In this unit I will be covering the overall impact of threats such as internal, external and physical on an organisation and how it will affect their performance and reliability. I will also be covering what these organisations should do to make sure they are not victim to any security breaches and what steps they must take to stop data breaches. Another point I will go over is the legal requirements that every organisation has to follow and how that affects their security system and rules. In point 2 I must also cover the effectiveness of the techniques to protect organisations from threats but also bind this to the principles of information security. The final topic I will be covering is the principles of cryptography and how this is used to secure and protect personal and important data to make sure no one can externally access it.

Get Help With Your Essay

If you need assistance with writing your essay, our professional essay writing service is here to help!

Essay Writing Service

Security threats that affect IT systems in organisations.

Internal Threats

Employee actions

One of the biggest internal threats that can be seen is the actions of the organisations very employees as many employees are granted access to the company’s systems but most importantly the company’s data on a daily. The level of access in which these employees get is a huge threat as one disgruntled employee may be able to leak of the organisations data and cause a breach.

An example of this breach and the impact it had can be seen with the “Anthems’ Employee Data Exfiltration” breach. Anthem did have a massive 2014 beach which took the news by storm truly showing how some organisations don’t take the right steps in preventing security breaches but in 2017 “they were hit with an insider theft that resulted in personal data being stolen for over 18,000 Medicare members.”(TeamObserveIT, 2018).However the Medicare insurance coordination service vendor for anthem only learned in April of 2017 that someone was taking and incorrectly using personal member info as of early 2016.The individual who caused the security breach emailed a file containing piles of data to do with Anthems staff and clients into his personal email. The information sent included Medicare and Health Plan ID’s, Social security numbers, names of members and dates on enrolment.” This insider threat incident is notable in part because theft of personal health information (PHI) has been on the rise in recent years, and 58% of it can be attributed to insiders, according to a Verizon report. “(TeamObserveIT, 2018).

This security breach in my opinion is one of the biggest as it’s done by trusted employees and there isn’t many ways to prevent this, the employees are given enough trust to have the level of access to this information to do their job and the employee could be working there for years without an issue then one day it all turns around and they leak information for either money or to shut down the organisation because they are disgruntled. This doesn’t really have an effect on the security system as it hasn’t been tampered with or hasn’t failed this is due to giving a certain amount of trust and level of access to an individual however this example could have been stopped by not allowing users to send emails without permission or cap an email’s send storage to a certain size although in a different situation make sure you know who has access to what and only allow access to personal information to employee’s who have their computers on lock down ensuring nothing flows in or out of that certain system. However, “The report all stated that researchers believe healthcare is the number one industry for insider-caused data breaches” (TeamObserveIT, 2018). Meaning these organisations need to be careful when it comes to who has access to certain types of crucial data. Guidelines and rules can be put into place to stop this in the future.

Accidental loss

Another internal threat is Accidental loss of data which is unintentional but still a massive issue for organisations as this means they could lose personal and protective data which could result in the whole of their system shutting down in simplest terms accidental loss is in the name it’s were an employee of the company accidentally deletes, loses or incorrectly syncs certain pieces of data. This causes a major breach as sometimes the company don’t know they have lost this data meaning external threats could attempt to steal even more information.

The seriousness of this breach can be seen with the instance of “The Sync Error: AMAG Pharmaceuticals” this pharmaceutical company has around 300 employees and is heavily regulated as it’s a very important organisation. However, there’s a big data loss problem which began with a HR folder as it’s was being transferred with Google Drive but didn’t sync properly. This resulted in all the files getting deleted and disappearing from the system the employees didn’t create a copy of it on the computer and couldn’t receive it from the recycle bin. However, in this situation google apps automatically create backups for mostly every file meaning it only took a couple clicks to get exactly what they had before meaning they received of their lost files.

However “Without a backup and restore solution, the data is this important folder would have been lost forever, putting AMAG’s compliance with regulations surrounding data availability and backup in jeopardy.”(Spanning,2015) meaning one accidental press of a button or incorrectly syncing data can result in your entire system shutting down.

In my opinion this is a low level threat as many organisations and companies ensure to create backups every few days of all their data and have servers in place to make sure all there data is backed up and can never be lost so this threat should only be an issue to low level organisations who have not taken the right precautions when creating backups of crucial information/data. On the other hand if data is “accidentally lost” this creates a huge threat as intern it could shut down their entire IT system resulting in their company being down for a couple days which could affect users of their company giving them a bad reputation and putting them out of the market. To stop this threat, they can simply house there data more securely.

