Name: Isis Jordan

Date: February 13, 2019

Details

Small businesses are essential to our current economy. They are constantly growing, and at the moment there are a total of twenty-eight million small businesses in the United States alone. With all the small businesses, they play an imperative role not just in our economy, but also in the cyber infrastructure.

With small businesses being important to our economy, that does not mean they are not prone to being cyber attacked. They are what attackers consider “soft targets”, because small businesses may not have the extra funds to afford cyber security and information security due to its rising cost. They should look at investing in some sort of Information security for their business. Information security is protecting important information from all unauthorized users, protecting information from any unknown changes, and lastly protecting any disruptions on how information is accessed. Confidentiality, Integrity, and availability is what information security focuses on.

Small Businesses take a much harder hit if they are attacked than bigger organizations. If attacked then they would have to take action, which can become very costly. Which is why they should be more prepared to prevent any attacks or secure their information properly. Having a durable information security program in place can help a business with keeping employees, keeping customers and gaining future customers. All customers who put their trust in small businesses have an automatic expectation that their delicate information is secured and won’t be manipulated by a cyber-attack. By protecting a customer’s information, it shows how much their worth is to the business and shows the exceptional customer service the business provides to the customers.

With the constant growing cyber security threats today, a cyber security strategy should include training employees properly, protect vital information, building a firewall for internet connections, creating an action plan, creating user accounts for every employee, securing wi-fi networks, limiting employee access to information, and password and authentication.

Small Businesses should make an attempt to include Information security in budget. The cost of a cyber-attack can average a small business anywhere from $100,000 to $500,000, and that does not include revenue that has been already lost. This can also cause them to go out of business if the loss cannot be recovered from. If the proper precautions were taken, then a Cyber- attack may not have affected them as hard or could have been prevented from the start.

References

Security Now,About STTR | SBIR.gov,

Paulsen, Celia, and Patricia Toth. Small Business Information Security: The Fundamentals, 2016.

Every day our society constantly relies on our computers and other electronic devices we use every day and in our workplace. Our world constantly continues to revolve around computers and the hardware and software within it. With social media growing it has also become a potential security threat, because terrorist is able to reach internationally and impact any individual using social media, their email, and any other social media platform. This can also play a giant role in organizations if an internal employee uses their work computer for their personal online activities and can put their work system at risk for cyber threats. All organizations that have faulty software leaves the networks defenseless to any possible malware and cyber-attack. The engineers in IT security field help protect all the organizations computers, software, hardware, and also their networks from any potential security risk, and that also includes malware. Engineers in IT not only help with preventing any cyber-attacks, but they also help and overlook a company’s security foundation and infrastructure and help make any changes that need to be made to help improve in the prevention of any possible cyber threats in the cyber security department. With the increasing risk in cyber security it is important for the IT engineers to develop a safe and secure environment for the organization. There are many requirements for the engineers to have, they must be able to accurately troubleshoot, identify the problem and threat, and be able to successfully provide proper solutions for the organizations network and systems. Also monitor systems, installing fitting software, reporting findings, planning and strategizing, education and training, and improving any technical systems. The engineer’s main primary objective is to protect all networks and computer systems and monitoring all systems. When cyber-attacks are not present, they are able to keep busy with the other day to day task available. Engineers in the IT department have many different titles like application security engineers, web security engineers, IT security engineers, and data security engineers. But no matter the different title they are given they all play important roles in our cyber security world.

References

Field Engineer – Engineers, Field Engineer

IT Security Operations Engineer.”www.fieldengineer.com/skills/it-security-operations-engineer.

Electric Grid Security and Resilience–Establishing a Baseline for AdversarialThreats.pdf.”, Google, drive.google.com/file/d/1OKiTYuCPwkHu4r04BME-

Date: January 12, 2019

Details

Most people do not understand the importance of Cybersecurity. When on social media they openly share their Name, age, DOB, phone number, and sometimes even their home address. That makes it easy for people in the hacking world to access their information. Facebook is a good example. People think it is a secured site, but I know when I am looking up something on the internet to shop, and when I go on Facebook ads are constantly popping up showing the product, I looked at previously. That is something that catches the user’s attention and then can become a click bait. With that can launch a faulty site to release a software that could potential take over the user’s computer to gain access to any personal information, and to even cause damage to the user’s computer. Also is why applying or downloading a virus protection to your laptop is important to prevent hackers from gaining access to personal information. But hackers can gain access easily from many other things. Inside attacks is a big problem. Someone that works inside a secured facility or has any administrative access to valuable information can be a huge problem. Especially when that person misuses their access to gain control. I have witnessed this before first hand when working for a small company. It can affect anyone who has given the company their personal information and that includes their personal address, phone numbers, and even their social. Because once the internal person is able to access personal files, they can manipulate the information to gain from, and that can be in any form to benefit them like access to more money. Also, with the company I was with an ex-employee still had access to the system and from there they were able to gain everyone in my departments emails to email us about how and why they got fired and continued to threaten the manager of the department. That also shows how easily an ex-employee can access and threaten the company if their credentials are not taken away immediately after being terminated. Cyber threats lie everywhere, and people do not realize how easy it can be to be hacked. But need to take the proper preclusions to prevent it as much as possible whether it be for personal or business use.

References

Tutorial 2: Introduction to Cyberthreats.”

About STTR | SBIR.gov, www.sbir.gov/tutorials/cyber-security/tutorial-2.