“The research should be organised for analysing the gabs which exist between the cyber-criminal activities and cyber-security procedures used by the organization” (Bos, 2014). There are various capabilities gaps in the research of cyber -criminal activities and mitigation plans which can be described in the table below:
Capability gaps |
Challenges |
Research |
Mobility |
Evaluation |
Scalability and analysis of tools and technologies |
Architectural design |
The efficiency of the operating system and networking can be improved |
|
Security specification and requirement |
Mobility in network |
|
Cyber-security |
Common Language |
New techniques for risk assessments |
Core Principles |
Hyper properties Fault tolerance |
|
Analysis of the attacks |
Use of Markov decision process |
|
Measuring security |
“Low level metrics is used for quantitative assessment Creating overall security plan for the organization” (Abdullah, 2011) |
|
Risk |
Investigation of cross disciplinary approaches Use of Markov decision process |
|
Agility |
Tools and techniques used for data driven quantitative analysis |
|
Human Factor |
Psychology and other related human factors |
The research is proposed for analysing limitations of the small enterprise. The goal of the research is to predict the cybercriminal activities which occurred in the organization and the security measures which an organization take against them for mitigation. The focus should be given on assessment and evaluation of cyber security, experiments and pilot reports on cyber security, and transition to practice.
Primary Questions:
- What assets we are protecting?
We are focusing on protecting assets, infrastructure of the network, availability of the network resources, maintaining confidentiality of personal data, and others.” Classification of assets into three categories which are transmission of information on the network, physical storage of information, and information stored on virtual machine” (Ryan, 2011).
- Why intrusion occurs?
From the research we have analysed that intrusion occurs in the system due to weak cyber-crime detection system, no privilege given to escalations and reviews, applicability of policies, no procedures and processes implemented for proactive auditing. “The emphasis is not given on the event management. The organization infrastructure does not include authentication and authorization technique” (Wuest, 2013).
Secondary Questions:
- What are the major challenges for the businesses?
The major challenges which are faced by the businesses are increasing complexity of the environment, exploitation and emergence of new threats, limitation of security procedures, limitation of budget for the implementation of security procedures, and no accumulation of qualified experts for taking security measures. “The security measures should be planned for securing the mobile devices of the organization” (Effiong, 2016).
- Why attacks are not able to be detected?
“Most of the companies are not able to detect the cybercrime activities. The hackers can badly exploit the data structure of the organization” (Moonen, 2016). The research should be organized to know the reason why the organization not able to detect the occurrence of the abnormal activities. The escalations should be severely taken for consideration for reviewing the security procedures of the company.
- Why are attackers not punished for their deed?
“It is hard to detect the hacker and collect evidences against him. The laws are not applicable internationally” (Budish, 2015). The international legislation should be developed for the cyber-crime as it can takes place globally.
- What is the motivation behind cybercriminals?
“Cybercriminals carry out the criminal activities for financial gains. Political reasons can be the source of motivation” (Curtis, 2016).
- What is the target of the attacker?
From the research, it has been analysed that the attacker focus on gathering confidential information of the organization.
The research should be proposed for analysing the answer of the question that what are the limitations of the small enterprise? The research hypothesis is divided into two categories. The first hypothesis focuses on generating report on the information security program indulges in the organization. “The second hypothesis focuses on the study of literature review. It also focuses on managing the connectivity of the internet program within the enterprise” (Kumar, 2015). The report is generated which focuses on the information security program of the organization. Research hypothesis focuses on the written security policies and procedures which are undertaken by the organization. The report is generated on the type of security breaches which the organization faced during its working curriculum. The focus is also given on the loss experienced by the organization in terms of finance, confidential data of the organization, and confidential and private data of the employees. The experienced of the organization on the unauthorised accessing of data within the curriculum of the enterprise. The security measures which are undertaken to mitigate the risks associated with the firm. The failure of the security measures to overcome the risks should be analysed briefly to make the enterprise proactive in against of viruses and attacks.
