Know your enemy: What are 5 sources/types of potential digital threats to your organization. Examples include external malicious actors or internal human error. Provide a thorough description and examples; be specific. Make sure your sources are current
As an IT supervisor, it is my job to protect my company from potential digital threats. The five sources/types of potential digital threats to my company are Ransomware Extortion, phishing, malware, zero day attack, and Data Exfiltration. Ransomware extortion is a malware attack in which attackers encrypt files and demand a ransom payment in exchange for the decryption key. They will usually encrypt the whole system or select the most important/critical files. For example, Maze ransomware is a sophisticated strain of Windows ransomware which targets organizations worldwide across many industries. Phishing is another potential threat to my organization because it is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. For example, emails that inform users of suspicious activity on their accounts and ask them to change their password. These phishing attacks aim to steal credentials or other confidential information. There is also another threat called Malware, which is a software that is installed on a computer without the user’s consent and that performs malicious actions, such as stealing passwords or money. Examples of common malware include viruses, worms, Trojan viruses, spyware, adware, and ransomware. Also there is a potential threat called “Zero day attack” that takes place when hackers exploit the flaw before developers have a chance to address it. The term “zero day” literally refers to the amount of time the vendors/developers have to fix the problem since they just learned about the problem. Data exfiltration is sometimes referred to as data extrusion, data exportation, or data theft. All of these terms are used to describe the unauthorized transfer of data from a computer or other device. Phishing attacks are a great example of data exfiltration because they will either contain a malicious attachment that injects the user’s device with malware or a link to a website that looks similar to a legitimate website but is spoofed to steal the login credentials the user enters. These were just some of the potential digital threats, there are still a lot more out there that I have to look out for as well.
Know yourself: Identify at least 5 digital processes, systems, and/or functions your company has in place. Importantly, address how could those be exploited or manipulated in order to gain access to valuable corporate or customer data?
Five digital processes, systems, and/or functions that my company has in place are Email Communications, Customer Data Storage, Employee portals, Payment Processing Systems, and Network Infrastructure. Email communications could be exploited through phishing attacks, where malicious emails trick employees into revealing sensitive information or clicking on harmful links. Customer Data Storage could be exploited through SQL injection attacks if they have vulnerabilities, allowing attackers to gain unauthorized access to customer information. Employee Portals might be vulnerable to brute force or credential stuffing attacks if employees use weak passwords, potentially granting unauthorized access to internal systems. Payment Processing Systems could be manipulated to siphon funds if there are security weaknesses such as unpatched software or weak encryption. For Network Infrastructure, exploiting network vulnerabilities or conducting Distributed Denial of Service attacks can disrupt operations and potentially create opportunities for unauthorized access during the chaos.
Develop your strategy: As the chief technology executive, make 5 recommendations that your company should adopt to be more safe, secure, and reliable. Again, consider hardware, software, networks, and human policies and procedures. (e.g., appropriate use policy on corporate computers; firewall; SSL/web encryption; backup/retention)
As the chief technology executive, the five recommendations my company should adopt to be more safe, secure, and reliable are Regular Security Audits, Employee Training, Redundancy and Backup Systems, Access Control, and Incident Response Plan.
Regular Security Audits: Conduct routine security audits for both hardware and software to identify vulnerabilities and weaknesses in your systems. Address these issues promptly to prevent potential breaches.
Employee Training: Implement ongoing cybersecurity training programs to educate employees about safe online practices, the importance of strong passwords, and how to recognize phishing attempts.
Redundancy and Backup Systems: Ensure redundancy in critical systems and implement regular data backups. This ensures data availability even in the event of hardware failures or data corruption.
Access Control: Employ robust access control policies to restrict system access to authorized personnel only. Utilize multi factor authentication and least privilege access principles to minimize potential security breaches.
Incident Response Plan: Develop a comprehensive incident response plan that outlines procedures to follow in case of a security breach. Regularly test and update this plan to ensure swift and effective responses to security incidents.