Identification key issue of cyber security and resilience
The world is rapidly changing and new technologies are increasing in the market. These new technologies are also increasing difficulties regarding cyber security. In the recent time, Australian business organisations are facing cyber security issues. New mechanical intelligence attracted hackers to access private data of Australian business organisations. Therefore, the hackers can manipulate the data business organisations to take their cash assets for themselves. The purpose of this report is to identify the key issue in cyber security and resilience. Additionally, this report has integrated cyber security protocols to ensure corporate survival and maintain business performance. Based on the issue regarding cyber security this study has presented relevant recommendations.
Countering cyber risk requires proper evaluation and effective strategies. Proper evaluation can help to identify the key issues of cyber security. This can also help to take advantage of opportunities presented by Vast Technology. The organisations can take part in forwarding thinking and visionary leaders to establish a strategic plan and governance structure in the business. The Australian business organisation has faced the following issues regarding cyber security:
New and advance various technologies such as cloud device, IT technology and internet services have been introduced in the Australian market. These new technologies are constantly developing and advanced software is introduced in the market. Based on this new software the hackers can be able to access the cloud computing device of the organisations. Each new technology has bought a potential for vulnerabilities for the business organisations. Therefore, the hackers can access their private financial data and business strategic plans to take advantage of them. Additionally, the financial data manipulation has reduced the cash assets of Australian business organisations. Therefore, market liabilities increased and the possibility of bankruptcy has increased in the market. In the opinion of Gupta et al. (2016, p.5), the organisations can introduce new firewalls in their cloud computing device to secure it from third-party access. However, the lack of advance firewall system has increased cyber crime in the country.
In case, all employees of Australian business organisations followed relevant rules and directions, cyber crime can be reduced. On the contrary, the lazy and ignorant nature of the employees has proved that they do not follow all procedures before securing their private data. As studied by Buczak and Guven (2016, p.1153), the employees have to secure the data with relevant password and firewall to restrain it from third parties. The employees clearly do not follow this procedure in the business. This can help the hacker to gain advantage over the business organisations. Hence, the hackers can be able to access the private data of the organisation and manipulate them.
New Vulnerabilities
As the new data security system and cloud computing system has improved the hacking software have also improved. Based on that, the hackers can be able to easily hack old firewall tools installed in the cloud computing devices. Therefore, hackers can seek innovative process to commit more cyber crimes in the business. A new technique called Power Shell can use malicious scripts that are impossible to track. Therefore, the cyber crimes are increasing rapidly and the business organisations cannot provide relevant solution to reduce hacking of private data in the business. As opined by Liu et al. (2015, p.1009), the new hacking software is attracting more people to be hackers and try to take part in the cyber crime. This new software can help the hackers to plan a newer and better attack on business industries. Therefore, market risks can increase in the future.
Ransom ware is the bane of IT, cyber security, and executive and data professionals. This a type of virus that spreads in the cloud computing devices and helped the hackers to easily access business information of the companies (Knowles et al. 2015, p.52). Therefore, the organisations cannot be able to expand their business due to this virus in their cloud computing devices. Based on that, the cyber crimes are rapidly increasing over the years.
In the year 2017, cyber currencies and block chains have gain high popularity. This technical innovation helped the business organisations to transfer their money online. This process helped the hackers to hack the decrypted data of the transactions and manipulate them. Therefore, the Australian companies have faced unnecessary losses in the business. The cash assets of the organisations have also decreased in this process. In addition to that, as stated by Gordon et al. (2015, p.24), Blockchain revolution has provided a faster process to hack financial transaction of an organisation.
These key issues have increased cyber crime in Australia and the business is facing market risks. Furthermore, the issues of cyber resilience have helped the hackers to gain advantage over the business organisations. The companies can be able to expand securities in the market based on proper cyber resilience. However, the organisations are facing the following issues regarding cyber resilience:
The visionary leaders’ views are that cyber resilience is more a matter of culture and strategy than tactics. Being resilient requires the business organisations to be at their higher level of leadership skills to avoid business risks. Based on high leadership skills the organisations can be able to recognise the importance of avoiding and proactively mitigating risks. However, lack of leadership skills has increased management risks for the business. According to Bell (2017, p.536), cyber resilience requires experienced leaders and coordinating working environment. Lack of leadership skills can increase cyber risks in the management. Therefore, the organisations cannot be able to expand their security protocols in the business. In the recent time, Wesfarmers has faced issues regarding cyber crime. Due to a cyber attack, this organisation has reduced their cash assets in the business (Wesfarmers, 2018). This helped the hackers to gain advantage over the organisations. Moreover, the financial health of the business organisations can reduce in the market.
