According to DC. Latham an Assistant Secretary of DCCCI, “Over the past decade there has been an incredible growth in the amount of classified information stored in computers” (Warner, M., 2012). This data is stored in cyberspace which constitutes of many optic wires, routers, servers, and computers which are interconnected (Purpura, P., 2007). With the start of the 21st century, many technological developments and improvements in the workplace as taken place but challenges and issues are inevitable (F. Mohammadi et, al. 2014). These technical problems are not new in this area, a first disaster occurred in 1988 which made thousands of computers crash and created disruptions in many software. Minor loopholes can cause major damage which directly or indirectly impacts companies’ performance and customers’ trustworthiness (DeNardis, L., 2007). These threats to the security of data lead to a new term called “Cyber Crime”. In a brief sense, Cybercrime means the mishandling of data. The most frequent threats are thefts, child pornography, cyber terrorism, and diffusion of malware (de Leeuw, K.M.M. and Bergstra, J. eds., 2007).
Literature analysis
In all businesses, data plays a very crucial role and if this data breaches it can cause fatal damage to the companies. The world has witnessed, the UK suffered 93% of data loss in large organizations and 87% of data loss in small and micro-enterprises. About 40 million credit card numbers and 70 million addresses, contact details, and other personal information of customers were disclosed in the USA. The expertise suggests by analyzing these incidents and giving a theory that, security management should be divided into two contexts, i.e. Technical and Managerial. The technical aspect cannot be fulfilled without the support of the managerial part while managers alone cannot guard the whole information system. Management must take care of software and hardware installations, security rules and regulation, organizing awareness campaigns, internal control, and data decisions. These activities control the different ways of data loss both internally and externally. Humans have a critical role in protecting information. Most of the scenarios of data loss are partly due to the blunders of employees. One of the many ways in which data loss can occur internally is the stealing of data for malicious intentions by the employee of the organization. Management controls this type of threat by implementing mandatory participation of employees in these awareness and training programs. The threat to information security also impacts the lifecycle of a business. The top-level employees or board of directors should implement the protection of data in the business strategies. Social media is also part of the insider threat to information security. As social media benefits us with unlimited information sharing and anytime and anywhere accessible options, but it rifts the trust of organizations in data protection (Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016).
Save your time!
We can take care of your essay
- Proper editing and formatting
- Free revision, title page, and bibliography
- Flexible prices and money-back guarantee
Place an order
The different types of threats that cybercriminals can cause on a company’s system are Malware, Trojan Horse, and Vishing. These threats can be commonly defined as online fraud and hacking of systems. Cybercriminals use social and emotional techniques rather than technical tricks to deceive people. They send emails that contain malware in the form of attachments or hyperlinks, or they misguide public attention by fake website names such as Paypal and Paypal, where people may add their personal information, and this information is misused by fake website hosts (Shaikh, A.N., es, A.M. and Hossain, M.A., 2016).
Current Practice Section
According to Karen A. Frenkel, ransomware is the biggest threat to an unpredictable situation where companies are unprepared to deal with the attack. Ransomware is the cheapest and very convenient way for cybercriminals to hack data and earn huge profits. The numbers say that almost the worth of 5 billion-dollar in damages were caused by ransomware in 2017. The author says in a different article that, big companies or large organizations are fighting this situation by giving their employees adequate training and defining the future causes of problems to their employees instead of enforcing strict policies. The author also notes a positive point on these attacks, these cybercrimes are inspiring companies to strengthen their cyber data and create a strong defense system. Companies have shifted their way to tackling the problem, in the past organizations used to spend huge investments in solving the problem, but in today's world, these businesses are investing large amounts of investments in protecting the data and selecting the precise security tool.
The European Union has initiated General Data Protection Regulation (GDPR) which states that companies even which are not located physically in Europe but deal with European customers, must protect their personal information, appoint a data protection officer and follow specific guidelines while communicating with them (Samuel Greengard., 2017).
Internet is secured by country laws and enforcements, defensive products, and international co-operations and regulation. (Tonge, A.M., Kasture, S.S. and Chaudhari, S.R., 2013).
Conclusion
In a nutshell, the information security safeguard can be controlled by the integration of technical and managerial. When both technical and non-technical departments are in line and adopt a comprehensive approach to include whole business management then information can be safeguarded.