Cybersecurity for Corporations

Cybersecurity management is the steps that an entity takes to secure the information sent, received and stored in the various computer systems and networks that they use. Cybersecurity is important for any organization that relies on the use of computer systems for its operations and data processing. Most organizations rely on the use of computer systems due to the advancement in technology that allows for faster, accurate, and efficient data processing. Knitter (2012) shows that most governments, businesses, hospitals, learning institutions, the military process data that may be sensitive in nature and therefore, the need to secure this data from malicious individuals. 

Corporations such as the Union Pacific rely on complex computers for data processing and networking, as they try to automate their processes to increase transport efficiency. The railroad utility company relies on automated systems to seamlessly coordinate trains from different stations and ensure that they arrive and depart at designated times. The corporation also ensures that the ticket management system works efficiently together with ensuring that all the necessary maintenance checks are performed on the trains, tracks, and systems. With the increased reliance on automated processes, companies place their data at the risk of attack from hackers. How can corporations secure their computer and network infrastructures from attacks by hackers?

Current and emerging threats in the cyber world.

The current threats that many corporations face from cyber-attacks include continued use of outdated systems and lack of maintenance of the current one. It allows attackers to exploit for known weaknesses in the systems, granting them easy access to the network infrastructure of the organization. It is important for an organization’s IT team to ensure that the systems are updated regularly. That security checks from breaches or loss of data integrity are also performed regularly. Another major issue currently putting many corporations at risk of cyber attacks is the continued use of common enterprise networks as part of their system.

Enterprise network offers a ready-made solution to corporations that relieves the burden of setting up a network from scratch. The problem with enterprise networks is that they become common and attackers sped time to find out their weaknesses due to their widespread use. Once hackers figure out a weakness, they can then exploit the network, holding several companies’ hostage at a go. Other common threats that are currently ongoing include phishing, where attackers send targeted messages to lure victims into installing malware. Ransomware attacks, these involve attacks that manipulate and take control of the target’s systems, allowing the attackers to ask for ransom.

Emerging issues related to cybersecurity threats include; cryptojacking. This is where attackers invade a computer system installing programs that mine for cryptocurrency. Mining for cryptocurrency coins require a lot of processing power; therefore, the attacker manipulates other people’s computer to mine cryptocurrency in the background. It potentially causes performance issues for the user, as explained by Austin (2018). Business entities face the potential of having downtime due to frequent computer malfunctions. Cyber-Physical attacks are also becoming increasingly common; these are attacks that are targeted on public utilities meant to slow or stop their operations.

Utilities such as hospitals, electric transmission companies, public transport systems, among others are the main targets of these types of attacks. Such attacks have serious repercussions such as fatalities, business losses, destruction of public amenities, among others (Bruni, 2019). Another emerging trend in cybersecurity is state-funded attacks. These are cyber-attacks that are funded by governments to attack other governments or even businesses in the private sector. These kinds of attacks are most of the time aimed at critical setups that are the public depends on. Companies and governments are also at risk of attacks by cybercriminal through the partners, vendors and other third-party organizations that they operate with. As organizations increasingly beef up their cybersecurity, attackers have also developed more complex methods to infiltrate security systems. Even if the whole organization is beefed up on security, all it takes for an attacker to bypass the measures is just one weak link. The weak link that most attackers currently exploit is the third parties an organization deals with. 

Legal and ethical issues related to cybersecurity management.

Several legal and ethical issue exists while considering to put in place cybersecurity management measures. Legal issues that may arise include; getting data from networks for analysis. Obtaining network data is a breach of communication privacy laws. While this may help a cybersecurity team identify potential threats quicker, scanning and collecting information from a network without the proper permissions is against the law. Bruni (2019), explains that laws such as the Wiretap Act, Pen Register/Trap and Trace statute, and the Stored Communications Act are in place to prevent the collection of information from networks. There are also serious legal repercussions when it comes to analyzing software that is in use for potential threats. Laws such as the Digital Millennium Copyright Act (DMCA) and the contract law prevent the reverse engineering of software or manipulating controls systems. Some of the ethical issue related to cybersecurity include respect to privacy. 

While collecting information from a network, the users of the network have a right to their privacy. Collecting information from the network may lead to sensitive information about the users being leaked. Another ethical issue related to cybersecurity management is whether an individual is obligated to inform the public of a software’s weaknesses and the amount of information to make public about the same. It is because this type of information is sensitive and have serious consequences for everyone using the software.

Basic Cybersecurity strategies for Corporations

Ensuring that all systems operate as required is important as well as ensuring that they remain protected from attacks.

1. The first step in improving cybersecurity is to take inventory and conduct a diagnostic check on all systems and identify issues that need immediate attention.
2. The second step will involve getting rid of all obsolete and out of date systems and machine, replacing them with current standards models.
3. The third step will be reviewing the corporation’s network infrastructure, ensuring that all firewalls and security protocols are activated while at the same time, adding more security features.
4. The fourth step is planning for a maintenance check on the security infrastructure, together with the other systems.

Strategies and policies for managers.

Human personnel form an important factor when considering cybersecurity measure for any organization. Mangers need to consider the following measures to help prevent data breaches. Managers can ensure that employees that use the company network have antivirus software installed in their devices such as smartphones, laptops, and desktop computers. Austin (2018) shows it is also important that the employees do not install any foreign software or open links from unknown people without first consulting the IT department. It is also necessary for the IT managers and other managers to conduct regular sessions on cybersecurity.

References

1. Austin, G. (2018). Corporate cybersecurity. Cybersecurity in China, 65-79. https://doi.org/10.1007/978-3-319-68436-9_4

This article explores the different features and problems that corporations face as a result of cybersecurity and how to manage them.

2. Bruni, A. (2019). Promoting coherence in the EU cybersecurity strategy. Security and Law, 253-276. https://doi.org/10.1017/9781780688909.011

The article explores the different frameworks that surround cybersecurity, their legal and ethical implications.

3. Knitter, K. T. (2012). Assessment of U.S. cybersecurity management. https://doi.org/10.21236/ada561657

The study assess the situation of the risks that major corporations and institutions face due to the rise in cybersecurity attacks in the US.