use of up to date security systems. Therefore, one of the recommended measures is to update the programs and the systems regularly to prevent data loss. Updating the programs and the system regularly will contribute to enforcing proper cyber security in the industry.
Richet (2015), illustrates the use of firewalls as a significant preventive measure against the cyber security threat and issues. A firewall can be used to easily access the presence of a malware in the system. Firewall can be useful in prevention of entry of a malware in a system and therefore, an industry needs to invest on the securing their system using a firewall.
Regular security check and security updates within the vital system can help in management of the critical cyber security issues. The information systems that stores confidential business data should be kept password protected. Regular security check up on those information system is further necessary to ensure that all the security measures are in place.
The systems that are connected with the internet have a higher risk of facing cyber security issues and therefore, use of antivirus on those systems becomes a necessity. Furthermore, it is recommended that only smart systems that are certified for the industrial use are to be adopted by the industry (Kleinberg, Reinicke and Cummings 2015). It is advisable to protect the access point to reduce the chances of data loss. The data security issue might arise of the access points are not adequately secured.
Impact of Cyber Security Breach on Industries
With the proliferation in the quantity of cyber security issues in the industries, it becomes integral to manage the issues. In case of an industry facing the cyber security issue it is essential for the industry to act immediately on the issue and for that, it is necessary to develop an incident response plan to address those issues (Rotich et al. 2014). Furthermore, it is integral for the industries to invest on protecting the technical infrastructure by enforcing proper monitoring of the network.
Conclusion
The undertaken literature review provides a detailed consideration of the concept of cyber security and the key principles of cyber security. The effect, impact and the control linked with cyber security in an industry is outlined in this report. For protecting an organization from the cyber security threats it is integral for a business to take cyber security measures. In this report, the research problem is outlined and the research questions that are addressed by the undertaken literature review is discussed as well. The findings from the literature review indicate that it is necessary for the employees of an organization to have a correct understanding of the cyber security processes that are required to be considered to address the issues faced by the industries. The literature review provides an understanding of the key security measures that an industry is required to undertake to safeguard their information resources. A malicious software if ends up within the infrastructure of a company can result in serious issues including the loss of confidential data. However, one of the significant necessity in this case is to train the employees about the secure information usage, which can significantly reduce the risk of cyber security. Apart from that, it is essential for the industries to properly invest on the cyber security infrastructure to ascertain that the risk and the issues linked with cyber security is significantly reduced. An industry needs to invest on effective cyber security practices to address the major risks linked with information protection. If employees are properly trained, majority of the cyber security risks can be easily handled.
References
Abawajy, J., 2014. User preference of cyber security awareness delivery methods. Behaviour & Information Technology, 33(3), pp.237-248.
Abomhara, M., 2015. Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, 4(1), pp.65-88.
al Khateeb, H.M. and Epiphaniou, G., 2016. – How technology can mitigate and counteract cyber-stalking and online grooming. Computer Fraud & Security, 2016(1), pp.14-18.
Almeshekah, M.H. and Spafford, E.H., 2016. Cyber security deception. In Cyber deception (pp. 23-50). Springer, Cham.
Bada, M., Sasse, A.M. and Nurse, J.R., 2019. Cyber security awareness campaigns: Why do they fail to change behaviour?. arXiv preprint arXiv:1901.02672.
Bada, M., Sasse, A.M. and Nurse, J.R., 2019. Cyber security awareness campaigns: Why do they fail to change behaviour?. arXiv preprint arXiv:1901.02672.
Craig, A.N., Shackelford, S.J. and Hiller, J.S., 2015. Proactive cybersecurity: A comparative industry and regulatory analysis. American Business Law Journal, 52(4), pp.721-787.
Craigen, D., Diakun-Thibault, N. and Purse, R., 2014. Defining cybersecurity. Technology Innovation Management Review, 4(10).
Fielder, A., Panaousis, E., Malacaria, P., Hankin, C. and Smeraldi, F., 2016. Decision support approaches for cyber security investment. Decision support systems, 86, pp.13-23.
Flatt, H., Schriegel, S., Jasperneite, J., Trsek, H. and Adamczyk, H., 2016, September. Analysis of the Cyber-Security of industry 4.0 technologies based on RAMI 4.0 and identification of requirements. In 2016 IEEE 21st International Conference on Emerging Technologies and Factory Automation (ETFA) (pp. 1-4). IEEE.
Jang-Jaccard, J. and Nepal, S., 2014. A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, 80(5), pp.973-993.
Jenab, K. and Moslehpour, S., 2016. Cyber security management: A review. Business Management Dynamics, 5(11), p.16.
Kleinberg, H., Reinicke, B. and Cummings, J., 2015. Cyber Security Best Practices: What to do?. Journal of Information Systems Applied Research, 8(2), p.52.
Lam, W.M.W., 2016. Attack-prevention and damage-control investments in cybersecurity. Information Economics and Policy, 37, pp.42-51.
Lezzi, M., Lazoi, M. and Corallo, A., 2018. Cybersecurity for Industry 4.0 in the current literature: A reference framework. Computers in Industry, 103, pp.97-110.
McLaughlin, S., Konstantinou, C., Wang, X., Davi, L., Sadeghi, A.R., Maniatakos, M. and Karri, R., 2016. The cybersecurity landscape in industrial control systems. Proceedings of the IEEE, 104(5), pp.1039-1057.
Onyeji, I., Bazilian, M. and Bronk, C., 2014. Cyber security and critical energy infrastructure. The Electricity Journal, 27(2), pp.52-60.
Prasanthi, M.L. and Ishwarya, T.A., 2015. Cyber Crime: Prevention & Detection. IJARCCE, 4(3), pp.45-48.
Richet, J.L. ed., 2015. Cybersecurity Policies and Strategies for Cyberwarfare Prevention. IGI Global.
Rotich, E.K., Metto, S.K., Siele, L. and Muketha, G.M., 2014. A survey on cybercrime perpetration and prevention: A review and model for cybercrime prevention. European Journal of Science and Engineering, 2(1), pp.13-28.
Shafqat, N. and Masood, A., 2016. Comparative analysis of various national cyber security strategies. International Journal of Computer Science and Information Security, 14(1), p.129.