Increasing Awareness for Cyber Security in the Corporate Sector

VIDYA A JOURNAL of Gujarat University, 2023

In today's digitally connected business landscape, the increasing reliance on technology exposes organizations to a growing number of cyber threats and security breaches. Cybercriminals exploit vulnerabilities in systems and networks, putting sensitive data, financial assets, and company reputation at risk. To fortify cybersecurity defenses effectively, organizations must recognize the pivotal role of employees. This article emphasizes the significance of cybersecurity awareness training, empowering employees as the first line of defense against cyber attacks and preserving customer trust. A systematic literature review reveals that training employees has a positive impact, reducing security incidents and fostering a culture of cybersecurity consciousness. Tailoring training for remote work enhances the organization's resilience. A holistic security strategy integrating technical measures and policies is crucial. By investing in comprehensive and ongoing cybersecurity awareness training, businesses can proactively protect assets and maintain a secure position in the digital age.

2018 6th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), 2018

Cyber-attacks have been an increasing threat on people and organisations, which led to massive unpleasant impact. Therefore, there were many solutions to handle cyber-attacks, including Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS). These solutions will provide a huge number of alarms that produce more are false positives. Therefore, the IDS tool result should be operated by a human intelligent be filtered effectively the huge amount of alerts to identify true positive attacks and perform accordingly to the incident response rule. This requires the IT employees to have enough knowledge and competency on operating IDS, IPS and incident handling. This paper aims to examine the awareness of cyber security threat among all IT employees, focusing on three domains: Knowledge, Monitoring and Prevention.

INTERNATIONAL JOURNAL OF ECONOMICS AND STATISTICS , 2018

Proposal of cyber security measures in companie. Cyber security is currently the most wanted and most challenging research discipline that is in constant development. Data reference institutions and recognized to security researchers in 2017 shows that cyber criminals using 'low-tech' 'software were successful in 9 of 10 attacks on various web sites. Most web sites had serious flaws for a period of 150 days or more. Various invasions and fraud have cost the company $ 6.6 billion annually. Based on the research of Oracle java in America is the biggest security risk for desktop computers. According to reports java is installed on 65% of computers, 48% of users did not have the latest patches for Java last year been identified 119 new vulnerabilities in the software. According to research, mobile phone users are increasingly exposed to cyber attacks. Based on analysis of more than 400 000 applications available in the most popular apps and Google applications 14 000, or 3% have security vulnerabilities, including sensitive information such as location, text messages and contacts. In this work will be given to the proposal of measures that could improve the protection of computer systems from unauthorized intrusion.

The intent study of this article is to fortify the protection of sensitive data and information from breach any means necessary from attack either an insider or an outsider in the organizations. In every firm, the core achievement of its information security is to entrust the CIA-Trid; Confidentiality, Integrity and Availability of all of their resources and the liable personnel to disclose confidential information from breach is the end users of the system, having them in their respective field of assignment accordingly. This year 2017, research and analysis information gathered on the incident which took event on May/June ransomware cyber-attacks "WannaCry and Petya" affected many organizations such as companies and government agencies in different countries around the world demanding a ransomware bitcoin $300 method of payment, failure to comply will be subject to accumulate in double every day repeatedly. The breadth of study is to introduce the End User Security Awareness Campaign in the Organizations as a routine practice to stay awake from numerous information security threats, vulnerabilities and concurrent cyber-attacks circulating in different organizations around the global countries. To achieve the objectives, end users will partake in continuous awareness training and assessment through social engineering practices and procedures on how to stay vigilant to prevent every user from such attacks. The organizational IT function will also partake the involvement of hardware and software firewall applications, regular windows updates and patches, consistent antivirus updates, which will restrain the vulnerabilities to risk and any associate attacks to that effect.

Academic Journal of Interdisciplinary Studies

The increase in cyber attacks cause individuals and businesses to face financial loss and reputation damage. Most cyber security studies ignore human factor and focus only on technological measures although the cyber security behaviors of employees are vital for the organisations. This paper aims to explore and discuss the role of employees in cyber security. In-depth interviews with eight cyber security experts were conducted through semi-structured, open-ended interviews. This study gives perspectives regarding the cyber security behaviors of employees, the barriers and promoters of secure behaviors in cyberspace. The findings mainly stem reasons of unsecure behaviors and solutions for them, and provide implications to companies for effective training and recommendations to adopt secure behaviors in the companies. Received: 4 March 2021 / Accepted: 6 May 2021 / Published: 8 July 2021

Advances in Electronic Government, Digital Divide, and Regional Development, 2023

The regulatory and cyber risk landscapes are reshaping the role of human resources. As a result, information security/information technology (InfoSec/IT) professionals are increasingly being asked to assist organisations in determining and enforcing employee data permissions, training employees on cybersecurity policies, and assisting with employee-related cyber incidents in order to be prepared for any kind of cyber attack. This chapter delves into the role of HR in managing cyber risk and provides recommendations on how organisations can manage cyber risk effectively to support their HR departments.

It is identified that one of the greatest threats against security in the next coming ten years will be cold cyber wars against information systems between countries. National information systems utilize the information technology infrastructure of enterprises in order to satisfy personal or enterprise needs. In the past years, attacks were taking place with no discrimination of targets, however in the recent years; attacks are organized, deliberate and pointed towards national information systems. Personal and enterprise level information security must be established in order to avoid information security threats that try to hamper or even destroy national information security, cause tangible and intangible damages on individuals and enterprises. In order to reduce the impact of such cyber threats to minimum at the national level, there are necessary critical enterprise and personal security precautions to be taken. The establishment of the enterprise and personal information security which form the stages of establishing national information security at highest level and development of a national security policy are among the first things that need to be done. In this paper, the strategic national information systems are identified, then personal and enterprise information security that are important stages in providing security for national information systems are described. The necessary security tests and the importance of education and awareness are discussed in the following section. Finally, evaluations have been performed on national information security and proposals have been put forward.

This report studies the impact of cyber security attacks its initial use and develop mechanisms for security of internet. There are numerous systems that are interconnected with internet and it is at risk and brief background of the cyber-attacks is outlined and our concentration in this report is on the impact of communication, positioning and implementing value delivery in order to increase productivity. It is concluded that the senior executives and government play major role in minimizing these risks and potential errors. In order to reduce them it is obligatory that IT professionals should take major responsibility of these issues and take productive measures. The research determines that cybersecurity threats also impacts Small and Medium Enterprises (SMEs), detecting just at the particulars for SMEs failing and the helping of IT inside the modern SME. The use of internet is becoming more often now a days and it is a major threat for SMEs due to oubsolete Microsoft versions technological systems therefore steps should be taken to mitigate these risks in order to minimize costs and boost performance by upgrading its software systems. The importance of cyber-intellienge should also be considerd due to vital practice to determine how firewalls coaching and detection structures work and compliance with risk management standards. There are different forms of attack such as viruses malware and these types of attacks create problem for initial users to have confidence and believe in technology. Such issue can be addressed by having antiviruses and it can eliminate financial as well as reputational losses for business in longrun.

SSRN Electronic Journal , 2024

Some cybersecurity executives have not mitigated the human insider weakness in their organizations. The lack of employee security awareness and training is a significant threat to organizations because it leads to security risks, attacks, and breaches in companies. Cybersecurity executives utilize security education training and awareness programs to mitigate the human insider factor weakness in their organizations. Hence, firms in various sectors of the economy should conduct security education training and awareness programs every quarter and communicate security risks and updates every week for improved and desired cybersecurity behavior. In this paper, we examine the strategies for addressing and mitigating the human insider factor in cybersecurity.