Yatendrabhelp_SC

docx

School

University of New South Wales *

*We aren’t endorsed by this school

Course

4901

Subject

Information Systems

Date

Nov 24, 2024

Type

docx

Pages

14

Uploaded by MinisterStarlingPerson398

Report
Topic: Investigate the cyber attacks in organisations and examine scenarios by which organisations monitor and respond to the possible cybersecurity issues.
Table of Contents Introduction .................................................................................................................... 3 Background .................................................................................................................... 3 Literature Review ........................................................................................................... 4 Aim and Objectives ........................................................................................................ 6 Research Questions ........................................................................................................ 6 Research Methodology ................................................................................................... 7 Data Collection ............................................................................................................... 8 Data Analysis .................................................................................................................. 9 Ethical Considerations .................................................................................................. 10 Dissertation Plan ........................................................................................................... 10 References .................................................................................................................... 12
Introduction The main focus of this research study is to conduct an investigation into the occurrence of cyber attacks in the organisations well as examining the scenarios by which the organisations monitory and respond when the cyberattack occurs or there is a possibility of occurring the cyber attacks. As the number of Information and Communication Technology (ICT) based devices such as smartphones, computers and laptops are increasing day by day, cybersecurity issues are being considered as a crucial aspect to defend the data of the customers. The cyberattacks are considered disastrous in nature because it impacts the reputation of the organisation as well as impacting the organisations financially (Kali, 2020). On the other hand side, the companies need to allocate resources to provide cybersecurity to the devices and the companies occur a huge cost. In the year 2019 alone, approximately 5183 cyber attacks have reported worldwide and these cyber attacks were of moderate to high (Risk Based Security, 2019). Hence, there is a strong need for the organisations to identify the scenarios by which the cyber attacks can occur as well as placing the countermeasures to minimise the risks from the cyber threats and this research study is focused to examine such scenarios. Background In the year 2020, the number of cyberattacks on individuals, companies and governments increased from the last year and the cyberattacks mainly focused on data breaches. The attackers also found to be utilising the technologies such as 5G, artificial intelligence and machine learning to exploit the vulnerabilities in the Internet of Things (IoT) devices (Brooks, 2021).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
The research conducted by Yahoo in the year 2021 outlined that 78 per cent of the customers and employees are found to be lacking confidence in cybersecurity preparedness for their companies (Yahoo, 2021) and the global data risk report published by Varonis (2019) outlined that only 5% of the folders are protected in the companies (Varonis, 2019). In a similar manner, Brooks (2021) outlined that approximately 80% of the senior Information and Technology (IT) managers believed that their company is lacking in cybersecurity preparedness and thus have less protection from potential cyber-attacks (Brooks, 2021). Literature Review According to Bendovschi (2015), information and communication technology is expanding at a fast pace and companies, as well as individuals, have adopted the services such as automation, cloud computing, online transactions and social networks. The increase in these kinds of services is also increasing the number of cyber crimes and cyber attacks. In a similar manner, the attackers are also using modern technology so that the well-controlled environments, as well as the complex systems, can be attacked and the cyber attackers remain untraceable (Bendovschi, 2015). In a similar manner, Arumugam and Subramanian (2019) highlighted that cyberattacks have become a common practice in the internet era and the cyber attacks happening on companies and individuals are also increasing day by day. In order to counter these cyber attacks, the companies are required to have the technical capabilities and domain knowledge. The domain knowledge and technical capabilities are found to be effective in identifying the vulnerabilities in the information systems
as well as analysing the possibilities of cyber threats and cyber attacks (Arumugam and Subramanian, 2019). Furthermore, Low (2017) said that cyberattacks remain a critical issue for organisations and organisations deploy cybersecurity measures to protect against cyber-attacks while removing cyber vulnerabilities. Cybersecurity measures are being taken to protect the identity of the employees as well as protecting the data of the customers and clients. In order to mitigate the risks due to cyber attacks as well as protecting the network from attackers, the organisations take several measures such as implementing packet shaping devices, firewalls, Intrusion Prevention Systems (IPS) and Intrusion Detection systems (IDS). sin a similar manner, the modelling techniques are also being used by the organisations to identify and understand the characteristics of a cyber attack (Low, 2017). On the other hand side, Russell (2017) argued that the organisations try to protect the network from