Cybersecurity has changed from a technology issue to a business issue. Gone are the days when companies could dedicate the entire responsibility of securing their system to the IT department. As businesses digitize and become more connected, challenges of cyber attacks emerge. A networked environment, for example, exposes the entire network to potential threats if security is not managed appropriately. A vulnerable network exposes an organization to potential attacks which can affect the integrity and availability of the data and information. Businesses no longer question if they will be attacked but when they will be under a threat and how best they will respond. It is at this point that cybersecurity is becoming an integral part not only of profit-making organizations but to government agencies and other not for profit organizations. The purpose of this paper is to examine cybersecurity as a management information system issue from a perspective of other and how it can affect the entire organization. The paper will examine the subheadings of why cyber security, need for cyber security, dangers from cyber attacks and networked environment from the perspective of others from reliable sources including peer review articles and reputable media outlets.
Why Cyber Security
The digitization of today's society implies that people are increasingly dependent on a functional and stable cyberspace. Majority of daily activities including public and private services, information flows and commerce heavily rely on communication lines, an efficient internet, and space and geopositioning. High dependency on information communication technology makes governments, societies, companies and individual vulnerable to potential threats which can lead to malfunctions, shutdowns, disruptions, sabotage and criminal exploitation. The vulnerability is further worsened by weaknesses in the core functions of the cyberspace. Most of the systems were built to be accessible thus security and safety were not priority areas (Friis & Ringsmose, 2016).
Delegate your assignment to our experts and they will do the rest.
Cybersecurity otherwise known as information technology security is the approach of protecting computer networks data and programs from unauthorized access. It covers three critical areas that include application security, network security, information security and disaster recovery. Cybersecurity reduces cyber attacks while protecting organizations as well as individuals from unauthorized exploitations of the technologies, systems, and networks. It ensures that there are no disruptions that can cause monetary loss or even damage to the reputation. It also ensures that the assets of an entity are intact and there are no legal issues which might result from cyber attacks (Valeriano & Maness, 2015).
Need for Cyber Security
According to Campbell (2017) as enterprises move towards digitization, the type and number of devices that require enhanced security increases. The author further notes that new technologies like artificial intelligence and also machine learning enhance the vulnerability of the system by providing the attackers with enhanced tools that can be used to launch an attack. The article further states that recent security breaches affecting over 200,000 computers around 150 countries and costing millions in losses are a clear indication that cybersecurity affects the entire organization and not just the IT department. Businesses lose heavily to industrial espionage, theft in the cyberspace and blackmail similarly, countries loose sensitive data and their national security values. Companies and states are investing heavily in cybersecurity with the main focus being the protection of the most vulnerable information from potential attacks and the resilience of the company. Cybersecurity can also be a challenge to the national security especially if it used to attack the critical infrastructure which can result to a complete shutdown of facilities like water and electricity supply, airports, cities, and stock exchanges (Friis & Ringsmose, 2016).
Dangers of Cyber Attacks
Cyber attacks pose substantial threats to the continuity of a business especially if potential attackers access its confidential information or cause financial losses that run into millions of dollars. It is from this angle that the Security and Exchange Commission recently issued a directive on how companies should manage cybersecurity threats. According to the SEC, companies need to have disclosure controls as well as procedures that provide appropriate methods for discerning the impact of an attack on the financial and operating results. Companies are also required to disclose potential risks and incidences that pose a threat to the investors including consequences on their commercial, legal and reputation. From the SEC perspective, it is evident that an attack on the company poses serious issues including financial, legal and reputational which has forced companies not to report any form of attacks for fear of the consequences that such announcement will have. It is difficult for businesses or government agencies to discover an attack as attackers use sophisticated techniques that make it difficult to detect their act. It is therefore difficult to discover the scope of an attack immediately. Once companies are aware of an attack, they can engage in insider trading which can further weaken their stocks (Henning, 2018).
According to Perlroth & Sanger (2018), the U.S. accused Russia of Engineering a series of cyber attacks that targeted nuclear power plants and water and electricity systems. Such an attack could have shut power plants at the will of the attacker. The attack shows the ability of a cyber attack to disrupt operations of the critical infrastructure if there was a conflict. According to the Department of Homeland security, Russian hackers accessed machines that allow control of the critical power plants that had not been identified. The attackers, however, did not switch off the computer system that controls the network. According to screenshots from the Department of Homeland Security, the hackers had the ability to manipulate or even shut down the power plants. Despite accessing the control systems of critical infrastructure and corporations, the attackers seemed to be more interested in learning how the facilities operate and also identify potential weaknesses that would allow them to access the system. Attacks have moved from intelligence gathering to sabotaging and shutting down plant operations.
