Sample Research Paper on Cyber Security

Cyber Security

Introduction

Cyber security is becoming a serious challenge to business owners in the 21st century. Small businesses in particular have become the target of many hackers because they are considered the weakest links in larger supply chains. As such, small businesses are at risk of losing their data as well as jeopardizing their partners’ data too. This paper analyzes the scope of the problem, challenges small businesses are facing in terms of cyber security, and strategies they can employ to enhance their security.

 Background Information

There is a general feeling among the majority of small business owners that cybercriminals only target large corporations. A recent study conducted by Symantec, a leader in cyber security, and the National Cyber Security Alliance indicated that 77 percent of small-scale business owners ‘think’ that their businesses are safe (Kshetri 8). Amazingly, those businesses had no formal cyber security plan. According to Symantec, small businesses are at a high risk of cyberattacks, and it is essential for small business owners to realize the magnitude of this problem (Wirthman 1). Werthman (1) informs us that out of one billion cyberattacks prevented by Symantec Corporation in 2012, 40 percent of them had been directed towards small businesses. Werthman (1) contends that credit card details, intellectual property, as well as addresses and names of customers, are some of the critical aspects that cybercriminals seek from small companies.

 Challenges Facing Cyber Security

Werthman (2) further argues that access to the aforementioned aspects can translate to high cash returns to cybercriminals, and this is their driving force. Werthman (2) warns that if breached, small companies or businesses are at great risk of not only losing their data but also subjecting their partners’ data and intellectual property to exceptionally dangerous frontiers. For instance, loss of intellectual property can taint the image and reputation of large supply chain corporations, whose data was retrieved through a cyber security breach, involving its small business partner. Small businesses can expose their data to cybercriminals through various practices.

A recent report published by Trend Micro Inc indicated that most employees nowadays frequently click on links embedded in spam, forget to frequently alter their passwords, and sometimes leave their systems unattended, subjecting critical business data to serious risk (Kshetri 8). This phenomenon is further extended by the tendency of some workers to store sensitive company data on their cell phones or tablets, which can easily be accessed by cybercriminals. Heduke (3) suggests that in order to protect themselves from cyber security threats, there are several basic steps that can be employed by small business owners.

First, such companies or businesses need to identify data that must be protected by evaluating where information is stored and used. Those areas must, therefore, be protected. Secondly, small businesses must have data backup systems, map out disaster preparedness plans, and invest in reliable security solutions. In addition, small businesses should educate their employees about data safety, including the enforcement of strong password policies. Hedtke contends that by making wise investments in cyber security, small businesses not only protect critical data and save money but also tighten their bonds with their supply chain partners (5).

Cyber security significantly matters for small businesses unlike some of them think. Small businesses are likely to be targeted when compared to large corporations according to a Symantec survey. In the survey, Symantec found out that 40 percent of attackers prefer targeting organizations with less than 500 employees to those with a higher number of employees. Clancy (1) warns that attacks can taint the image of the business and sometimes this could be irreversible. Therefore, small businesses must understand this fact and work hard to install security systems. Apart from that, poor cyber security regimes can subject customers’ sensitive data to misuse by hackers and this can taint the relationship between small business owners and their customers or even lose such customers or engage in legal battles with the affected clients (Benioef and Lazowska 34).

On the other hand, Hebels (1) argues that cybercrime has become a highly rewarding criminal endeavor and cybercriminals will stop at nothing until they achieve their goal; to acquire cash rewards in exchange for stolen data or information. Initially, small businesses were not targeted because cybercriminals thought that such firms have less influential data. However, the Internet has enabled small businesses to share data with huge corporations. As a result, cybercriminals target small firms because such firms have less tight cyber protection regimes than large corporations. A report released by Entrepreneur Magazine indicated that small businesses underestimate the seriousness of cybercrime. Some small business owners hold the opinion that they are immune from cyber-attacks owing to the less complexity of their businesses. Rebels (1) warns that the faster small business owners begin to appreciate this problem, the better; this will help them prevent damage that has the likelihood of crippling their businesses. Other cybercrime experts who contend that the first step to becoming secure online begins with the appreciation of the existing problem have seconded Hebel’s sentiments (Benioef and Lazowska 34).

