Post your thoughtful analysis about one key point you took from this assigned reading. (This first week you are not required to post: One question to ask your fellow classmates to facilitate discussion, nor are required to post In The News nor comment on other students’ postings.)
Reader Interactions
Comments
Leave a Reply
You must be logged in to post a comment.
There were several points that stood out for me. This article had a ton of information but one topic that stood out for me in this reading is the four companies that were listed, especially DOW Chemical, all use legacy systems that don’t align with new current technologies and business goals, but these companies understand their operating models, and they capture the critical components of their operation model in their enterprise architecture. Then they use their architecture to continually improve their foundation for execution. I would have liked the article to go into more detail on this and it makes me think how the companies sustain that type of architecture system as people move on or retire etc. How do they maintain that level? Is it a strong emphasis on training?
The linking technology that Delta used was informative as it showed how all the key focus point of the company: customer experience, operational pipeline, business reflexes and employee relationship management all were satisfied from the Delta nervous system which concentrated on nine core databases but also branched to these focus point and hitting sub point within the main objectives. This technology brought them from one of the last companies to one of the first in key performance indicators to being the only airline that was constantly in the top three on the most important metrics which are lost baggage, customers complaints and in-time performance but it did not help them sustain them from claiming bankruptcy in late 2001. I don’t know if the blame of bankruptcy could be pointed to their system type but feel like it may have been spread out too much which could be costly for employee retention and slow down communication throughout each department, which I believe could have contributed to the bankruptcy.
Sorry team this is for the 2nd post ” Ross, J.W., Weill P., and Robertson D.C. (2008), “Implement the Operating Model Via Enterprise Architecture”
One key point that I immediately took to was the section regarding data breaches. More specifically, examining the cost of data breaches showed that the estimated cost between 2019 and 2023 was less than the actual annual cost of data breaches from 2021 onward. The book notes that the estimated cost for data breaches between 2019 and 2023 would be $5.2 trillion. However, this amount has risen dramatically with some organizations predicting the cost to rise to more than $6 trillion annually as a result of more state-sponsored and organized crime attacks as well as an increasing trend of ransomware attacks. It’s also interesting to note that although the book states that 67% of data breaches are due to financial reasons, this has become more frequent now as large-scale organizations primarily target organizations through ransomware for larger economic gain.
https://cybersecurityventures.com/cybersecurity-market-report/
I found the whole chapter interesting and not just saying that to fill in the blank. It started to tie in the last class of protection of information assets with the CIA and also has insights into the types of attacks, the size and how often and who is affected by these attacks. What stood out for me was the aggressiveness of these people that did these attacks, specifically the one executive that worked in the Korean credit bureau that stole 104 million credit cards that belong to 20 million people which is 40% of the population of South Korea. He was hired for security of data and robbed them in plain sight then turned around and tried to resell the information back to the executives at a phone marketing company! That is just mind boggling to me. That brings me into another part of the chapter, employees and how ex-employees are threats to companies. According to the chapter, 25% of crimes likely come from insiders and IT security employees are the most dangerous of all. When I started to think about this, it reminded me of the leaks the US military had a few months ago by one of their personnel that leaked information in a public chat forum. The chapter also points out the dominance by career criminals and how most of external attackers were employees, ex-employees, our external attackers interested only in fame and feeling of power. It makes me think of what needs to change on the foundation level of hiring and what practices etc. need to happen in order to keep employees from attacking, stealing etc. of information for companies that work for or companies that did work for. This chapter was packed with information, but these are some of the topics that stood out for me which makes me think how the hiring and exiting process will evolve over time as cybercrimes increase.
https://www.military.com/daily-news/2023/05/22/air-force-looks-better-control-access-classified-data-after-intelligence-leak.html
The chapter offered an intriguing exploration into the protection of information assets, particularly highlighting the aggressive nature of cyber attacks. It underscored the startling reality of insider threats, illustrated by the audacious theft of 104 million credit cards by a Korean executive. It also prompted a reflection on the need for a fundamental shift in hiring practices to mitigate such risks. This chapter served as a stark reminder of the evolving challenges in cybersecurity as cybercrimes surge.
Upon reading into Boyle and Panko’s first chapter, “The Threat Environment”, a singular aspect left a profound impact on my analysis. Their systematic exploration of the sheer magnitude and diversity of the present-day digital threat landscape underscores the pressing need for robust cybersecurity measures. Emphasizing the omnipresence of such threats, the authors underscore the urgency for perpetual vigilance and continuing refinement of our digital defense strategies. As future leaders, our ability to comprehend and counteract these constantly evolving threats holds the key to safeguarding our digital frontiers. This seminal chapter, punctuated by its astute observations, proves remarkably compelling in urging readers to view cybersecurity as not an amenity, but a necessity.
