Companys Business Foundation and Deliberate Threats to Information Systems - Assignment Example

Case StudyWhat do you see as the three biggest threats to corporate cyber security that CSOs should be aware of?1. Company’s Business FoundationCSOs should be aware of the type of corporate threats that undermine the existence and mission of their respective business models. The business foundation of any for profit-company is comprised of information vital to the company as it includes the strategies and products the company deploys to secure competitive advantage. In this case, two primary threats associated with the foundations of business models include Espionage or trespass and Information Extortion.

These two threats to the foundation of a company are specific in threatening the company’s survival as both a sustainable entity and a competitive rival to other companies as well. In revelation of these threats, CSOs should be aware that rival companies and/or private groups can use espionage as a means to acquire the company information illegally. While the issue of espionage may be addressed as an external threat, in most cases, CSOs should be aware that internal activities exposing critical information to employees can lead to espionage.

This means that through illegal acquisition of that information, employees in firms can facilitate the damaging of the business foundation of the company by selling the information to rivals. Additionally, information extortion is another area where CSOs should be aware of when it comes to business foundation. In order to secure a company’s business foundation, the CSO should be aware that illegal access to information can lead to corporate blackmail. This process involves a hacker or a holder of sensitive information who agrees to give up information or not to disclose it for a fee.

The motive of information extortion is to create value by pointing out the possible losses that would be incurred if the information was accessed by rival companies Information (Security, pp. 103-104).2. Value of InformationCSOs must be equipped with the information regarding the value of the company data and how such information can be harmful if it was lost or accessed by unauthorized personnel. When CSOs are aware of the information value, two primary corporate cyber threats are considered.

Firstly, the CSO should be aware that information loss can result from sabotage and vandalism. Although companies do not have social enemies, they have financial rivals who thrive to push as many of their competitors out of business. By damaging or rendering a company’s information database unusable, a company is unable to move on as it has to accommodate all direct losses, law suits, and possible closures (Information Security, pp. 104-105).3. Targeted ResourcesAll business models have resources they make use of in order to sustain development and profitability.

Following this fact, CSOs should be aware that a company’s resources differ from one user to another but can be generally fatal. In this case, 3 areas are identified as corporate cyber-attack hotspots. Firstly, since companies use software to operate, software attacks aim at finding security holes in order to execute the attacking commands. Secondly, comprise to intellectual property is another area CSOs should be aware of as laws governing certain areas are not universally enforced and may expose intangible assets such as patents.

Thirdly, most publicly traded firms have shareholders as sources of capital. As a resource, shareholder or user details can be acquired maliciously and disrupting user/shareholder confidence with the company at hand. In order to protect resources, CSOs must ensure that they are aware of the types of threats potentially capable of disrupting competitive strategies of the business entity (Information Security, p. 105).Works CitedInformation Security. Deliberate Threats to Information Systems. pp.

103-108Works Cited