 Cyber Security Strategies for Small Businesses

According to the Federal Communications Commission (FCC) (3), information technology and broadband are critical factors that assist small businesses to reach new markets as well as enhance productivity and efficiency. Federal Communications Commission (FCC) indicates that there is a need for such small businesses to design decent cyber security strategies that will boost the protection of those businesses, reputation, data, and their customers (Saadawi and Jordan 23). The Federal Communications Commission has suggested three decent strategies that can be employed by small business owners in the enhancement of cyber security of their businesses. First, the Federal Communications Commission recommends that small business owners should train their employees on matters pertaining to cyber security. This involves the establishment of basic security practices that will boost the protection of vital business information. These should be communicated to the employees on a regular basis. In addition, this entails synthesizing rules of behavior that define the manner in which employees are supposed to handle and protect customer information, as well as other critical data. This should be boosted by the enforcement of severe penalties to those who do not comply with the set standards (Saadawi and Jordan 23).

Secondly, the Federal Communications Commission recommends that small businesses must protect their computer infrastructure and information from malicious codes, viruses, and spyware (Saadawi and Jordan 23). However, how can this goal be achieved? The Federal Communications Commission suggests that small businesses must install anti-spy and antivirus software on all computers and this software must be updated on a regular basis. Presently, many reputable vendors online provide such software. Such vendors also offer subscriptions to security service applications. These applications provide additional layers of protection. In order to have the latest versions of those applications, there is a pressing need to set automatic updates so that these applications are updated automatically at a specific time, especially when the usage of the computer in question is low. In addition, it is important to set automatic scans to follow automatic updates. Such strategies help businesses to have the latest versions of cyber security applications and detect possible threats in advance (Saadawi and Jordan 23).

Thirdly, The Federal Communications Commission indicates that small businesses must provide firewall protection for their internet connection. According to The Federal Communications Commission, a firewall refers to a set of programs that limit the access of outsiders’ access to data on a private network (Powner 25). Just like ant-spyware and ant-viruses, the firewall is readily available online from numerous vendors. Precaution should be taken if employees have the freedom to work from their home computers. The business owner must ensure that employees’ home computers also have firewall protection. Fourth, the Federal Communications Commission recommends that small business owners must ensure that they download and install software updates for their operating systems as well as applications whenever such updates become available. A majority of online security vendors patches and update their products on a regular basis to improve functionality or correct security challenges. The information technology infrastructure of small businesses must be configured so that such updates are installed automatically.

 Cyber Security: Research Priorities (The Wider Picture)

According to Benioff and Lazowska (4), there are several priority areas that must be addressed in order to enhance cyber security, which will have positive ramifications on small businesses.

Mitigation and Recovery Methodologies

Benioff and Lazowska (4) argue that secure systems must be designed in such a manner that they rapidly respond to events and attacks, as well as recover from resultant damage. This is considerably challenging when large and complex systems, such as the Internet have been put into account. However, this should not be a scapegoat because systems that are more reliable have been developed in extraordinary complex systems, such as the space shuttle. Benioff and Lazowska (4) argue that no comparable effort has been invested in developing methods to enhance the reliability of the Internet and critical computer systems in the face of attacks. Benioff and Lazowska (4) hold the opinion that there is a need to engineer new systems that enable rapid recovery from outrages and attacks.

Monitoring and Detection

Benioff and Lazowska (4) contend that in spite of success in preceding research areas, the occurrence of unanticipated events cannot be completely ruled out. There is a need to have up-to-date tools that monitor and evaluate the strategies needed in the event of uncertainties. The ability of the current tools to monitor irregular network activity and comprehensively address the underlying cause is somewhat primitive. As the use of the Internet continues to grow and become more complex, the current advantages that adversaries enjoy are likely to increase as well as become more knowledgeable. Therefore, there is a need for the development of usable presentation interfaces that allow operators to better understand incidents in progress, as well as offer real-time data collection storage, mining, and analysis during a crisis (Powner 26). Such interfaces or models should be able to operate on the global stage, characterize normal from unusual behaviors, and meet set security standards. In addition, such models must be able to provide dynamic reactions when attacks are detected, possibly by enhancing monitoring activities (Powner 27).