Unsafe practice: use of external flash storage

Storage’s for example USB storage’s are able hold large quantities of data and if someone was to easily lose or misplace this item a lot of data is compromised, as many companies sometimes hold important and crucial data on flash storage for transport or sometimes safety over there computer systems which could be hacked into.

An example of how a USB stick can cause a data breach is seen with the Heathrow Airport breach a couple years ago the Mirror reported “that a USB stick with 76 folders with maps, videos and documents, including details of measures used to protect the Queen”(BBCNews,2017). This USB stick was just found on the street containing all this security information meaning anyone could have found it and could have caused a gigantic breach in security for not just the airport but also the Queen.

Find Out How UKEssays.com Can Help You!

Our academic experts are ready and waiting to assist with any writing project you may have. From simple essay plans, through to full dissertations, you can guarantee we have a service perfectly matched to your needs.

View our services

These type of breaches are very big as they both show a lack in employee trust and a lack in housing data securely , as said the employee must have miss-placed the USB stick resulting in it being on the street where anyone could have took it and released ID of multiple important people including security Patrol’s. However the organisation security is at fault as they shouldn’t place crucial data on a USB stick that can be simply lost or misplaced they should store their data on a server that only a few people have access to so they can ensure that no one will ever get their hands on the information that was nearly lost forever.

External Threats

Data theft

If data gets stole from an unknowing victim this means that data can be used to release private information that an organisation was storing. Compromising privacy. Data theft is a massive issue on both an external and internal level as mentioned before employee actions can lead to them stealing data and releasing it to the public or selling it whereas externally hackers can get into a organisation system and steal data directly sometimes without them even knowing and could use this to ransom money off the company.

An example of data theft is seen with the German data theft where in the end the suspect confessed to realising information on twitter such as private info on politicians, journalists, and celebrities. “About 1,000 people were affected, including German Chancellor Angela Merkel. Politicians from every major political party except for the far-right AfD were targeted, although investigators said they had yet to find evidence of the suspect’s political inclinations.”(BBCNews,2019).This shows that one person can affect huge events and people such as politicians this one data breach had a massive impact on the political votes in Germany as emails and letters were published from multiple politicians giving them a bad name and making them lose their reputation. This story shows how one data breach can not only affect an organisation/political party but also individuals. As presented with this story data theft can lead to a massive spiral of bad events meaning it can be viewed as one of the biggest threats to an organisation as if private data is released from a company they could lose all their reputation and go bankrupt / lose their business.

This could be prevented by encrypting all pieces of data that is flowing out of an organisation and keeping that data in a secure location not allowing everybody access to it. Firewalls and anti-virus programs are now capable of stopping hackers and external threats from stealing private data and all organisations should ensure they have these precautions set up in place.

Destruction of data

Destruction is self-explanatory its where an individual destroys pieces of data or information on purpose planning for the organisation to lose personal and protective data.

An example of destruction of data is the AWS security breach where a “Vengeful sacked IT bod destroyed ex-employer’s AWS cloud accounts” in this situation a sacked tech guy nuked 23 of the company’s servers triggering a shutdown of the organisation. The server shutdown made by the individual resulted in “Voova losing a significant number of clients and even had to make redundancies as a result, Thames Valley Police claimed.”(Corfield Gareth, 2019.) meaning a lot of people lost their job all because of this one man.

The seriousness of this type of breach is massive as shown in the example as not only could people lose their job due to lack of money but also they lost hundreds of clients due to them, firstly losing their reputation but also , losing the trust they had gained with certain clients. The way the organisation could have prevented this was by ensuring that after he got sacked, he had no way to get back into the organisations system or cloud account storage. This can be done by removing his level of access from their system immediately but also ensuring that objects such as their cloud accounts were backed up to make sure that if they were lost there was no impact on the organisations flow.

Physical Threat

Malicious damage to equipment or data

Malicious damage to data is a huge issue as it removes the data and corrupts the data meaning it will get lost from the system and if data is lost it could mean an error in the whole organisation could occur as they could lose important system information shutting down the company. However damage to equipment can be worse than data as damaging servers , motherboards of systems, hard drives and even destroying monitors can plummet the organisations reputation, income and progress as equipment both destroys the data of a IT system but also it destroys the functions of an organisation and results in there shutdown.

