.jpg)
3. In our jobs
IT is used in almost all Enterprise environments, from multinational corporations to the smallest startups; moreover, new startups are focused in enterprise solution creation that use IT as their supportive platforms. Services like: online banking, service payment, money transfer, tax payments, contracts negotiation and signing, client generation and engagement, marketing methods, etc., IT are used as support strategies to the main business idea.
In this environment, Information Security is represented by similar points as the ones described in the second part. The difference relies in the fact that all size companies are attractive targets for a cybersecurity attack.
3.1. Enterprise size companies
Obviously, these types of organizations have the most attractive information for the different group of hackers around who they could use the below attack techniques:
- Ransomware
- Phishing
- DDoS
- Malware
- Man In the Middle (MIM)
- Worms, etc.
These attacks have as their objective, through enterprise information kidnapping to obtain an illegal payment (ransomware), to illegally obtain enterprise information (malware, phishing, worms, etc.), or capture of the information exchange channel to deviate user transactions or requests to illegal sites (MIM). These are only a small set of the different cybersecurity attacks available for which organizations need to be prepared and take preventive measures, not only to protect their data, but even more important, to protect their customers information.
3.2. Small or medium size business (SMBs)
Many people think small or medium size business do not represent an attractive target to the different attackers in existence, but it is not like that.
From the point of view of the organization itself, an small or medium business has as a main target to grow, these types of organizations make all possible efforts to establish commercial relationships with enterprise size organizations already established in their particular business niche of interest. When SMBs organizations are able to become business partners it is the time they become attractive to the different cybersecurity attacks due to the trust relationship established between the enterprise size organization and the SMB. The different hacker groups take advantage of these trust relationship in order to attack the SMB, establishing a persistent method and confirm the communication channel used to modify the worm payload to do a lateral movement and impact the enterprise size organization.
As you can see Information Security plays a key role in the data interchange between same niche organizations and associated sectors. Information Security controls must be installed in both organizations’ group, in addition to this, enterprise size organizations need to establish frequent third party security assessment process with their, all size, business partners.
.jpg)
.jpg)
.jpg)
.jpg)
No comments:
Post a Comment