Cyber criminals and security
Cyber criminals and security

Cyber criminals and security

Available Only on StudyHippo
  • Pages: 3 (1282 words)
  • Published: November 20, 2021
Text preview


Cybersecurity refers to a collection of technologies, practices and processes designed for the sole purpose of protecting computer, programs, networks and data against damage attacks or from any kind of unauthorized attacks (Von Solms & Van Niekerk, 2013). Generally, in the IT sector the word security refers to cybersecurity. To understand cybersecurity, one should first understand the meaning of cyberrisk which refers to a group of risks which are different in terms of attack vector, technology or means. This is because they have two common characteristic thus are collectively addressed as a group. The cyberrisks have potential of great impact and can also be considered improbable (Von Solms & Van Niekerk, 2013).


Cybersecurity standards have been in existence for quite a long time as users at both domestic and international forum levels have collaborated to effect policies, practices and capabilities (McCarthy et al, 2014). Several tasks have been done by use of computers thus the need for security and Information Assurance (AI). A body by the name “ETSI Cy


ber Security Technical Committee (TC CYBER)” has been behind the standardization of cyber security internationally and acts as the centre for the relevant for popular expertise. It works closely with relevant stockholder for the purpose of developing appropriate standards to increase security and privacy for both organizations and citizens in Europe. The committee looks particularly at the devices, infrastructures, protocols and services alongside security techniques and tools to ensure a tight security.

According to McCarthy et al (2014), there are five main elements of cybersecurity namely; application security, network security, information security, disaster recovery or business continuity planning and End-user education. The quick and evolving nature of security risks remains the most problematic cybersecurity element. Advisory organizations have been promoting more adaptive and proactive approach to deal with current cyberrisks .for instance, the National Institute of Standard organizations (NIST) recently issued a guideline in risk assessment framework recommending a shift towards real-time assessment and continuous monitoring.

Majority corporate leaders now understand the importance to combat rising cyber threats since cybersecurity has been challenge for organizations and businesses at different levels. The organizations ought to implement strong cyber defense systems to ensure that they are secure and safe from any external attacks. They cannot afford to neglect this since it is essential and failure to implement it can lead to occurrence of huge losses in their operations. Cyber criminals do not discriminate both small and big data leaks thus small, medium and large-sized businesses should not assume to implement robust cybersecurity measures (McCarthy et al, 2014). In case of any doubt in ensuring security and safety against rapid and accumulating threats, the organizations should do anything as a measure to protect their computer information and intelligence. This wills at least guarantee them of being in the safe side if any threat occurs unexpectedly


View entire sample
Join StudyHippo to see entire essay
View entire sample
Join StudyHippo to see entire essay

and tips that a business can take to ensure cybersecurity

All companies should make cybersecurity their first priority since it is of great importance in their prosperity in operation. Some of the measures and strategies for the companies to take include;

Development of formal security plan

Developing a formal plan of security outlines specific steps that the organization can take in mitigating cyber threats (Knapp & Koelemij, 2015). This also acts as a way to prepare on how to respond to in event of security breach or digital disruption. The companies should also ensure that the security policies and practices within their organization are placed and adhered to not only by employees , but also any service provide and suppliers in their network. This is because all security breaches are not planned or aggressive; some can happen as simple mistakes.

Protection of all computer network and appliances

Rapid proliferation and mobile workforce in digital devices is becoming mobile thus making it necessary that the businesses should ensure they have password protected and safeguarded connectivity channels with encryption. They should install antispyware and antivirus software and ensure that they are updated regularly for the security of their networks. Firewalls should also be set up for prevention of access to private networks by the outside parties. All Service Set Identifier or SSID and Wi-Fi networks should remain secured and hidden since not every security breach is external but can be triggered by internal sources (Wang & Lu, 2013).

Defending against internal and internal threats

Not all data leaks and security breaches are incidents of outside sources as most of the peoples think when such security threats are mentioned. They are not all pre-planned or aggressive but also some of them simply occur as a mistake which is usually intern (Wang & Lu, 2013). A high percentage is caused by workers within the companies and this can be prevented through creating cybersecurity awareness. Disgruntled employees are also a threat thus workers leaving an organization anytime should not have access to sensitive materials or pertinent information.

Focusing on hiring the right skills

There have been various suggestions on the ways that businesses can help to bridge the talent gap among their worker; as a result of this several suggestions have been highlighted to cater for the issue. Such include; eliminate hiring biased employees to create a diverse workforce, provide cybersecurity training and experience and consider the entry-level of the candidates rather than to expect applicant to have all that. The small businesses should focus to bridge the IT gap in the talents of the employees through cybersecurity training programs (Bayuk et al, 2012).

Investing in cybersecurity education and training

Increasing the accessibility of employees to cybersecurity education can be used to fill the IT gap that exists in companies. Due to the evolution of internet of things and continuous integration of digital devices and processes in daily processes and operations, the issue of computer security and information security should now be extended to the employees and seize to be only an emphasis on the IT staff (Bayuk et al, 2012). All employees at every field should get training and experience

View entire sample
Join StudyHippo to see entire essay