Recently researches found a hack attempted with a Triton malware program, which intended to cause physical damage to industrial equipment in effort to stop them from running. In 2017 the malware attack was first detected to target the “critical-infrastructure organisation” in the Middle East. The attack was aimed to cause network damage and steal data but instead it ended up causing actual damage to the equipment. This affected the IT system of the organisation as it resulted in breach of security and data being damaged so severely it resulted in the machinery being damaged as well.

In my opinion I think this is a massive issue as malware attacks are a huge issue with the development of technology and in this situation, it caused serious damage to the organisations equipment resulting in slowing down the company. The researchers stated that “Most of the attack tools they used were focused on network reconnaissance, lateral movement and maintaining presence in the target environment.” (Riley Duncan, 2019) meaning the attack wasn’t meant to destroy the equipment but resulted in the machinery being affected.

Theft of equipment or data

Physical threats such as theft of equipment can result in that data being ransomed and the company losing a lot of money from an individual. Theft of data has been mentioned before where confidential information can be robbed and released to the public, the data could include financial information, and private information about an organisation’s users.

Recently a German information firm that works with a lot of huge companies such as Volkswagen AG, Oracle Corp, Toshiba Corp. This hack involved an individual stealing customer data in early April of this year the data thief ransomed the info he stole for $5000 to prevent him from releasing all their private materials. In the end the ransom was not paid and resulted in all the data being released on the dark web which included 516 giga bytes of financial and private information on clients. “Organizations need to not only ensure that their data is secure but also take steps to evaluate the security posture of their suppliers,” this means the organisation could of took the right precautions to ensure they didn’t have data stole of them. In this situation they need to ensure that they have all their data encrypted to make sure hackers can’t access it so easily. In my opinion if these precautions were made it would have stopped this entire event especially if your organisation is housing finical information you should make sure that all pieces of data are kept in a secure encrypted system.

Information security

CIA Triad

The CIA Triad is a model used to inform people on the policies of information security within an organisation. The model is called the CIA Triad as it stands for Confidentiality, Integrity and Availability which considered the most important key elements / components of security.

Confidentiality + Unauthorised access of information + Protection from external threats

Confidentiality in other words is the privacy of a system. This principle ensures that sensitive information is kept prevented from reaching the wrong individuals such as hackers or people who will exploit the sensitive information although organisations still need to ensure the right people can access it.

Organisations use confidentiality a lot when protecting IT systems and data as they categorize pieces of data according the to the damage it will cause if it would fall into the unintended hands. Organisations who handle private and confidential data use this method to separate data into categories so low-level individuals can still access the files they need but the high-level employees can still access the high-end files they need. Another good way in which organisations use the principle of confidentiality is when they apply account numbers in places such as banking associations to make sure they can track and organise each customers data without security issues such as breaches. Ensuring confidentiality can also be done with data encryption, user identification and passwords now go through a standard two factor authentication to make sure that each users account is secure. In high security organisations such as financial businesses they normally use biometric verification because as stated in the “Why your business can benefit from biometric authentication” article “passwords will not protect your business today. Even if your company relies on two-factor password authentication, your company is vulnerable” (General News. 2018.). as many individuals use the same characters when creating their passwords or link it to a birthdate or common phrase resulting in hackers getting into people’s business accounts. So, when thinking about confidentiality in IT systems biometrics are a perfect way to keep server rooms and levels of access to data in organisations protected.

Integrity + Deliberate or accidental loss of information

This principle involves maintaining all aspects of consistency, accuracy and trustworthiness of a data’s lifecycle. When data gets transferred organisations must take the right precautions in maker sure the data cannot be altered by external people such as hackers as linking back to principle one this would breach the confidentiality of the data.

Organisations use the principle of integrity when protecting their IT systems in many ways the first is with file permissions. File permissions simply means that on each file of data levels of access have been placed to ensure that unauthorised users can’t access files they are not allowed to which links directly to the next point of user access controls. In an organisation an individual with have control over who can access what in the IT system making sure again not anyone can access the private and confidential files. These measures are a giant advantage to protecting your IT system in an organisation as its ensured that files are kept securely organised and kept prevented from being changed or altered by an unauthorised user. A way that organisations prevent accidental changes or accidental deletion of data is through version control as means must be put in place to fault for human error so if some accidently deletes a crucial piece of data there will be ways to reverse the action and get that data back such as server backups in organisations. however non-human events such as EMPS and crashes means that backups must also be created so if data is affected it can be restored to its original state. For verification of integrity company’s normally also use cryptographic checksums.