Particulars |
With Internet |
Without Internet |
Security Concern |
More |
Less |
Written policies associated with the enterprise |
More |
Less |
Security breaches occurred in the previous year |
More |
Less |
What are the financial losses due to the occurrence of security breaches |
More |
Less |
Access of insider attacks |
More |
Less |
Unauthorised accessing of data |
More |
Less |
Continuity of business plan |
More |
Less |
Tools and technologies used for information security |
More |
Less |
The data is collected for the research from the following sources:
Types of data sources |
Description |
Direct Observation |
The data is collected from the direct observation on the organization and working of the employees |
Organization of seminars and conference |
The organization of seminar and conferences helps in determining the motives of ethical hacker, testers used for penetrations, investigation of computer forensic reports, use of policy makers and legal luminaries. |
Organization of online chatting program |
The discussion and the posting of research questions on the portal provides a new direction to the research |
Setup of the research honeypot |
It is used for determining the flow of action in which the attack takes place. It helps in providing various action plan which can be undertaken to mitigate the risks |
Arrangement of surveys and questionnaire |
Security professionals should indulge with the survey and questionnaire to know the real situation of the organization |
Arrangement of personal interviews |
“The agencies and professionals are chosen for conducting research interview to know their experience about the security program of the enterprise and how we can mitigate the cybercrime scenario from the organization” (James, 2012). |
Research Areas:
The following are the areas which should be taken under consideration for identifying the cyber-security problems:
- Development of trustworthy system
- Development of methodology
- Development of metrics for enterprise level
- Development of parameters for system evaluation life cycle
- Combating with the occurrence of insider threats
- Development of identity management scheme at global level
- Development of time critical system
- Understanding of situation
- Understanding of attack attributes
- Development of provenance related to hardware and software
- Security measures for awareness of privacy
- Development of usable security methods
- Development of attack model
- Development of process control security system
- Development of security protocols
Particulars |
Technical based |
Market based |
Human Centred |
Law centred |
Blended |
Approaches |
“Initiatives should be taken for enhancing the privacy and the security measures for the effective development of the enterprise” (Louis, 2016) |
The privacy and security measures are influenced by the market incentives |
The mechanism which are associated with the human behaviours |
The laws and regulation should be implemented for mitigating the privacy and security challenges |
The multi-dimensional security platform should be used by indulging technical, market, human, and law |
Values |
The working of the internet can be prevented and the privacy of the individual should be protected |
The inclusion of diversity in the technology can affect the market scenario |
The consumer agency should be promoted for fostering user base environment |
The transparency and accountability can be managed by fostering laws and public measures |
Multi-stakeholder model should be deployed for promoting diversity in the curriculum |
Research Questions |
What are the tools and technologies required to improve the overall security structures of the organization of hardware and software used? |
How the organization gets influenced by the market forces? What are the security parameters which are indulged by the organization to prevent their infrastructure?
|
What are the robust workforce which should be employed for overcoming the risks associated with the working curriculum of the organization? |
What the changes required in the enterprise infrastructure to develop the security and privacy challenges? |
What are the multiple approaches used for mitigating the risks associated with the organization? |
The strategies and programs which are used for analysis of cyber-crime activity and associated measures which the organization takes to mitigate from the cybercrime situation are described in the table below:
Strategies and program |
Description |
Foundational elements for cyber system |
The focus should be given on incentives generated by cyber economics, security metrics for the enterprise, defence for moving target, assurance of software quality, and development of trustworthy security spaces. |
Cyber security user protection and education |
The R&D should be organised for accelerating the competitions in cyber security, forensic report preparation on the cyber-security, management of data privacy technologies, and mitigating insider threats |
Research infrastructure for cyber security support |
The tools and technologies which are used named as experimental research test bed, data repository research, and marketplace for software assurance |
Cyber technologies evaluation and transition |
The focus should be given on assessment and evaluation of cyber security, experiments and pilot reports on cyber security, and transition to practice |
Quantum cryptography |
This technique uses high tech tools and technologies to overcome the situation of cybercrime |
Threat Intelligence |
The threat intelligence is used for developing proactive program for mitigating the risks. |
Next generation firewall |
The next generation firewall is used for developing security solutions which are based on multi-identity technology. |
Security protocols |
These protocols are used for extending the cyber-security measures |
Authentication techniques |
The processes used in the organization should be based on authentication and authorization technique |
The research methodology which is used for collecting data to carry out the research are based on the following:
Primary Data:
The primary data is collected through the method of interviews and questionnaire.
- Interviews: The interviews were conducted with the top executives of the organization to know the real situation of the cybercrime and associated security measures which are used by the enterprise. During the interview, we analysed that the organization does not use rules and policies for security methods, no central database is organized, no deployment of training program, and other.
- Questionnaire: It was organised between the professional to gather views and opinions of the respondents. It makes the clear picture of the events related to cyber activities. It helps in providing different alternatives which can be used for mitigating risks.
- Key areas of the research are categorised as security methods adopyted by the organization, awareness among the employees about the cyber security, and following of security norms
- Analysing of cyber security system
Secondary Data:
The secondary data is collected in the form of evidences collected from the literature review. It is used for determining the flow of action in which the attack takes place. It helps in providing various action plan which can be undertaken to mitigate the risks.
