HI6008 BUSINESS RESEARCH LITERATURE REVIEW TRIMESTER 1, 2017 INDIVIDUAL ASSIGNMENT Submitted to: Student name: Kirandeep Singh John Ayoub Course ID: OED2097 Submission Date: 28/04/2017 Table of contents 1. Introduction……………………………………………………….............3 2. The nature of Kmart’s cyber security……………………………………..4 3. Prevalence and Dimensions of security challenges……………………….4 4. Reality of changes…………………………………………………………6 4.1 Earning consumers trust online…………………………………………6 4.2 Evolving forms of cyber crime…………………………………………6 4.3 Vulnerability of the internet to states regulation……………………….7 4.4 Vulnerability of smart grid system……………………………………..8 4.5 Financial challenges……………………………………………………8 4.6 Basic practices to enhance cyber security………………………………9 5. Conclusion…………………………………………………………………10 6. References…………………………………………………………………11 Cyber Security Challenges for Business 1. Introduction With technology being a pinnacle of just about all operations of contemporary business fraternities, cyber security has turned to a subject of concern to modern day scholars particularly the issue of everyday challenges that pose a possibility of unauthorized access to a company’s data. A lot of sources that have stitched up facts based on research and every single day reports have been put in the public domain. While some elaborate and explain the depths of cyber security, others investigate on the prevalence of the issue across the globe. Other sources focus on the most likely business areas targeted as some examine the elements that inspire the hackers. Moreover, other sources address the challenges as some provide solutions and alternatives. The sources in context are significant as such online retail as Kmart Australia have recently been a target of cyber-attacks underscoring the gravity of this issue. The below table shows the price tag of consumer cybercrime to countries across globe in Dollars ($). South Africa 0.3 BN Australia 1 BN Mexico 3 BN India 4 BN Brazil 8 BN Europe 13 BN China 37 BN USA 38 BN 2. The Nature of Kmart’s Cyber Security Challenges Retailer Kmart was the on spotlight in 2015 when a dreaded cyber-attack happened as the hackers accessed crucial data of their customers (Coyne, 2015). The company had to share information with the affected customers particularly about the acquisition of their email addresses, phone contacts, billing addresses, and details about their product purchases. Coyne (2016) reports that credit card details may not have been compromised, but the image of the online retail business was affected a great deal. Apparently, the argument by the company served to underscore the fact that credit details of their clients are not held internally. This event prompted the firm to involve information technology forensic investigators to establish the factors that left their online platform vulnerable. Moreover, the company did create a new executive role that would that would monitor, analyze, and optimize all the factors that establish a cyber-safe shopping digital platform (Coyne, 2015). 3. Prevalence and Dimensions of Cyber Security Challenges While Kmart stands out as a victim of these challenges, reports suggest that just about a good proportion of businesses are prone to cyber-attacks. According to Connolly report regarding this issue, one in three Australian business companies suffered cyber-breach between August 2015 and August 2016 (2016). The report asserts that this challenge affects the companies way beyond the expected global standards set at 60%. These companies suggest that they feel even more vulnerable particularly in their attempt to safeguard crucial data that boost their performance in the market. With such reports at hand, firms have been found to suggest their intention to invest more in security relating issues with more than half the number of the local firms showing such an attitude. Stunningly, many businesses have reported that complying with measures laid down by relevant authorities does not necessarily leave a fraternity fool proof (Connolly, 2016). Apparently, Kmart has been a number one compliant but has been recently affected by this issue. As much as we put the prevalence of cyber-attacks in a local perspective, other literature expound on the possible dimensions of these challenges. Gandhi, Robin, et al. assert that just about every aspect that is software dependent is just as vulnerable to cyber security challenges (2011). The authors note that even provision of such basics as water in a community are technology dependent. Furthermore, some issues healthcare and food security are computed digitally. Moreover, aspects that deal with finances, provision of electricity, and others are connected through technology. A dependent sector is transport mainly air movement with such big bodies of motion as jets, and public transport aero planes. The authors further suggest that cyber-attacks are shaped by political, social, and cultural factors that influence people’s attitudes. Apparently, indifferences between two societies would instigate a cyber-conflict (Gadhi, et al., 2011). People tend to behave and use technology as based on what they feel about their target. The below picture show Cyber Security facts and figures for Australia as recorded by KPMG. 4. Reality of challenges 4.1 Earning Consumers Trust Online With the reality of dimensions of cyber insecurity being