Human Nature
Cyber security is insufficient if the challenges of digitalization can be met in the business. Therefore, the organisations have to understand the importance of data protection in the business. Based on that, the companies can be able to improve their cloud computing devices in the business. However, it has been clear that business organisations required establishing a relevant strategic plan that can direct the employees of the business. Additionally, the organisations can secure the data in a password protected device to ensure their privacy in the business. In accordance to Joiner (2017, p.74), based on an advance strategic plan and governance structure the business organisations can be able to introduce new security protocols in the business. However, human nature and leadership issues have increased the difficulty to present proper strategic plan for the business. Therefore, hacking has increased and the possibility of bankruptcy has increased in the future.
Due to high number of advanced hacking software, the business organisations are unable to take legal action against cyber crime. Therefore, the business industries have to introduce next generation innovative process to reduce cyber crime in the business. Additionally, the organisations can be able to expand their financial health in the Australian market by reducing cyber crimes. In the opinion of Fielder et al. (2016, p.13), the organisation can be able to improve their security in the management based on advance cyber security protocols.
Routine Access Monitoring
The Australian business organisations can be able to control the protected financial and strategic data based on routine monitoring. The Board of Directors has to introduce restrictions and guidelines for the employees. Moreover, the organisations have to perform a relevant investigation of the employees to understand their potential. In case the management understands any employee is not following the relevant rules and regulation they can take strict action against them. The Rio Tinto Group has introduced this new process in the business as they faced cyber risks in the business (Riotinto, 2018). This guarantees that none of the employees is disobeying the regulation of the organisations. As opined by Cherdantseva et al. (2016, p.1), the organisations can improve their security protocol by reducing employment issues in the business. Based on that, the companies can be able to secure their private data in a password protected system. Therefore, third parties cannot be able to access the financial data and financial risks can reduce in the business.
New and developed hacking software
Full-disk Encryption (FDE) is one of the new and innovative processes to reduce cyber crimes in the business. Additionally, the organisations can be able to store their personal data in the cloud computing device based on Full-disk Encryption. This is a quick and inexpensive method to secure private information by encrypting it (Ben-Asher and Gonzalez, 2015, p.51). This system can alleviate the impacts of stolen cash assets by restraining reporting needs and fines. The encryption process in of Full-disk Encryption (FDE) in advance and it is difficult for the hackers to decrypt it. In the recent times, National Australia Bank has introduced this innovative idea in their business to ensure data security in the business (Nab, 2018). Based on that, the Australian business organisations can be able to reduce cyber attacks. Similarly, the organisations can protect their business information from hackers. Additionally, the encrypted data can help to restrict it from other employees reach.
The rules of Board Principles for Cyber Resilience it is clear that the organisations required maintaining all 10 principles of cyber resilience to improve their security (World Economic Forum 2017). During high leadership issue and strategic issue, the organisation cannot be able to protect their financial data. The principles of cyber resilience are as the following.
Responsibilities for cyber resilience: The Board of Directors has to set the ultimate responsibility for the employees regarding cyber risks and resilience. Based on that, the employees can understand the process to secure business organisations private data. Additionally, as stated by Cavelty (2014, p.705), the companies can be able to take legal action against cyber crimes in the business.
Command on the subject: The board members have to provide cyber resilience orientation to the employees after joining the management. Additionally, the Board of Directors has to provide regular update on the recent cyber threats in the business. In the opinion of Beaumont (2018, p.497), the board members can update the recent cyber threats with proper advice and assistance. Based on that, the employees can be prepared for any cyber crimes in the future.
Accountable employee: Board members have to ensure that one employee is accountable. Based on that, the employee can present a report regarding the company’s capability to manage cyber crimes in the business (Iannacone et al. 2015, p.12). Furthermore, the board has to ensure that transparent and honest employee can access the board regularly. Therefore, the employee can provide the updates to the board members.
Ransom ware Evolution
Integration of cyber resilience: Board has to ensure that the management integrates cyber assessments and cyber resilience in the business strategy. Therefore, the employees can follow the procedures of the companies.
Risk appetite: The board can annually define and quantifies risk tolerance regarding cyber resilience. This can ensure that cyber resilience is consistent with risk appetite and corporate strategy.
Risk assessment and reporting: The employee selected by the board can present an understandable and quantified assessment regarding cyber risks. Based on the report the board members can provide relevant strategic plan for the employees.