Away from this is my question about treatment of cyber threats by some global leadership. Is cyber threats being discouraged? How about what is perceived as cyber warfare today?
Indeed , “The Threat Environment”, astutely highlights the vast and varied digital threats of today, underscoring the critical need for robust cybersecurity. Their compelling narrative emphasizes the constant presence of such threats, advocating for continual vigilance and refinement of digital defenses. As emerging leaders, mastering these evolving threats is crucial for securing our digital domains. This leads to a pertinent question as you rightly asked: how is global leadership addressing cyber threats and perceived cyber warfare?
One key point that stuck out to me was in the section about international gangs committing cyber crimes. The interconnectivity facilitated by the internet has effectively nullified traditional barriers such as national borders and passports, enabling these criminal enterprises to execute various cybercrimes with relative safety from foreign legal consequences. The narrative sheds light on a logistical problem faced by these entities, namely the reluctance of numerous online sellers to ship goods beyond the United States. To circumvent this challenge, they enlist the services of transshippers and money mules, strategically recruited through online employment platforms. These individuals inadvertently become integral to the smooth facilitation of illicit shipments and financial transactions, exemplifying the sophisticated and globally dispersed networks characteristic of international cyber crime syndicates.
One crucial concept extracted from the first chapter of Doyle and Panko’s “The Threat Environment” is the varying impact of data breaches on organizations. A data breach, described as unauthorized access, alteration, or theft of secured data, can create extensive damage to an organization.
In 2018, over 5 billion records were reportedly stolen; accentuating the urgency of addressing data security as a significant global concern. Especially alarming is the fact that the financial ramifications are devastatingly high. According to Accenture’s 2019 Cost of Cybercrime report, the average cost for a data breach in the United States is $13 million per incident. It is estimated that the cumulative global costs of data breaches will rise to $5.2 trillion between 2019 and 2023. Direct costs related to a data breach, such as notification, detection, escalation, remediation, legal fees, and consultation, considerably elevate these economic impacts.
In addition to these direct expenses, indirect costs such as loss of reputation, abnormal customer turnover, and increased customer acquisition activities add an estimated $3.9 million per incident to the total cost. The Ponemon Institute concurs, projecting a 28% chance of an organization experiencing a data breach in any random 24-month period. Consequently, data breaches are not only destructive but also alarmingly recurrent.
Acceleration in technological advancements necessitates organizations to preparedly to anticipate a potential breach, technically, financially, and logistically. Data breach security is not an option but a critical strategy to protect corporations from significant financial, reputational, and operational annihilation.
Chapter One The Threat Environment delves into the concept of threat environment which introduces different attacks and threat actors. An organization needs to understand its attack surface for it to identify the attacks that can take place and understand the threat actors for them to stay ahead of them as attacks are always evolving.
Although most of the concepts such as malware and different social engineering tactics were familiar to me, I appreciated how the authors used relevant industry examples to delve through different concepts and added to the cost aspect to show the financial losses caused by cyber-attacks. This helped me to understand the impact of these attacks.
The authors talked about insider threats and how difficult it is to defend against insider threats. I couldn’t help but wonder how can the firms protect themselves from insider threats, do things like Separation of duties which involves dividing tasks and responsibilities among multiple individuals or teams to prevent a single point of failure or potential abuse, and Job rotation(moving employees through different roles and responsibilities within an organization)help minimize the problem of insider threats, these are the concepts that were covered in class, however, I haven’t had the opportunity to experience them at work, therefore, I am not sure how effective they are and the challenges they impose.
One question that I was left with from reading this chapter is when thinking of the threat environment should we take into consideration and plan for natural disasters? I believe natural disasters such as floods, fires, and so on can cause harm to the availability of data and resources.
The one standout point to me in the first chapter for this week was the wide range and direction from which threats can originate. Boyle and Panko go to great lengths to give the reader a sweeping understanding of where threats come from, and create a startling image, as it seems like there are potential threats lurking in every corner. The chapter focuses on a lot of topics we covered in our previous course last semester, but specifically provides a lot of insight into just how toxic the web and internet access can be for a non-security aware organization. The specific detailing of how threats can come from external sources, such as various hacker groups or malicious individuals highlighted what I perceive as the typical “hacker fear” or what most people perceive of when they think of computer hacking, but the chapter also goes into great detail on how threats can originate from internal sources as well. The idea that internal employees and operators within the company can be just as great a risk, if not greater, poses a dynamic threat to creating a secure plan for an organizational structure. This, combined with the myriad of tools available to bad actors within any given system creates an overarching threat environment that must be understood and counteracted to avoid catastrophic damage or loss to an organization’s assets or reputation in the industry, as exemplified by the real-world “in the news” examples provided by the authors, creating a sense of realness to the more abstract concept of a threat or risk
My favorite part of the Boyle and Panko reading this week was found in 1.6 The Criminal Era, where it talked about the how most attackers as of recently are career criminals rather than employees/ex-employees or criminals looking to make a name for themselves. With the internet being able to cross borders and take place anywhere criminal enterprises are able to take advantage of this fact and are able to operate out of almost anywhere with an internet connection, they’ll usually be operating out of the US and use people like transhippers and money mules to export their illegally gained goods out of the United states. These attacks are contrary to advanced persistent threats which are usually done by foreign governments or large terrorist organizations.