evident, the most difficult task for a business is to convince their potential target customers that their data is safe online. Any client would have mixed reactions particularly for a case similar to that of Retailer Kmart. Where clients learn that their email and billing addresses have been stolen at a time when online banking platforms like PayPal are dependent on emails, it would prove a challenge for businesses to boost the confidence of their customers when they intend to perform transactions online. According to Smith, the reality cybercrimes has sensitive implications upon clients, particularly when dealing with online shops (2004). The author insists that customers have a feeling of being exposed to cybercrime with a desire for more conviction from businesses that they can shop safely. Smith suggests that businesses should be committed to eliminating this vice to win the confidence of their clients. This can be achieved through the creation of reliable models that are fool proof through research and proper planning of available resources. These would serve to earn consumers trust online and can thus continue to use the internet (Smith, 2004). While those models would prove crucial, other researchers suggest that the integrity of business owners online would boost consumers’ trust online (Lee & Turban, 2014). Ability to observe high standards of security, the tendency to walk the talk, and the act of providing quality goods and services would solve trust issues. 4.2 Evolving forms of Cybercrime As much as a firm as Kmart may address the present cyber challenges, the truth is cyber criminals are devising new approaches every single day. Long time exposure to their challenges is creating a platform for cyber criminals to create more sophisticated and more damaging forms of cyber threats (Choo, 2011). Choo insists that cyber-attacks are inevitable particularly at a time when these people are criminally oriented, and want to gain financially from their actions (2011). Their main aim is always to obtain confidential information of online visitors an aspect that would leave them vulnerable. Presently, online platforms as Skrill, Payoneer, and PayPal have information that has to be safeguarded at all costs. Millions of people on the planet are counting on them to hold their finances safely at the age of cybercrime. Choo asserts that Routine Activity Theory would be a suitable tool to mitigate this issue (2011). The author backs the idea by insisting that it would serve to eliminate any open chances for cyber-attacks to occur. Denying the criminals the opportunity to start attacks mitigates the risk that would come with such actions. The theory involves making it difficult for hackers to commit crimes. It provides a strategy for detecting possible attacks before they happen. It also suggests an increment in punishment that comes with such crimes (Choo, 2011). 4.3 Vulnerability of the internet to States Regulations. While businesses may invest diligently to curb intent security, there could be hitches in the event of governments restricting or switching off the internet. Any attempts to detect cyber-attacks from such regions are affected, and cyber security teams have to start all over again. For instance, China, a country with a great deal of sophisticated cyber criminals has a tendency of regulating internet access (Pauli, 2015). Such nations are inspired by some elements or rather cite such aspects as national security. China normally cites the commitment to safeguard public social order while addressing social security issues at the same time. Practically, inability to monitor such places on issues regarding cyber security leaves clients vulnerability particularly those who find loopholes and use open filters. This has also been evident in such areas as the Arab world where leaders switch off internet access occasionally to take charge of their citizens (Clinton, 2011). Such people are blocked from the rest of the world, and their online needs are not attended too. 4.4 Vulnerability of Smart Grid Systems Apparently, it takes a reliable power source to sustain a technology framework that would digitally provide cyber security to all systems in operations. Presently, that source in the form of a smart grid is equally susceptible to cyber-attacks. A smart grid has an efficient fidelity power-flow control and is structured in a manner in which it can self-reconstruct in the case of some default. It relies on digital communication and technology applications to offer reliability and security regarding energy. When such a system is attacked by hackers, it leaves firms as Kmart vulnerable. The online consumers on the other end have no idea about them being exposed to cyber insecurity. Evidently, the efforts to provide cyber safety becomes a pipe dream. The beneficiaries, in this case, are cyber criminals who gain a great deal financially. Yan, Qian, Sharif, & Tipper warn of possible disasters that would hit both businesses and consumers (2012). They provide a set of cyber security incentives that would mitigate these risks and lay out potential vulnerabilities of a smart power system. 