From the research we conclude that initiatives should be taken for enhancing the privacy and the security measures for the effective development of the enterprise.
Abdullah, M. (2011). Research proposal on information security. 1st ed. [ebook] Available at: https://www.mastersthesiswriting.com/blog/sample-research-proposals/research-proposal-on-information-security.html [Accessed 06 Jun. 2017].
Bos, H. (2014). National cyber security research agenda. 1st ed. [ebook] Available at: http://www.google.co.in/url?sa=t&rct=j&q=research%20proposal%20on%20cyber%20security%20in%20business&source=web&cd=2&cad=rja&uact=8&ved=0ahUKEwiApfjIoKjUAhUBs48KHfXPB6YQFgg6MAE&url=https://www.nwo.nl/binaries/content/documents/nwo/algemeen/documentation/application/ew/cyber-agenda/Cyber%2BAgenda%2B20141111.pdf&usg=AFQjCNHDa7hHdcrNaynPQYRzNU2l_l6Rog [Accessed 06 Jun. 2017].
Budish, R. (2015). Privacy and cyber security. 1st ed. [ebook] Available at: https://dash.harvard.edu/bitstream/handle/1/28552575/02Cybersecurity.pdf?sequence=1 [Accessed 06 Jun. 2017].
Curtis, K. (2016). Research Methodology. 1st ed. [ebook] Available at: http://shodhganga.inflibnet.ac.in/bitstream/10603/120320/8/08_chapter%202.pdf [Accessed 06 Jun. 2017].
Effiong, E. (2016). Cyber-crime control, prevention, and nvestigation. 1st ed. [ebook] Available at: http://www.academia.edu/4259163/Cyber_Crime_Research_Proposal [Accessed 06 Jun. 2017].
James, C. (2012). Cyber-security threats, challenges, and opportunities. 1st ed. [ebook] Available at: https://www.acs.org.au/content/dam/acs/acs-publications/ACS_Cybersecurity_Guide.pdf [Accessed 06 Jun. 2017].
Kumar, A. (2015). Cyber security research development. 1st ed. [ebook] Available at: https://www.dsci.in/sites/default/files/Cyber%20Security%20Research%20Developments%20_Global%20and%20Indian%20Context%20.pdf [Accessed 06 Jun. 2017].
Louis, L. (2016). Progress and research in cyber-security. 1st ed. [ebook] Available at: https://royalsociety.org/~/media/policy/projects/cybersecurity-research/cybersecurity-research-report.pdf [Accessed 06 Jun. 2017].
Moonen, M. (2016). A road map for cyber-security research. 1st ed. [ebook] Available at: https://www.dhs.gov/sites/default/files/publications/CSD-DHS-Cybersecurity-Roadmap.pdf [Accessed 06 Jun. 2017].
Ryan, J. (2011). Program on information resources policies. 1st ed. [ebook] Available at: http://www.pirp.harvard.edu/pubs_pdf/ryan/ryan-i01-2.pdf [Accessed 06 Jun. 2017].
Wuest, K. (2013). Cyber security research and experimental development program. 1st ed. [ebook] Available at: https://www.cse-cst.gc.ca/en/system/files/pdf_documents/csredp-prdecs-eng_1.pdf [Accessed 06 Jun. 2017]
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2022). BMO6630 Business Research Methods Essay Enhances Understanding.. Retrieved from https://myassignmenthelp.com/free-samples/bmo6630-business-research-methods/cyber-security-literature-review.html.
"BMO6630 Business Research Methods Essay Enhances Understanding.." My Assignment Help, 2022, https://myassignmenthelp.com/free-samples/bmo6630-business-research-methods/cyber-security-literature-review.html.
My Assignment Help (2022) BMO6630 Business Research Methods Essay Enhances Understanding. [Online]. Available from: https://myassignmenthelp.com/free-samples/bmo6630-business-research-methods/cyber-security-literature-review.html
[Accessed 19 August 2024].
My Assignment Help. 'BMO6630 Business Research Methods Essay Enhances Understanding.' (My Assignment Help, 2022) <https://myassignmenthelp.com/free-samples/bmo6630-business-research-methods/cyber-security-literature-review.html> accessed 19 August 2024.
My Assignment Help. BMO6630 Business Research Methods Essay Enhances Understanding. [Internet]. My Assignment Help. 2022 [cited 19 August 2024]. Available from: https://myassignmenthelp.com/free-samples/bmo6630-business-research-methods/cyber-security-literature-review.html.