Privacy, Security, Hacks, and Leaks

by
  • Some of our potential threats are:
    • Loss or theft of equipment or data: IT equipment stolen or lost and used to make money or access systems.
    • Social engineering: A way for criminals to trick people into giving info or installing some Malware onto our devices.
    • Malware: a type of software that can steal our info or ruin a system so it can’t work. Viruses and Ransomware are common examples.
    • Ransomware: a type of malware that criminals could use to lock our data, forcing us to pay them a ransom.
    • Supply Chain Attacks: When criminals target their vendors and suppliers to target our organizations system.

https://405d.hhs.gov/Documents/405d-infographic-10practices.pdf

https://fortifydata.com/blog/what-are-the-5-main-threats-to-cybersecurity/

The Top 5 Cybersecurity Threats and How to Defend Against Them (isaca.org)

  • Identify at least 5 digital processes, systems, and/or functions your company has in place. Importantly, address how could those be exploited or manipulated in order to gain access to valuable corporate or customer data?
    • Our Company has A bank account that sends money to the workers: Can be exploited by some workers to as the bank to get account info out of them.
    • Has an online store: They could change somethings like where the money is sent to, or they could put in ransomware making the company not able to access it.
    • Has a supplier: If they are not a secure supplier, they could be hacked, this could lead into getting into our system when we refill our stock.
    • Has employees: it’s possible some might not know how to stay safe from some things and might install malware accidentally, or might think a bank is calling when in actuality, they might be calling a criminal trying to destroy or damage the organization
    • Has 3 separate buildings: could potentially break in and steal some equipment. Or could potentially lose equipment.

 

  • As the chief technology executive, make 5 recommendations that your company should adopt to be more safe, secure, and reliable. Again, consider hardware, software, networks, and human policies and procedures. (e.g., appropriate use policy on corporate computers; firewall; SSL/web encryption; backup/retention
    • Have meeting every month to learn what social engineering is and how to prevent malware or something from ruining things
    • Make sure to check if suppliers are secure
    • Add a firewall to prevent things like malware interfering with our website.
    • Give access to a few trustworthy employees as a backup to get into the website if there are issues with ransomware. Make sure doors are locked before leaving so no devices are taken. Make sure to not have any important info when your out and about.
    • Make sure to sign off all devices before leaving or closing.

Leave a Reply

Your email address will not be published. Required fields are marked *