Network Security Assignment : Issues in Indian Companies and Remedies
Question
Task: Write a research essay based on a problem and solution essay model structure
Topic: Choose a topic of interest that is related to your further studies at university. Your teacher will help you with this. Please see the EAP2 ‘Sample topics’ guide for some ideas.
Answer
Introduction: In the near future network security will be the main element of the nation’s overall economic security and national security strategies. Network security plays a very critical role in the development of internet services as well as information technology. With the development of technology many companies in India suffer several network security problems. The worst thing is that many of these challenges go unsolved since they are not realized by the company management. This create opening for the attackers and hackers to breach of the company’s network security hence resulting wreak havoc and data theft. To mitigate network security threat all Indian IT companies, network operator, applications developers, software infrastructure vender and other stakeholder must develop strategies to fight against breach of the company’s cyber security (Janssens & Sörensen, 2017). Today security products like virus scanners and firewall are outdated mean of protecting company information. They are redundant and hence cannot over protection against advance threats, thousands of mutations, and breach of viruses and spyware. Protection against cybercrime needs more technical approaches. The primary aim of this network security assignment is to explore the biggest problems affecting network security in Indian companies and their possible solution. The student consigned us with this task because it was a network security assignment holding very demanding deliverables.
Problems: Among the many network security, Indians companies are faced with three main challenges which include unauthorized access, mobile malware and lack of enough resources. In this network security assignment we are primarily going to discuss these three problems.
1. Unauthorized Access: Unauthorized access refers to when an individual gain access to a program, website, server or system without the authority of the owner. This is one of the main problems affecting network security. Many companies face the challenge of unauthorized access into their system hence breaching the confidentiality code. Unauthorized access occurs mostly when system users attempt to access areas that they are not allowed to access. In many companies it is a crime to access for any person to access systems or servers that they are not authorized to access.
Solutions: Some of the strategies applied by the companies to protect their network against unauthorized access are by use of passwords, designs safe systems, to providing access to any users. The companies are required to develop strong access strategies which dictate what information should be accessed by who and at what period. Not all information should be access to all employees in the company. Some of the information should be access by specific department and by the top management. For example the critical information on financial matters should only be accessed by people working in finance department and the top management (Rao & Selvamani, 2015). The management should also ensure that they keep they keep password for critical information. The password should also be changed on frequent basis. It is the role of the company management to ensure that the passwords are kept in secure places. The companies should also ensure that they do not provide unnecessary access to any users or employees. Only the relevant users should be allowed to access the company information.
2. Ignorance on Technology Security Management: The second problem that most of companies are facing is lack of enough for information technology security management. Most of the IT firms do not have enough people in place to manage the network security. When the cyberattack happen the management is not able to identify them and hence it is not possible to eliminate them.
Solution: To protect company against network security it is necessary to have qualified IT management team. The company also is required to have advance hard ware and software’s which are not prone to cybersecurity threats. With more technology advancement companies are required to continually train and develop they IT team. The Information technology environment is dynamic and hence companies should change as the technology changes. Today cybercriminal are using sophisticated software’s to hack into the company’s information. Companies in India should therefore invest more resources towards the purchase of more advance software to protect against cyber-attack (Rathore & Park, 2017). The companies should also invest more resources in creating awareness about cyber threats among their stakeholders.
3. Cyber-Attacks: Economic Times (2018) argue that cyber-attacks are a major network problem facing Indian companies because of the complexities involved in dealing with them. According to the author, organizations have to devise complex products to defend themselves from the attacks and this has cost implications on the companies amid the increased risk of loses. For instance, according to reports by Cisco cybersecurity Annual report (Cisco, 2018), 30% of security specialists from various companies within India said that they use products from at least 50 vendors to defend their networks, yet the same report reveals that 54% of cyber-security breaches affected more than 50% of networks in India in 2017. These pieces of evidence attest to the fact that despite using significant amounts of resources to curb cyber-attacks, companies in India are still massively exposed to the menace. Nonetheless, according to the Cisco report, attacks such as Ccleaner & Nyetya affect computers on a massive scale and attack through trusted software, making them harder to detect and eliminate.
Apart from Ccleaner & Nyetya attacks experienced By Indian firms in the past one year, firms in India have also experienced ransomware as a major cybersecurity attack in the past one year. According to Sherpa (2017, para. 2), “69 percent of the organizations in India said that ransomware was a significant risk to them while 43 percent revealed they had already experienced ransomware attacks”. All in all, “the Indian Computer Emergency Team (CERT-In) received 40 reports of ransomware attacks, where 34 of those reports were specific to the Petya and WannaCry ransomware” (Sherpa, 2017,para. 1). Moreover, According to Pathak (2017), CERT-In also received 27,000 cyber-attack risk reports in the period between January and June 2017. Specifically, these risks were characterized by phishing assaults, damages to data and website intrusions. These pieces of evidence reveal the extent to which Indian companies have become victims of network security problems characterized by cyber-attacks. In fact, Sherpa (2017) writes that India has been categorized as one of the top seven countries with the highest experiences of ransomware following the exponential increase in cyber-attacks in the country.