4.5 Financial Challenges Earlier arguments suggest that the cost of creating a fool proof digital system is hitting the roof. While a firm as Kmart depends on sales and profits realized to keep consumers safe, more online requirements may pose financial challenges. Recent developments in online security have led to the rise of the need for secure sockets layer (SSL) certificates for websites dealing with sensitive data particularly credit cards information. Those who host websites are demanding compliance by obtaining such certificates from trusted organizations. This comes with extra costs besides the resources initially invested to keep clients safe online. Those who haven’t complied have their web visitors warned by such browsers as Chrome in advance about their vulnerability when on such sites. This scares potential clients away. But the relevance of such a move cannot be downplayed. Secure sockets layer encrypt and ensure that data across a web server, and a given browser is integral. With public key cryptography, no computer power key can interpret the coded information (GlobalSign, 2016). But this suggests financial commitments. According to Knake, the cost of cyber security had hit $1 trillion dollar mark per year six years ago (2010). Reasonably, he laments about how the costs involved have crippled the likes of Estonia and Georgia. 4.6 Basic Practices to enhance Cyber security As vulnerability of business institutions has become evident, it would take a decent cyber security framework to outsmart the online criminals. Klimburg suggests a manual that would inspire all sectors of a national infrastructure in devising suitable strategies, policies, mitigation measures, and crisis management structures (2012). Moreover, the battle can be won through cooperation among global states (Legal measures to improve cyber security, 2006). They would pull resources together and design remarkable tools to prevent and deal with the crisis. They would be able to formulate rules that would be a common element among members. A pledge among members would be a reality. They would be in a position to lay down agreements on how to report cyber criminals, how to punish them, and how to educate the public on how to stay safe. A framework would be established to assess the national laws of a given country, and her degree of commitment to fighting cyber-crime. It would be mandatory to have a clearly defined code of ethics among members that would conform to United Nations’ requirements. 5. Conclusion Concisely, there are dozens of challenges that hamper the effort to create a cyber-secure environment. Loss of clients’ data to cyber criminals leads to loss of trust aggravating the situation for a company like Kmart. While this is prevalent across many parts of a state, the criminals get sophisticated with time making it even harder to handle them. The tendency of some nations to regulate internet access hampers the process of pursuit of these criminals. Such criminals have the ability to attack essential components that run the internet like smart grids worsening the situation further. Demands to deal with such issues turn costly and affect the smooth running of business. Government’s involvement would ease the pressure on business entities. They would devise a global framework that would suppress operations of cyber criminals. With an informed public and well set national laws, the challenges of cyber-crime would be brought at bay. 6. References Choo, K. R. (2011). The cyber threat landscape: Challenges and future research directions. Computer Security, 30(8):719-731. Clinton, H. R. (2011). Internet rights and wrongs: Choices & challenges in a networked world. US State Department. Connolly, B. (2016). Cyber attacks have hit most Australian companies: report. Retrieved from CIO: http://www.cio.com.au/article/605199/cyber-attacks-hit-most-australian-companies-report/ Coyne, A. (2015). OAIC, AFP informed of theft. Retrieved from itnews: https://www.itnews.com.au/news/customer-data-stolen-in-kmart-australia-privacy-breach-409944 Gadhi, R., Sharma, A., Mahoney, W., Sousan, W., Zhu, Q., & Laplante, P. (2011). Dimensions of cyber-attacks: Cultural, social, Economic, and political. IEEE Technology and Society Magazine, 30(1): 28-38. GlobalSign. (2016). What is an SSL certificate. Retrieved from GlobalSign: https://www.globalsign.com/en/ssl-information-center/what-is-an-ssl-certificate/ Klimburg, A. (2012). National cyber security framework manual. Retrieved from My Science: https://www.mysciencework.com/publication/show/5e4a42012dac305c15db5000b67b2ec5 Knake, R. K. (2010). Internet governance in an age of cyber insecurity. Council on Foreign Relations. Lee, M. K., & Turban, E. (2014). A trust Model for consumer internet shopping. International Journal of electronic commerce, 6(1):75-91. Legal measures to improve cyber security . (2006). Retrieved from Posts and Telecommunication Division: http://www.cto.int/media/events/pst-ev/2017/cybersecurity%202017/Honourable%20Tarana%20Halim%20Ministry%20of%20PostTelecommunications%20and%20Information%20TechnologyBangladesh.pdf Pauli, D. (2015). China makes internet shut-downs official with new security law. Retrieved from The Register: https://www.theregister.co.uk/2015/07/13/china_cyber_security_law/ Smith, A. D. (2004). Cybercriminal impacts on online business and consumer confidence. Online Information Review, 28(3): 224-234. Yan, Y., Qian, Y., Sharif, H., & Tipper, D. (2012). A survey on cyber security for smart grid communications. IEEE Communications Surveys & Tutorials , 14(4): 998-1010.