Relevance of the topic/area of study

In conclusion, of this research topic, cyber security is becoming a serious challenge to business owners in the 21st century. Small businesses in particular, have become the target of many hackers because they are considered the weak links in larger supply chains. Cyber security significantly matters for small businesses unlike some of them think. Experts inform us that small businesses are likely to be targeted when compared to large corporations, and this has been seconded by a survey conducted by Symantec (Powner 27).

Experts point out that it is necessary for small business owners to address vulnerabilities both on the human side and the technical side of the cyber security equation. Experts suggest that on the technical side of the cyber security equation, small businesses must employ a varied list of technologies, such as PBX, VoIP systems, backup and storage areas, telephones, off the shelf applications, custom applications, routers, remote access, firewalls, databases, email servers, and web servers. On the human side, small businesses ought to secure their infrastructure, connections to business and corporate partners, and employees’ accesses and permissions. These practices are just the basics and there is a need to monitor and update those practices on a regular basis.

Furthermore, experts warn that the attacks can taint the image of the business, and sometimes this could be irreversible. Therefore, small businesses must understand this fact and work hard to install security systems. Apart from that, poor cyber security regimes can subject customers’ sensitive data to misuse by hackers and this can taint the relationship between small business owners and their customers or even lose such customers or engage in legal battles with the affected clients.

In addition, studies from leading cyber security providers have indicated that small businesses are at a high risk of cyberattacks, and it is essential for small business owners to realize the magnitude of this problem. Experts inform us that out of one billion cyberattacks prevented by Symantec Corporation in 2012, 40 percent of them had been directed towards small businesses. Furthermore, they contend that credit card details, intellectual property, as well as addresses and names of customers, are some of the critical aspects that cybercriminals seek from small companies. In addition, experts argue that access to the aforementioned aspects can translate into high cash returns to cybercriminals, and this is their driving force.

In addition, experts contend that by making wise investments in cyber security, small businesses not only protect critical data and save money but also tighten their bonds with their supply chain partners. To sum up, cyber-attacks can taint the image of the business, and sometimes this could be irreversible. Cyber security significantly matters for small businesses unlike some of them think. Therefore, small businesses must understand these facts and work hard to install the security system

Works Cited

Benioff, Raul and Lazowska, Diane. ‘Cyber Security: A Crisis of Prioritization: Report to the   President by the President’s Information Technology Advisory Committee’. New York:         Diane, 3 Jan. 2000. Web. 30 Mar. 2014.

Clancy, Heather. “Small Business Matters.” ZDNet. 19 Sept. 2009. Web. 30 Mar. 2014. <http://www.zdnet.com/blog/small-business-matters/>.

Hebels, Justin . “Cybercrime strikes small businesses.” Community Activity. 20 Nov. 2001. Web. 30 Mar. 2014. <https://community.thawte.com/articles/cybercrime-strikes-small-businesses>.

Heduke, Gail. Small Business: An Entrepreneur’s Business Plan. Stamford: Cengage Learning,         2013. Print.

Kshetri, Nir. Cybercrime and Cybersecurity in the Global South. New York: Palgrave McMillan,       2013. Print.

Powner, David. Critical Infrastructure Protection: Department of Homeland Security Faces   Challenges in Fulfilling Cybersecurity Responsibilities. Darby: DIANE, 2005. Print.

Saadawi, Tarek and Jordan, Louis. Cyber Infrastructure Protection. Pennsylvania: Strategic          Studies Institute, 2011. Print.

Wirthman, Lisa. “Small Business Tips To Beef Up Your Cyber Security.” Forbes. Forbes Magazine, 8 Apr. 2013. Web. 30 Mar. 2014. <http://www.forbes.com/sites/ups/2013/04/08/small-business-tips-to-beef-up-your-cyber-security/>.