Cyber Security in a Networked Environment
All organizations connected through the internet are at a risk of a potential attack. Majority of such attacks are indiscriminate and automated and exploit known vulnerabilities in an organization. The computer network f an organization needs to be protected from cyber attacks as they can cripple the operations of the entire organization. The ability to access the servers and databases makes network security a critical issue as any form of attack can affect the availability and credibility of the information. The computer servers create an opportunity for the attackers to control the computer operations of an organization leading to loss of information and financial losses. Attackers can interfere with the entire organization by manipulating its database to achieve a desired goal. Attackers can also manipulate the data to generate reports that can be used against the company. Such data can be sold to competitors which will affect the competitive advantage of an organization (Valeriano & Maness, 2015).
Conclusion
Cybersecurity is emerging to be an essential issue in information technology as companies try to reduce data breaches that emerge from cyber attacks. Digitization and the internet have opened new opportunities for organizations and government entities while creating a fertile ground for attacks which have caused companies millions. Attackers not only cause financial losses but also contribute to legal and integrity issues. A cyber attack has the ability to cripple the operations of an organization including a complete shutdown of the critical infrastructure of a country. It is at this point that governments and organizations are trying to implement security measures that will protect them against any form of attack in addition to ensuring the resilience of the entity in case of an attack.
References
Campbell, N. (2017). Cyber Security is a Business Risk, Not Just an IT Problem . Forbes.com . Retrieved 17 April 2018, from https://www.forbes.com/sites/edelmantechnology/2017/10/11/cyber-security-is-a-business-risk-not-just-an-it-problem/#7e8576617832. Campbell is a director of security solutions at Telstra a telecommunication and media company that builds and operates telecommunication networks. He is responsible for the strategy of the company across the world. He has over 30 years in cyber security and leads a team of specialists including security consultants. His article appeared in Forbes magazine a reputable global media company that focuses on business, investment, technology lifestyle and commands market leadership.
Friis, K., & Ringsmose, J. (2016). Conflict in Cyber Space: Theoretical, Strategic and Legal Respective . Florence: Taylor and Francis. Karsten Friis is the head of ssecurity and defence research group at the Norwegian Institute of international affairs. Jens Ringsmoses is a security expert and writer who has contributed substantially to the different organizations including the Danish Defence college. The source provides some of the latest trends in cyber security. It is a valuable textbook that not only offer expert advice but a cutting edge evaluation of the best practices to overcome the challenges posed by the issue.
Ebert, H., & Maurer, T. (2013). Contested Cyberspace and Rising Powers. Third World Quarterly , 34 (6), 1054-1074. http://dx.doi.org/10.1080/01436597.2013.802502. Dr Hannes Ebert and Tim Maurer are renowned authors having published great articles on computer security. This source provides an insight of the changing computing environment and how security is taking a center stage in different organizations. The contribution of the source are not only relevant to the topic under discussion but also compares different literatures to obtain an clear understanding of the issues.
Henning, P. (2018). S.E.C.’s New Cybersecurity Guidance Won’t Spur More Disclosures . Nytimes.com . Retrieved 17 April 2018, from https://www.nytimes.com/2018/03/05/business/dealbook/sec-guidance-cybersecurity.html. Peter J. Henning is a professor of law at Wayne University Detroit where he teaches law, criminal procedures, professional responsibility and corporate/security law. His article appeared in the New York Times an American Newspaper that has worldwide influence and readership. The article provides up to date information on current issues concerning Cyber security.
Perlroth, N. & Sanger, N. (2018). Cyber attacks Put Russian Fingers on the Switch at Power Plants, U.S. Says . Nytimes.com . Retrieved 17 April 2018, from https://www.nytimes.com/2018/03/15/us/politics/russia-cyberattacks.html?rref=collection%2Fbyline%2Fnicole-perlroth&action=click&contentCollection=undefined®ion=stream&module=stream_unit&version=latest&contentPlacement=7&pgtype=collection. David Sanger is a National Security correspondent for the newspaper and a senior writer. He is also an author of best selling articles and received many awards for his coverage on national security policy and the presidency. He teaches national policy security at the Harvard University. His article appeared in the New York Times an American Newspaper that has worldwide influence and readership
Valeriano, B., & Maness, R. (2015). Cyberwar versus cyber realities . Oxford: Oxford University Press.