Midterm Research Project

  1. Know your enemy: As of Summer 2020, what are 5 sources/types of potential digital threats to your organization. Examples include external malicious actors or internal human error. Provide a thorough description and examples; be specific.

    1. Cyber Terrorists

      1. Cyber Terrorists are a modern mutation of a widespread global problem that has plagued most countries for decades. These threat actors are usually focused on disrupting critical services and causing harm.
      2. Chief Goal: Cause harm and destruction to further their cause.
      3. Typical Targets: Cyber terrorists can target businesses, state machinery, and critical services that would cause the most harm, disruption, and destruction.

    2. Insiders

      1. Sometimes, you don’t need to look far to find infiltrators. Some threat actors can go as far as infiltrating your workforce themselves or turning an insider towards their cause/goal. Insiders are a particularly nasty threat to any organization’s cybersecurity because of the amount of access they’d have when working from within.
      2. Chief Goal: Work from within an organization to get around its cybersecurity framework.
      3. Typical Targets: Not limited to any specific type of organization.

    3. Script Kiddies

      1. Some attackers aren’t skilled/advanced enough to design penetration tools on their own. Script Kiddies use tools developed by other attackers to penetrate a network or system.
      2. Chief Goal: Attack computer systems and networks, vandalize, and inflict as much damage as possible.
      3. Typical Targets: Easy-to-penetrate systems, which are vulnerable to widely-known threats.

    4. Government-Sponsored/State-Sponsored Actors

      1. These threat actors are funded, directed, or sponsored by nations. They’ve been known to steal and exfiltrate intellectual property, sensitive information, and even funds to further their nation’s espionage causes.
      2. Chief Goal: Espionage, theft, or any other activity that furthers the interests of a particular nation/group of nations.
      3. Typical Targets: Businesses and Government-run Organizations.

    5. Internal User Errors

      1. Not all threat actors are malicious. But the damage they do cause can be quite extensive. Even simple user errors can end in catastrophe because of their elevated permissions within an organization’s systems and networks.
      2. Chief Goal: Not malicious, often inadvertent.
      3. Typical Targets: Can affect any organization, however secure.
  2. Know yourself: Identify at least 5 digital processes, systems, and/or functions your company has in place. Importantly, address how could those be exploited or manipulated in order to gain access to valuable corporate or customer data?
    1. Secure your hardware: 
      1. You can do this by ensuring you don’t overlook safeguarding your hardware. You can ensure that each company device is secured with a complicated password and share the password with only the user. Make sure that the user memorizes the password, rather than writing it down where someone else can access it. You can also install software to help recover devices if they are lost or stolen. You should also encrypt and back up all company data.
      2. These could be exploited if an employee shares their password even by mistake, if the software is not up to date, or if company devices are lost and not reported.
    2. Invest in cybersecurity insurance
      1. You can do this by seeking a specialist in cyber security to help you find which insurance would be best for your company. This insurance could help the company to not have as much of a financial loss in the case of a data breach.
      2. This could be exploited if the wrong insurance is used and the company still loses a large amount of money because they didn’t have enough coverage.
    3. Create a security focused workplace culture:
      1. This can be done by educating all employees on the danger of cyber attacks and how they can be prevented. These dangers include unsecured networks. You could teach the employees to not share passwords for anything. You could also restrict network admin rights in order to prevent any internal hacking.
      2. A downfall of this is of course, you can’t really believe that everyone will listen to all of the rules set up to prevent these attacks and so eventually someone will slip up.
    4. Encrypt and backup data
      1. This is effective because even if the hacker gains access to your data, it will be rendered useless with the encryption. This is “the most efficient fix” for data breaches. You must ensure that all software is up to date on all devices.
      2. This could be exploited if someone with in the company is the one attacking due to the fact that their device would use the encryption the company does and therefore would have access to any data breached.
    5. Use robust antimalware and firewall software
      1. One of the most common forms of cyber attacks is malware infections. This includes ransomware, which is one of the biggest threats to small businesses. You have to invest in software that targets these kinds of attacks since most software isn’t able to detect the malware until it is too late to save the data. You should also have a strong firewall in order to prevent the malware and ransomware from even entering your systems. You also need to keep these up to date since the updates mirror the latest threats.
      2. This could be exploited if your antimalware and/or firewall are not strong enough to prevent the attacks, be it because of the software itself or the failure to update it as needed.
  3. Develop your strategy: As the chief technology executive, make 5 recommendations that your company should adopt to be more safe, secure, and reliable. Again, consider hardware, software, networks, and human policies and procedures. (e.g., appropriate use policy on corporate computers; firewall; SSL/web encryption; backup/retention)
    1. No password sharing
    2. Only use the devices issued to you for work. (no personal devices for work related tasks and no personal use of company devices.)
    3. We will have a strong firewall that will be checked for updates daily.
    4. If you are taking a company device home, it needs to have an updated tracking program and be signed out and back in the next morning. When the device is brought back in, it will be ran for viruses and such.
    5. We would also have cyber security insurance to protect the company and its employees from the damage an attack can cause financially.

 

 

 

 

sources:

https://www.redlegg.com/blog/cyber-threat-actor-types

https://www.entrepreneur.com/article/316886#:~:text=In%20reality%2C%20there%20are%20just,invest%20in%20cyber%20security%20insurance.