In the opening chapter of Boyle and Panko’s “Corporate Computer Security,” we find out the most damaging cyber threats often wear familiar faces. Insider threats, individuals with authorized access and deep knowledge of internal systems, pose a significant and under-recognized risk. Consider them adversaries who operate from within the castle walls, wielding the keys and understanding the security mechanisms intimately. The dangers they present are diverse and potentially catastrophic. Disgruntled employees, financially desperate colleagues, or even careless individuals can unwittingly or intentionally compromise sensitive data, disrupt operations, or cause financial harm. Statistics show that many cyberattacks originate from this insider threat landscape. However, Chapter 1 doesn’t just paint a dark picture; it offers a roadmap for defending against insider threats. This requires a proactive approach that moves beyond traditional perimeter defenses. We must empower employees to identify and report suspicious activity, implement the principle of least privilege to limit potential damage and utilize advanced monitoring tools to detect anomalous behavior before it becomes a full-blown breach. By acknowledging the insider threat and fostering a culture of vigilance and shared responsibility, organizations can transform themselves from vulnerable fortresses to secure communities, safeguarding their digital assets from adversaries hidden within their walls.
This chapter did a great job of establishing the foundation at what a threat environment is. First, it talks about the necessary conditions such as the types of attackers and the specific attacks that the companies face. The chapter then shows two graphs which display attacks by the type. It’s evident that Malware is the most prevalent of them all. It then goes into CIA which was discussed in last terms course, and the three countermeasures being preventative, detective and corrective. The rest of the chapter goes into slightly more detail about wh0 many threats come from, the condition of the cybersecurity market, and what happens when sensitive data is stolen. It appears to me that this is mostly a recap of last terms methods which isn’t a bad thing, considering now would be the best time for us to have a refresher.
This chapter underscores the significance of comprehending the threat landscape faced by companies, encompassing various attackers and their methods. Cyber threat actors engage in malicious activities by exploiting technical vulnerabilities, employing social engineering tactics, and manipulating social media. A determined adversary strategically selects techniques post-reconnaissance to achieve successful exploitation.
While companies often have security protocols for external threats, the primary risk typically stems from within. Many security breaches result from human error, highlighting employees as the primary culprits. Organizational culture and a lack of proactive cybersecurity measures contribute to this vulnerability. Exploiting employees through spear-phishing is a common tactic, especially when they lack sufficient cybersecurity education. Recognizing a cyber-attack is more challenging than preventing one, leading to 95% of security breaches being attributed to human error and highlighting people as the weakest link in cybersecurity.
A key point I noticed is that corporations and subgroups within corporations have security goals, which are the three CIAs: confidentiality, integrity, and availability. However, aside from the CIA, companies have a variety of other security goals.
In addition, the threat environment is rapidly changing. Each company is likely to experience several incidents, breaches, or compromises per year, and the methods and types of these attacks are constantly evolving. To address these issues, security professionals must devise a variety of mitigation strategies. Countermeasures are classified into three categories: preventative, detective, and corrective. Companies can respond to both internal and external threats by developing effective countermeasures.
The text talks about the impact of data breaches. Such event cost organizations millions to recover. At the end of 2018 data breaches have cost over $5 trillion according to the text. I briefly read about the Yahoo breach in 2016 but I was not aware the up to three billion customer records were stolen. This is eye popping as well as disturbing.
With all the technology and tools created to protect data, hackers have still been able to pilfer organizations of steal data. Honestly it vexes me when I hear of a data breach and the cause was a sysadmin not closing a port or a user opening a suspicious attachment. True hackers have gotten stealthier, but the strongest defense is user and if they practice good security measure, this will reduce data breaches.
Upon reading into Boyle and Panko’s first chapter, “The Threat Environment”, a singular aspect left a profound impact on my analysis. Their systematic exploration of the sheer magnitude and diversity of the present-day digital threat landscape underscores the pressing need for robust cybersecurity measures. Emphasizing the omnipresence of such threats, the authors underscore the urgency for perpetual vigilance and continuing refinement of our digital defense strategies. As future leaders, our ability to comprehend and counteract these constantly evolving threats holds the key to safeguarding our digital frontiers. This seminal chapter, punctuated by its astute observations, proves remarkably compelling in urging readers to view cybersecurity as not an amenity, but a necessity.