Solution: Scholars and IT gurus have proposed various ways of dealing with cyber security attacks. For instance, according to Young Yung & Myungchul (2018), understanding the security attacks being dealt with is a major step towards dealing with an attack. Whether an organization is working with an in-house IT expert of an outsourced one, they need to understand the most common types of attacks affecting the specific industry.
Upon understanding the types of attacks a company is likely to experience, there is a need to understand how each attack affects various sections of the company’s network in order to map out the devices that connect the computers to the internet and the mechanisms that can be established to protect those services (Krishan, 2018).
The process of dealing with cyber-attacks also involves keeping up to date with the trends of dealing with cybersecurity threats in the industry and conducting an audit of the company’s current technological framework in order to prioritize the preventive measures to be established against the identified threats (Bouhdada, 2018).
All in all, these processes can be crowned off by establishing a proactive response to cyber- attacks which include various actions such as establishing system awareness training and education sessions for employees to equip them with knowledge on usage and management of mobile devices and passwords (Werna, 2017). Similarly, according to Cabrera (2016), it is important to establish various defensive systems such as hardware firewalls and intrusion prevention systems to screen anything trying to sneak into the network. Other proactive measures include seeking web-filtering services to blacklist websites that are dangerous to the network.
Conclusion: In this network security assignment we have provided an overview of the problem of network security of companies in India and their possible solution. You can observe that in this network security assignment a detailed analysis is being conducted which helped us to arrive at this conclusion. Cyber security is described as one of the main component of economic and technological development of any company. Network security is a must for in the current digital environment. The main problems affecting network securities include unauthorized access, limited resources, mobile Malware and cyberattack. To prevent companies against challenges the companies are requires to have a well-defined policies on network security in include only allow access to authorized personnel and having strong system password. Companies should also invest on strong team to manage their network security.
References
Bouhdada, J. (2018). Six best practices for implementing and securing IIoT products: The
practice of 'securing by design' can help companies protect against potential cyberattacks on Industrial Internet of Things (IIoT) products. Control Engineering, (6), 80. Retrieved from http://eds.a.ebscohost.com/eds/detail/detail?vid=16&sid=7db24582-9c68-48c6-8c1e-18994f59c473%40sessionmgr4006&bdata=JnNpdGU9ZWRzLWxpdmU%3d#AN=131285631&db=aph
Cabrera, E. (2016). Health Care: Cyberattacks and How to Fight Back. Journal Of Health Care Compliance, 18(5), 27-30. Retrieved from http://eds.a.ebscohost.com/eds/detail/detail?vid=18&sid=7db24582-9c6848c68c1e18994f59c473%40sessionmgr4006&bdata=JnNpdGU9ZWRzLWxpdmU%3d#AN=131099262&db=bth
Janssens, J. T., & Sörensen, K. (2017). A metaheuristic for security budget allocation in utility networks. International Transactions in Operational Research, 24(1-2), 229-249.
Krishan, R. (2018). CORPORATE SOLUTIONS TO MINIMIZE EXPENSES FROM CYBER SECURITY ATTACKS IN THE UNITED STATES. Journal Of Internet Law, 21(11), 16-19. Retrieved from http://eds.a.ebscohost.com/eds/detail/detail?vid=14&sid=7db24582-9c68-48c6-8c1e-18994f59c473%40sessionmgr4006&bdata=JnNpdGU9ZWRzLWxpdmU%3d#AN=122660459&db=aph
Pathak, U. (2017). Cyber security and cyber laws in India : focus areas and issue areas. Clarion . International Multidisciplinary Journal, 6(1), 51-56. doi:10.5958/2277-937X.2017.00008.9
Rao, R. V., & Selvamani, K. (2015). Data security challenges and its solutions in cloud computing. Procedia Computer Science, 48,.
Rathore, S. S., & Park, J. H. (2017). Social network security: Issues, challenges, threats, and solutions. Information Sciences, 421.
Sherpa, S. (2017). Cyber Attacks that affected India in 2017. GIZBOT. 22nd Dec 2017. Retrieved from: https://www.gizbot.com/internet/features/cyber-attacks-that-affected-india-in-2017/articlecontent-pf82314-046533.html [Accessed on 21st August 2018]
The Economic Times (2018). Indian companies lost $500,000 to cyber-attacks in 1.5 years: CISCO, retrieved from https://economictimes.indiatimes.com/tech/internet/indian-companies-lost-500000-to-cyber-attacks-in-1-5-years-cisco/articleshow/63019927.cms[Accessed on 21st August 2018]
Werner, R. R. (2017). How to Protect Against Common Cyberattacks and Insure Against Potential Losses. (cover story). CPA Journal, 87(3), 16-21. Retrieved from http://eds.a.ebscohost.com/eds/detail/detail?vid=17&sid=7db24582-9c68-48c6-8c1e-18994f59c473%40sessionmgr4006&bdata=JnNpdGU9ZWRzLWxpdmU%3d#AN=118222289&db=edb
Young Yung, S., Jae Kyu, L., & Myungchul, K. (2018). Preventing State-Led Cyberattacks Using the Bright Internet and Internet Peace Principles. Journal Of The Association For Information Systems, 19(3), 152-181. doi:10.17705/1jais.00488