Resilience plan: Board has to ensure that management supports the selected employee’s report regarding their capabilities. Based on the report the board can introduce a long-term business plan to maintain advance cyber security in the business.
Community: The board has to encourage the management to collaborate with their stakeholders. This helps to ensure systematic cyber resilience in the business.
Review: Based on the report of selected employee an independent cyber resilience review has to carry out annually. Therefore, the board can understand the progress regarding their cyber security from year to year.
Effectiveness: The annual review of cyber resilience can help the business organisations to determine their management effectiveness. This can help the organisation to maintain high security protocols (Elmaghraby and Losavio (2014, p.491).
Based on the above security protocols recommendations regarding cyber resilience are
High leadership skills: The Australian business industries can hire high skilled employees as team leader in the management. Based on highly skilled and experienced employees the organisation can be able to reduce employment issue in the business. The leaders can encourage employees to follow relevant rules and regulation in the business. Therefore, personal data can be secured in the cloud storage devices.
Follow Board Principles for Cyber Resilience rules: Australian business organisations if follows the 10 board principles the organisation can be able to improve their security protocols in the business. Additionally, the business organisations can determine their management effectiveness against cyber crimes.
Advance encryption tools: FDE is a quick and inexpensive method to secure private information by encrypting it. Australian business organisations can be able to reduce cyber attacks. Similarly, as influenced by Rodriguez et al. (2015, p.1620), the organisations can protect their business information from hackers by using advanced encryption tools in the management.
Improved strategic management: Based on the board principles of Australian business organisation can present a report regarding their organisational capabilities. In case board understand their management operation has decreased in the business then they introduce a new long-term business plan to reduce cyber risks in the business. As influenced by Alexeev et al. (2017, p.23), the organisation can be able to improve their security protocols by establishing an effective governance structure and strategic plan.
Blockchain Revolution
Conclusion
It can be concluded that cyber security is essential for the business organisations to reduce cyber crimes. The new technologies have bought vulnerability for the business organisations. Moreover, the lazy and ignorant nature of the employees has proved that they do not follow all procedures before securing their private data. Based on new hacking software hackers can be able to easily hack old firewall tools installed in the cloud computing devices. However, the rules of Board Principles for Cyber Resilience can help the organisations to present a report regarding their management effectiveness. Australian company can introduce long-term business strategies regarding their report against cyber crime. Therefore, the companies can be able to take proper action against the hackers. Similarly, the cyber attack can reduce in the future
Reference list
Alexeev, A., Henshel, D.S., Levitt, K., McDaniel, P., Rivera, B., Templeton, S. and Weisman, M., (2017), January. Constructing a science of cyber-resilience for military systems. In NATO IST-153 Workshop on Cyber Resilience (pp. 23-25). Available at: https://ceur-ws.org/Vol-2040/paper4.pdf [Accessed on 3rd August, 2018]
Beaumont, P., (2018). Cybersecurity Risks and Automated Maritime Container Terminals in the Age of 4IR. In Handbook of Research on Information and Cyber Security in the Fourth Industrial Revolution (pp. 497-516). IGI Global. Available at: https://www.igi-global.com/chapter/cybersecurity-risks-and-automated-maritime-container-terminals-in-the-age-of-4ir/206794 [Accessed on 3rd August, 2018]
Bell, S., (2017). Cybersecurity is not just a’big business’ issue. Governance Directions, 69(9), p.536. Available at: https://www.mcgrathnicol.com/app/uploads/cybersecurity-sme-october-2017.pdf [Accessed on 3rd August, 2018]
Ben-Asher, N. and Gonzalez, C., (2015). Effects of cyber security knowledge on attack detection. Computers in Human Behavior, 48, pp.51-61. Available at: https://www.academia.edu/download/42320447/Effects_of_cyber_security_knowledge_on_a20160207-26129-1m9ln49.pdf [Accessed on 3rd August, 2018]
