Since information used by organizations are mainly

Since cybersecurity is the body of
technologies, processes and practices designed to protect networks,
computers, programs and data from attack, damage or unauthorized access.
In a computing context, security includes both cybersecurity and
physical security.Information technology has greatly advanced in the
21st century, with increasing global interconnectivity. Data and
information used by organizations are mainly stored or carried through
cyberspace. This comes with many vulnerabilities or risks that can be
exploited by criminals, competitors, terrorists and unauthorised
agencies to access organization resources. Cybersecurity can be
described as the utilisation of technologies, standard processes and
practices to protect information systems including data, computers,
software programs and network, from attack, unauthorized access and
modification, destruction or theft. The roles of cybersecurity in an
organization are explained below:

Protection of assets: Intangible assets of organizations such as
computer software, patents, intellectual property (IP), company
information, literary work, licensing agreements, employment contracts
and trade secrets are mainly stored, managed and shared on network
systems. Securing these data and information protects the mission or
function of the organization. Cyber insecurity can result in theft of
IP, trade secrets and valuable company information, which can cause
financial loss, business shutdown or breakdown of business relations. In
2010, for example, Google reported IP theft by operators from China,
who exploited weaknesses in Internet Explorer to hack into their Google
China Operation 1, 2. This incident affected business relations
between Google and China.
Protection of business functions/activities: Many organizations
provide several services using the internet. Financial institutions
operate electronic banking services which provide 24-hour access to
funds and secure banking transactions. Without adequate cyber security,
network systems can be overloaded in a ‘denial of service’ attack,
shutting down electronic services temporarily. For example, in January
2016, HSBC UK suffered a ‘denial of service’ attack where customers were
denied access to internet banking for several hours 3. Such incidents
can frustrate clients and potentially lead to loss of customers.
Further, it can ruin the reputation of the organization.
Protection of company records: Organizations manage records of
finances, employees, physical assets, passwords and access codes to
sensitive information or to carry out specific tasks on network systems.
These sensitive information must be secured from unauthorized
modification or access by both employees and hackers. In 2014, for
example, it was reported that over 1.2 billion passwords were stolen by
Russian hackers 4. These criminals were able to extract records from
compromised network systems. Quite recently, hackers were able to modify
chemical levels used by a water treatment facility by exploiting
vulnerabilities in their outdated IT network system 5.
Protection of customers/clients: Many organizations store personal
records of clients on network systems. A breach of security controls or
exploitation of system vulnerabilities by hackers or sometimes
unauthorized employees can result in data privacy issues. Unauthorized
persons or agencies can gain access to sensitive personal information
leading to identity theft and misrepresentation. In 2015, Last Pass, a
password–storing company, suffered from brute force attack where master
passwords of customers, email addresses and password reminders were
stolen 6. Such incidents put privacy of clients at very high risk
since the passwords could be used to access other information such as
bank and social media accounts, and health records. Another example is
the eBay cyber-breach in 2014 where personal details of over 145 million
accounts were stolen 7.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

Cybersecurity plays a critical role in an organization. Information
security controls protect the business function of an organization and
must be considered throughout the business life cycle. It is recommended
that organizations subscribe to periodic cyber security audits to
identify its unique security needs. This can help the organization plan,
develop and implement effective measures to secure organization


I'm James!

Would you like to get a custom essay? How about receiving a customized one?

Check it out