Organizational Leadership and Cybersecurity

Name

Institution

Date

Organizational Leadership and Cybersecurity

Cybersecurity entails the protection of systems that are connected to the internet including the hardware, software as well as data from an attack by unauthorized personnel. Cyber-attacks are an attack conducted towards digital devices or company’s cyberspace. Cybercrimes continue to be a persistent threat mainly due their financial appeal for criminals. Cyber threats are a big deal and nowadays all companies as well as individuals try as much as to protect themselves from attacks by including an identity protection because hackers may obtain valuable information that thy may use for blackmail. One type of an attack that can be used is ransomware which is a malware that can be used to hack a system. Criminals often hide links to ransomware on web pages which just appear to be normal but just a single click and the attackers gain access to the computer. Ransomware prevents one from accessing or using the system until ransomware is paid. Cybersecurity id an important aspect of preventing ransomware attacks by ensuring the system is protected.

In a report by Cognizant, 45% of senior executives think of cybersecurity as just an IT initiative instead of seeing it as a company’s top priority. More often than not, organizations often find themselves not prepared from an attack because top management were not really vested on the issues as much as they do on other matters such as companies profits. A company’s leadership is likely to affect how implementation of comprehensive cybersecurity in a company. When a company has a comprehensive cybersecurity strategy they are in a better position to leverage both digital and technological advancement thus enhancing performance (Hasib, 2014). As a leader whether with an IT background or not, it is important to look at the risks that are associated with cybersecurity as it will be helpful in making decisions in a company. Leadership involvement with the companies’ cybersecurity strategy ensures that strategic organizational interest ae aligned smoothly.

The challenges of responding to cybercrimes lie on two extreme: Adversaries improving their tools and techniques to match security advances. Networks not maintaining baseline security features making them bait for adversaries. The challenges in preventing and responding to cybercrimes are numerous. Firstly, internet of things (IoTs) which include smartphones, printers, home appliances are designed with no initial security consideration. This makes these gadgets easy targets for malicious cyber attackers. Secondly, most cybercrimes committed are financially motivated. Adversaries often attack networks through ransomware and social engineering to demand for money. There are also state-sponsored adversaries who attack another country’s networks either for espionage, interference, or targeting infrastructural strengths. Additionally, businesses may engage in cybercrimes to gain advantage over competitors or engage in intellectual theft. Lastly, cybercrimes can be conducted for malicious intent by publicizing personal information to bring shame to a business or individual.

Cybersecurity as a couple of advantages that may be very useful to a company. The first is protection of a company’s information. With digital ae, companies tend to store major important information in the computer system which may include company’s financial information, sensitive data, employee’s data and so much more. It is important that only authorized personnel get hold of such information or the information may be used by malicious individuals to take down a company. Cybersecurity system has varying level of security. Gone are the days where just a single pin or password could give you access to a system as multiple layers of protection are now possible including using a person’s biometrics. These varying levels of security will allow some personnel to access data which they have clearance to.

Financial institutions are able to protect themselves from attack and also protect their client’s information. According to Reuters, out of “94 cases of cyber-attacks reported as financial crimes since 2007, the attackers behind 23 of them were believed to be state-sponsored, the majority coming from countries like Iran, Russia, China and North Korea” (Moon, 2019). With the constant changes in technology varying from, cloud, mobile and emerging technologies provide a foundation for innovation in products and services that support increased productivity and broader operational capabilities. However, cyber criminals are also using the same technologies to launch increasingly damaging attacks (Symantec, 2015). Having a security system in place can help prevent this. There are also certain disadvantages associated with cybersecurity. The first is difficulty in configuring firewalls correctly which may result a user from not being able to perform certain actions. Installation of cybersecurity may also render a system to perform slower than it did and there is also a constant need to keep updating software in order to incorporate new settings.

There are several risk that the organizational leadership may keep in mind while executing cybersecurity in a company. Company’s culture is an important factor to consider when building an organizational cybersecurity. One should be able to define structure, communication intent as well as expectations. There should be appropriate leadership involvement allowing accountability. Another consideration is priorities. All organizations need to prioritize risks as well as responses. In order to do this one needs information on the changing threads, and potential impacts. Another consideration is speed. When an organization gets exposed to a risk, speed is of key essence in trying to ensure impact is minimized. Incident management plan that have been put in place should be implemented periodically (Eckenrode, 2018). Cyber hygiene is another consideration. This basically involves basic activities that will help secure infrastructure preventing attacks and reducing risks. Cyber hygiene should be a routine practice warding off common threats as well as natural deterioration. Lastly is resilience. A system can never be completely hack proof. Risk management needs to ensure that there will be continuity of critical tasks during or after cyber-attacks. Most organization have adopted the CERT Resilience Management model in order to improve operational resilience.

A real example on cybersecurity is the Sony hacking. On 24th November 2014 a group of hackers who referred to themselves as Guardian of Peace were able to get into the Sony Pictures system releasing very sensitive information including personal information of employees as well as family members, emails about executive salaries as well as unreleased films. One pf the reasons the hackers gave out for hacking the system was because a movie called “The Interview” had been aired by Sony Picture. This movie was about assassination of Jong-un, North Korean President. In dealing with such an attack, first step is identifying which attack has been used to breach the system. Understanding whether it’s a phishing, ransomware, distributed denial-of-service, password attack, eavesdropping or SQL injection (Arlitsch, 2014). By understanding the type of attack one is able to gauge the extent of an attack as wee as it sources. Next step involves securing the network without resulting in any other further damage. One may reset all passwords and also get rid of any files that may have been corrupted. If the extent of the breach is too much then one may have to take the system offline.

In conclusion, organization leadership is important in cubing and dealing with cybersecurity. By involving the company’s leadership while creating cybersecurity for a company, it is easier to ensure measures in place align with strategic goals of a company. Involvement of organizational leaders would also ensure a culture that fosters overall cyber-secure behavior and that all employees should be aware of the cyber threats.

References

Arlitsch, K., & Edelman, A. (2014). Staying safe: Cyber security for people and organizations. Journal of Library Administration, 54(1), 46-56.

Eckenrode, J., & Friedman, S. (2018, May 21). The state of cybersecurity at financial institutions. Retrieved from https://www2.deloitte.com/us/en/insights/industry/financial-services/state-of-cybersecurity-at-financial-institutions.htmlHasib, M. (2014). Cybersecurity Leadership: Powering the Modern Organization. Tomorrow’s Strategy Today, LLC.

Moon, A. (2019, March 22). State-sponsored cyberattacks on banks on the rise: report. Retrieved from https://www.reuters.com/article/us-cyber-banks/state-sponsored-cyberattacks-on-banks-on-the-rise-report-idUSKCN1R32NJ.

Symantec. (2015). Cyber Security for Financial Services:Strategies that Empower your Business,Drive Innovation and Build Customer Trust. Symantec White Paper.