Buczak, A.L. and Guven, E., (2016). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), pp.1153-1176. Available at: https://ieeexplore.ieee.org/iel7/9739/7475979/07307098.pdf [Accessed on 3rd August, 2018]
Cavelty, M.D., (2014). Breaking the cyber-security dilemma: Aligning security needs and removing vulnerabilities. Science and engineering ethics, 20(3), pp.701-715. Available at: https://www.researchgate.net/profile/Saeed_Ullah_Jan2/post/What_are_current_trending_topics_in_Cybersecurity/attachment/5a72e68c4cde266d5887ee48/AS%3A589166148587521%401517479564706/download/02.pdf [Accessed on 3rd August, 2018]
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K., (2016). A review of cyber security risk assessment methods for SCADA systems. Computers & security, 56, pp.1-27. Available at: https://www.sciencedirect.com/science/article/pii/S0167404815001388 [Accessed on 3rd August, 2018]
Elmaghraby, A.S. and Losavio, M.M., (2014). Cyber security challenges in Smart Cities: Safety, security and privacy. Journal of advanced research, 5(4), pp.491-497. Available at: https://www.sciencedirect.com/science/article/pii/S2090123214000290 [Accessed on 3rd August, 2018]
Fielder, A., Panaousis, E., Malacaria, P., Hankin, C. and Smeraldi, F., (2016). Decision support approaches for cyber security investment. Decision Support Systems, 86, pp.13-23. Available at: https://www.sciencedirect.com/science/article/pii/S0167923616300239 [Accessed on 3rd August, 2018]
Gordon, L.A., Loeb, M.P., Lucyshyn, W. and Zhou, L., (2015). Externalities and the magnitude of cyber security underinvestment by private sector firms: a modification of the Gordon-Loeb model. Journal of Information Security, 6(1), p.24. Available at: https://file.scirp.org/pdf/JIS_2015010710521369.pdf [Accessed on 3rd August, 2018]
Gupta, B., Agrawal, D.P. and Yamaguchi, S. eds., (2016). Handbook of research on modern cryptographic solutions for computer and cyber security. IGI Global. Available at: https://www.researchgate.net/profile/Shashank_Gupta35/publication/303722441_Reviewing_the_Security_Features_in_Contemporary_Security_Policies_and_Models_for_Multiple_Platforms/links/574f989a08ae10b2ec05620b.pdf [Accessed on 3rd August, 2018]
Iannacone, M., Bohn, S., Nakamura, G., Gerth, J., Huffer, K., Bridges, R., Ferragut, E. and Goodall, J., (2015), April. Developing an ontology for cyber security knowledge graphs. In Proceedings of the 10th Annual Cyber and Information Security Research Conference (p. 12). ACM. Available at: https://www.researchgate.net/profile/Robert_Bridges3/publication/300525722_Developing_an_Ontology_for_Cyber_Security_Knowledge_Graphs/links/58cfe3d2a6fdccff68e31122/Developing-an-Ontology-for-Cyber-Security-Knowledge-Graphs.pdf [Accessed on 3rd August, 2018]
Joiner, K.F., (2017). How Australia can catch up to US cyber resilience by understanding that cyber survivability test and evaluation drives defense investment. Information Security Journal: A Global Perspective, 26(2), pp.74-84. Available at: https://www.tandfonline.com/doi/abs/10.1080/19393555.2017.1293198 [Accessed on 3rd August, 2018]
Knowles, W., Prince, D., Hutchison, D., Disso, J.F.P. and Jones, K., (2015). A survey of cyber security management in industrial control systems. International journal of critical infrastructure protection, 9, pp.52-80. Available at: https://daneshyari.com/article/preview/275730.pdf [Accessed on 3rd August, 2018]
Liu, Y., Sarabi, A., Zhang, J., Naghizadeh, P., Karir, M., Bailey, M. and Liu, M., (2015), August. Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents. In USENIX Security Symposium (pp. 1009-1024). Available at: https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-liu.pdf [Accessed on 3rd August, 2018]
Nab, (2018), About Us, Available at: https://www.nab.com.au/ [Accessed on 3rd August, 2018]
Riotinto, (2018), About Us, Available at: https://www.riotinto.com/ [Accessed on 3rd August, 2018]
Rodriguez, L., Curtis, D., Choudhury, S., Oler, K., Nordquist, P., Chen, P.Y. and Ray, I., (2015), October. Action Recommendation for Cyber Resilience. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (pp. 1620-1622). ACM. Available at: https://sutanay.github.io/publications/2015_acm_ccs_demo.pdf [Accessed on 3rd August, 2018]
Wesfarmers, (2018), About Us, Available at: https://www.wesfarmers.com.au/ [Accessed on 3rd August, 2018]
World Economic Forum (2017), Advancing Cyber Resilience: Principles and Tools for Boards, Available at: https://www3.weforum.org/docs/IP/2017/Adv_Cyber_Resilience_Principles-Tools.pdf [Accessed on 3rd August, 2018]
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
