Cyber Security Vulnerabilities Essay Example | Topics and Well Written Essays - 3500 words

Cyber Security Vulnerabilities - Essay Example As per Gartner, 70% of security incident occur internally i.e. from the organization premises (Dickerson, 2004). Likewise, in September 2004, HFC bank that is one of the largest banks in the UK sent an email to their 2600 customers mentioning that an internal operational error has made recipients email address visible to everyone within the email. Consequently, ‘out of office’ feature was triggered from some of the customers and their personal phone numbers and other details were shared with each other (Dickerson, 2004). This shows that even simplest of mistakes can lead to an even bigger problem. As information systems are now considered as the fundamental function, every organization acquires information systems for business automation, better customer service and ROI (return on investment). Moreover, electronic commerce has also introduced many businesses that are only virtually present. For instance, Amazon that is an online store for selling books generates revenue from the Internet. Customers pay via credit cards for the purchased books that are delivered to them. In this scenario, any sort of security breach may inject an SQL injection or cross site scripting attack on the website can affect the business as well as customer confidence. ... It is the responsibility of the organization to protect and secure data privacy. However, there is not a single law that states how to handle customer information. For this reason, organizations sell or trade customer information with business partners and even to third parties. Likewise, sometimes the sole purpose of this personal data exchange is funds. Although, every online organization has a privacy policy which states how they will handle and secure customer data but at the same time there is no verification criteria. In the following sections, we will critically evaluate a single most cyber security weakness for IT managers within an organization. Likewise, our main argument will cover different domains i.e. the local area network, applications, hardware, transmission media, enterprise networking, intranet, extranet etc. As per (Libicki, 2009): â€Å"In theory, all computer mischief is ultimately the fault of the system’s owner if not because of misuse or misconfigurat ion, then because of using a system with security bugs in the first place. In practice, all computer systems are susceptible to errors. The divergence between design and code is a consequence of the complexity of software systems and the potential for human error. The more complex the system and they do get continually more complex the more places there are in which errors can hide† Association and Weakness The above mentioned argument is indicating to a vulnerability resides within the system that can be utilized for hackers to gain access and is known as exploit. Apart from this inherent risk resulting from inadequate coding practices, human element is also considered as a serious threat that is not limited to hardware,