Availability + Protection from physical threats

Availability is making sure that everything is running up to standards being both available to use but easy to use as well and doing this requires a lot of maintenance from an organisation.

This is the most important principle of the CIA Triad in relation to protecting IT Systems as if one piece of hardware or software is out of date hackers can take advantage of this is get into your system. To make sure this doesn’t happen organisations must perform regular repairs and updates to their systems to make sure everything is functioning correctly. The biggest unpredictable threat is natural such as floods, fire or damage from a natural disaster like an earthquake meaning systems must be backed up to ensure data won’t be lost but also computer systems are protected against substances such as water because one mistake could result in the entire organisation failing. So, availability is very important in protecting IT systems.

Legal Requirements

Data protection act 1998

The DPA is an UK law purely designed to keep people privacy, when it comes to personal data, safe. It sets out rules in which organisations must follow when handling private/personal information such as:

Personal data must be fairly/lawfully processed while making it clear that an individual can still access and correct the information an organisation is holding about them.

Personal data must also be adequate, relevant and non-excessive meaning you may not collect more information then requires or simpler you should only collect the bare min amount of data.

Personal data must also be up to date and fully accurate meaning many organisations such as banks need to ensure they have a way for users to update their information in a fast way such as an online banking app.

Personal data should also not be kept longer then needed in a business or organisation. As when the data is collected it should only be retained in the organisations system for a certain amount of time, and that individual should also be told how long this will be.

Finally, and the most important guideline to follow is keeping data secure which means for an organisation to take the right steps they must encrypt the data and keep it on as protected system to ensure it can be changed on tampered.

Bibliography

TeamObserveIT. 2018. 5 Examples of Insider Threat-Caused Breaches | ObserveIT. [ONLINE] Available at: https://www.observeit.com/blog/5-examples-of-insider-threat-caused-breaches/. [Accessed 26 April 2019].
Spanning. 2015. 4 real-life examples of SaaS data loss… | Spanning. [ONLINE] Available at: https://spanning.com/blog/4-real-life-examples-of-saas-data-loss/. [Accessed 01 May 2019].
BBC News. 2017. Heathrow probe after ‘security files found on USB stick’ – BBC News. [ONLINE] Available at: https://www.bbc.co.uk/news/uk-41792995. [Accessed 01 May 2019].
BBC News. 2019. German data theft: Suspect confesses in Hesse – BBC News. [ONLINE] Available at: https://www.bbc.co.uk/news/world-europe-46793116. [Accessed 01 May 2019].
Corfield, Gareth 2019. Vengeful sacked IT bod destroyed ex-employer’s AWS cloud accounts. Now he’ll spent rest of 2019 in the clink • The Register. [ONLINE] Available at: https://www.theregister.co.uk/2019/03/20/steffan_needham_aws_rampage_prison_sentence_voova/. [Accessed 01 May 2019].
Riley Duncan, 2019. New malware attack causes real-world damage – SiliconANGLE. [ONLINE] Available at: https://siliconangle.com/2019/04/10/new-attack-involving-malware-causes-real-world-damage-detected/. [Accessed 02 May 2019].
Riley Duncan, 2019. Data stolen from IT firm that works with Oracle, SAP and others – SiliconANGLE. [ONLINE] Available at: https://siliconangle.com/2019/04/30/data-stolen-firm-works-oracle-sap-leading-companies/. [Accessed 02 May 2019].
Rouse Margaret. 2014. What is confidentiality, integrity, and availability (CIA triad)? – Definition from WhatIs.com. [ONLINE] Available at: https://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA. [Accessed 03 May 2019].
General News. 2018. Why your business can benefit from biometric authentication – ievo Ltd. [ONLINE] Available at: https://ievoreader.com/why-your-business-can-benefit-from-biometric-authentication/. [Accessed 03 May 2019].
Hall Josh, 2010. Data Protection Act 1998 principles: a summary for UK small businesses. [ONLINE] Available at: https://www.simplybusiness.co.uk/knowledge/articles/2010/04/2010-04-23-data-protection-key-responsibilities-for-small-businesses/. [Accessed 04 May 2019].