external attackers while ignoring the threats from the internal employees. In the cybersecurity domain, the employees of the organisation are considered one of the topmost challenges in countering the cyber-attacks because employees are considered by the first line of defence as well as a threat for the cyberattacks simultaneously. In order to reduce the risks from the insider threat, the honeypot technique is being used to detect, identify and collect the information. In a similar manner, the cyberattacks in the organisations are also co-related to the low knowledge and expertise in the cybersecurity domain because employees remain vulnerable to security threats (Russell, 2017). Moreover, Hart et al. (2020) outlined that security awareness and providing training to employees can help organisations to prevent cyber attacks and improve cybersecurity scenarios. The aspects such as security awareness, computer skills and finances are
considered as the barriers to taking the cybersecurity measures in an efficient and effective manner. In this context, it is also said that organisations need to take an inclusive approach in order to prevent cyber attacks rather than taking an individual delivery approach. The organisations are found to provide basic training to the employees to take the cybersecurity measures and the employees lack knowledge. When the awareness is low in the employees, phishing attacks or phishing emails are used to collect information from the employees (Hart et al., 2020). Aim and Objectives The main aim of this research study is to “explore and examine the ways by which the cyberattacks happen in the organisations and the responses of the organisations towards the cyber attacks” . Furthermore, the below-mentioned objectives are set for this research study. To examine the occurrence of cyber-attacks in organisations. To explore the responses of employees towards the cyber attacks. To identify the ways by which organisations use the technology to respond to cyber-attacks. To identify the techniques that are being used to improve the cybersecurity preparedness of organisations. Research Questions On the basis of the aims and objectives, two research questions are framed and in this research study, the most appropriate and relevant answers to these two questions will
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
be mentioned and discussed in an efficient and effective manner. The research questions for this research study are mentioned below. Research question 01: What are the measures that are taken to identify and investigate cyber attacks in organisations? Research Question 02: What are the countermeasures that are taken to prevent the damages before and after the cyber attacks in organisations? Research Methodology The research methodology is a framework that is used to conduct the research study in a proper manner so that the aim and objectives of the research can be met along with providing answers for the research questions. In a similar manner, the research methodology is adopted to systematically plan and conduct the research study in a proper manner. The research methodology basically contains the data collection processes, data analysis processes and research approaches (Munot and Bairagi, 2019). In the context of research methodology, the research onion model designed and developed by Saunders seems to be relevant and most appropriate because it describes the different approaches of decision making for the researchers. A diagram of the Saunders Onion Model is mentioned in the below figure.
Figure 1: Saunders Research Onion Model (Source: Melnikovas, 2019) On the basis of the above-mentioned figure, it can be interpreted that the researchers need to start from the outer layer and move to the inner layers gradually while taking the most appropriate decisions (Melnikovas, 2019). Data Collection The data collection process in the research study is a technique by which the data from external sources is collected so that it can be used for the research study. As an ample amount of data is available on the internet, it is always not imperative to directly use the data for research purposes because it may be biased and hence, alternative data collections methods are used. There are basically two types of data collection processes; primary data collection and secondary data collection. The
primary data collection method is used to gather first-hand information from the respondents with the help of the techniques such as conducting the interviews and conducting the surveys. On the other hand side, the secondary data collection method is adopted to gather the information from already published and researched materials such as journals, articles, books and case studies (Draper, Young Thomas and Fenich, 2018). As the main aim of this research study is to examine the cybersecurity and cyberattacks scenarios in the organisations with particular focus on the employees, collecting the data from the secondary resources seems to be irrelevant and hence, the primary data collection process will be adopted. In the primary data collection process, the data will be collected by taking the responses of the employees through the survey questions. In this context, a questionnaire comprising approximately 10 specific questions will be forwarded to employees. Moreover, the sampling size of the respondents will be approximately 100 (Loomis and Paterson, 2018). Data Analysis In the research, the data analysis methods are basically adopted and used to analyse the collected data so that the results can be drawn in a proper manner. There are basically two types of data analysis methods; qualitative data analysis and quantitative data analysis. The qualitative data analysis method is used to analyse and evaluate the information that is in the text format comprising no or very few statistics (Bergin, 2018). In this research study, the responses from the respondents will be completely in the numerical format and hence, using the qualitative data analysis method is rejected. In order to analyse the responses, the quantitative data analysis method will be adopted and used to analyse the information and obtain the results in the format of
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
graphs, tables and charts while using graphical methods and statistical tools and techniques. Furthermore, the results obtained in the graphical formats will be discussed and interpreted in the text formats to improve the understandability (Chu and Ke, 2017). Design and Testing In order to design, this research study will collect the information related to the user login activities so that the information about the employees can be collected. The timings of the activities and the name of the activities will be tracked. Furthermore, the information will be saved in the database management systems and it will be tested by using the appropriate testing techniques. Ethical Considerations While conducting the research study, the ethical considerations are the aspects in which the research study should be conducted and considered important from the ethical and moral lenses. The below mentioned ethical aspects will be considered in this research study: The research participants will be provided with the informed consent forms along with outlining the aim and objectives of this research study. The participation of respondents will be completely voluntary in nature and any participant can exit from the research study at any time and there is no boundation (Arifin, 2018). The data gathered from the respondents will be maintained in the privacy folders and only be used to conduct the research (Eaton, 2020).
The research will be conducted in an honest and transparent manner and there will not be any biases in either framing the questions or in interpreting the results. The ethical considerations mentioned in the Data Protection Act 1998 will be considered in this research study (Business Research Methodology, 2020). Dissertation Plan The research study is expected to start in the month of August 2021 and will be conducted by December 2021. The detailed dissertation time management plan is mentioned in the below table. Dissertation Time Management Plan (2021) July August September October November Dec. 2021 Dec. 2021 Research Proposal Conducting Literature Review Making Questionnaire and contacting research participants Data Collection Data Analysis Interpretation of Results and Discussion
Conclusion and Recommendations References Arifin, S.R.M. 2018. Ethical Considerations in Qualitative Study. International Journal of Care Scholars 1(2), pp. 30-33. Arumugam, S. and Subramanian, S.B. 2019. A Review on Cyber Security and the Fifth Generation Cyber attacks. [Online]. Available at: https://www.researchgate.net/publication/334553338_A_Review_on_Cybe r_Security_and_the_Fifth_Generation_Cyberattacks [Accessed on: 09 July 2021]. Bendovschi, A. 2015. Cyber Attacks-Trends, Patterns and Security Counter Measures. Procedia Economics and Finance 28, pp. 24-31. Bergin, T. 2018. An Introduction to Data Analysis: Quantitative, Qualitative and Mixed Methods. New York: Sage. Brooks, C. 2021. Alarming Cybersecurity Stats: What You Need to Know for 2021. [Online]. Available at: https://www.forbes.com/sites/chuckbrooks/2021/03/02/alarming- cybersecurity-stats-------what-you-need-to-know-for-2021/ [Accessed on: 09 July 2021]. Business Research Methodology. 2020. Ethical Considerations. [Online]. Available at: https://research-methodology.net/research-methodology/ethical- considerations/#:~:text=Ethical%20Considerations%20can%20be %20specified,important%20parts%20of%20the%20research.&text=Research
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
%20participants%20should%20not%20be,participants%20prior%20to%20the %20study. [Accessed on: 15 July 2021]. Chu, H. and Ke, Q. 2017. Research Methods: What’s in the Name?. Library & Information Science Research 39(4), pp. 284-294. Draper, J., Young Thomas, L. and Fenich, C.G. 2018. Event Management Research Over the Past 12 Years: What Are the Current Trends in Research Methods, Data Collection, Data Analysis Procedures, and Event Types?. Journal of Convention & Event Tourism 19(1), pp. 3-24. Eaton, S.E. 2020. Ethical Considerations for Research Conducted with Human Participants in Languages other than English. British Educational Research Journal 46(4), pp. 848-858. Hart, S., Margheri, A., Paci, F. and Sassone, V. 2020. Riskio: A Serious Game for Cyber Security Awareness and Education. Computers & Security 95, p. 101827. Kali, K. 2020. Cyber Security. London: Growise Limited. Loomis, D.K. and Paterson, S. 2018. A Comparison of Data Collection Methods: Mail Versus Online Surveys. Journal of Leisure Research 49(2), pp. 133-149. Low, P. 2017. Insuring Against Cyber Attacks. Computer Fraud and Security 2017(4), pp. 18-20. Melnikovas, A. 2019. Towards an Explicit Research Methodology: Adapting Research Onion Model for Future Studies. [Online]. Available at: https://www.semanticscholar.org/paper/Towards-an-Explicit-Research- Methodology-%3A-Adapting-
Melnikovas/dccf54a5a4312ceb2261e1989cda01f73989d735 [Accessed on: 15 July 2021]. Munot, M.V. and Bairagi, V. 2019. Research Methodology: A Practical and Scientific Approach. London: CRC Press. Risk-Based Security. 2019. Number of Records Exposed Up to 112% in Q3. [Online]. Available at: https://www.riskbasedsecurity.com/2019/11/12/number-of- records-exposed-up-112/ [Accessed on: 09 July 2021]. Russell, G. 2017. Resisting the Persistent Threat of Cyber Attacks. Computer Fraud & Security 2017(12), pp. 7-11. Varonis. 2019. Varonis Global Data Risk Report. [Online]. Available at: https://www.varonis.com/2019-data-risk-report/ [Accessed on: 09 July 2021]. Yahoo. 2021. 78% Lack Confidence in Their Company Cybersecurity Posture, Prompting 91% to increase 2021 budget. [Online]. Available at: https://finance.yahoo.com/news/78-lack-confidence-company- cybersecurity-153000182.html?guccounter=1 [Accessed on: 09 July 2021].

Related Documents

Unit 6 PMAL 404.pdf
PART ONE.docx
1182302_CAPSTONE RESEARCH PROJECT.docx
7010_Week 2 Short Paper.docx
WhatsApp Image 2023-11-20 at 07.12.40.jpeg
31.png
ttcyftxycf (108)-13.pdf
BSBHRM602 Task 2.5 - Risk Management Plan.docx
CS 4407 S6 p3.png
PowerShell Commands to Administer Virtual Machines on Amazon AWS.docx
Risks.docx
Module Four_Discussion and Participation.edited.docx