SlideShare a Scribd company logo

Project.pptx

Download as PPTX, PDF
D
Dhruv896840

project proposal

Education
1 of 12
WHY CYBER SECURITY RISK OF REMOTE WORKING IS NO FRIEND TO BUSINESS ORGANIZATIONS Dhruv Patel
1.1 BACKGROUND • Remote working is by no means a new concept. However, it is no context in which security has been given the priority it requires. Examining the situation back in 2006 revealed some drawbacks in terms of user awareness and safeguard in remote working. • The question is whether a decade later things concerning the situation which has forced work to be done remotely. An example is on 16 March, a week before lockdown, UK had only 15% of employees working remotely. However, the figures rose to 38% by 13 April. This shows how remote working has been embraced by many workforces. • The rise of teleworking in the pandemic situation has become an open invitation for scammers using cyber security threats such as phishing to attack victims such as government, tax authorities and even private business firms. • A report from the World Economic Forum (WEF) highlights phishing and hacking as the new norm after the virus attacks have been reduced. These scams are even more effective during the pandemic
BACKGROUND(CONTINUATION) • . As cyber criminals are more aware of this, it is much easier for them to create fake messages or website to replicate the familiar authorities, this has become a global concern due to the state of handling such situation is vulnerable. • Many businesses make mistake of not addressing the security measures and solution to prevent employees making a mistake that would lead to a possibility of a cyber-attack. Experts also agree careless employees, consultants, vendors, and other stakeholders can be a danger to the organization’s cyber security as the hackers from the outside. • 90% of successful hack attacks are due to human error especially from the employer’s mistake. Therefore, Employees must learn routine security practices while remote working. • In conclusion, these means that organizations that do not have the infrastructure or policies to protects them against cyber-attacks must be more prepared than ever. To avoid these attacks when working remotely organization should, protect business data, secure remote networks, empower employees and plan on dealing with an attack situation.
1.2 PROBLEM STATEMENT Although two-step password verification and VPNs have been implemented by many businesses working from home, many minor threat protection steps are not taken seriously as they would have been taken in a workplace. Teleworkers are sending suspicious emails, attachments or even invitation links to the IT department claiming to send reports. (Borkovich, 2020). Malware attacks, especially ransomware, has increased during the remote working period. This shows that Human error is the primary threat when it comes to boosting the chance of a cyber-attack. According to (Malecki, 2020) cyber criminals are exploiting the situation of remote working and launching ransomware attacks on unprotected or unprepared business organization. According to the source, From February to April 2020, malware-attacks, especially ransomware attacks have increased by 283%. The bigger risk of this is that ransomware can encrypt even back- ups. To overcome this, companies are now testing their back-up systems regularly. Unfortunately, as shown in StorageCraft’s research (Malecki, 2020), shows that 68% of organization believe that they have effective measures to recover against ransomware attacks. However, only 46% or less of the organization test their systems once a year. While having backups is important, having to be able to recover all the data is critical for the business.
1.3 AIMS • The aim of the research is to explore potential risks of malware particularly ransomware attacks faced while working remotely. This will help with appropriate solution to solve the current issue or how to improve the current measures taken by the organization to counter the problems.
1.4 OBJECTIVES  To review literature on the cyber security risks of remote working  To Conduct small scale research, gathering data on malware attacks in remote working  To Present the finding on malware attack in remote working drawing meaningful conclusion found from the findings  To Reflect the values gained from project and whether its useful to organizational performance
1.5 SCOPE OF STUDY • The issue with remote working and the cyber security risk it brings to organizations is a common discussion especially after the pandemic situation where organizations have started working from home. Hackers are now targeting organizations with malware attack even more now targeting the unprepared and unprotected organizations. This research is focusing how remote working has caused increase in ransomware attacks. The reason behind this study is to find the potential vulnerability and the measures takes and try to improve the current situation. (Palmer, 2020)
1.8 RESEARCH QUESTIONS • Why are ransomware attacks a big concern within organizations working remotely? • How has ransomware attacks affected organizations working from home? • How does remote working make organization vulnerable against malware attacks? • What are the existing measures taken to resolve the risk of ransomware attacks? • Do the current measures need to be improved or replaced?
LITERATURE REVIEW Case studies • Apex laboratory • Serco • A gas station in North Carolina Impact of ransomware attacks on remote working organizations • As we can see from the case studies, all the ransomware attacks occurred in the period of remote working especially between 2020 and 2021 where there was a rise in remote working due to the pandemic. • As we can see from the first case study, Apex laboratory faced a ransomware attack which was targeted towards their patient’s records. In this case Doppel Paymer ransomware was used to encrypt the company's servers. • We can also see that ransomware has exploited in recent months (midyear 2020) nearly forcing companies in the US to pay out around $350m where the treat of ransomware has increased up to 311%.
LITERATURE REVIEW(CONTINUATION…) Measures taken to prevent ransomware attacks • As we can see from the case studies and related attacks it was clear that after shifting to homes, the strength of existing measures reduced due to employees using public or personal networks rather than the strong networks in the organizations. • Enterprises consider other remote working methods, such as a virtual private network (VPN). Good VPN solutions are meant to be used over the internet and offer two-factor authentication, which adds an extra degree of protection. • Keeping systems up to date and activate two-factor authentication for logins, regardless of what technology firms employ to enable remote working
FINDINGS • The questionnaires were filled by 20 organizations where the results were as expected. There were many aspects of analysis from the data retrieved. The data showed many organizations had no measures in place when dealing with ransomware attacks during remote working. Out of the 20, 4 companies were not sure if they had measure taken in place this showed how the employees were unaware of the issue. From the 20, only 7 had measures in place. The chart below shows the number of organizations that had a measure against ransomware in place.
CONCLUSION/RECOMMENDATION • The first recommendation to all organization will be stay up to date and create awareness amongst the employees. As simple as it sounds many organizations attacked often get the knowledge of ransomware attack after an incident has occurred. Studies also show the firms that neglected the WannaCry ransomware in 2017 were the most vulnerable. • Another recommendation to organizations would be using VPN services rather than public networks. VPN would hide the organizations IP address which would make it less vulnerable from attackers as they would not be able to tack an organization easily. Many organizations have implemented this approach however many employees tend to ignore this and sent organization related data through public networks especially when working remotely

Recommended

Copy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-SiCopy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-SiAlleneMcclendon878
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSPreetiDevidas
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhJames Herold
 
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfJust-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfInfinityGroup5
 
Jonathan raymond 2010 rotman telus - atlseccon2011
Jonathan raymond 2010 rotman telus - atlseccon2011Jonathan raymond 2010 rotman telus - atlseccon2011
Jonathan raymond 2010 rotman telus - atlseccon2011Atlantic Security Conference
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
Cyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessCyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessFibonalabs
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response SurveyFireEye, Inc.
 

Recommended

Copy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-SiCopy of The Ongoing Threat of Ransomware on Small to Medium-Si
Copy of The Ongoing Threat of Ransomware on Small to Medium-SiAlleneMcclendon878
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSPreetiDevidas
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhJames Herold
 
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfJust-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfInfinityGroup5
 
Jonathan raymond 2010 rotman telus - atlseccon2011
Jonathan raymond 2010 rotman telus - atlseccon2011Jonathan raymond 2010 rotman telus - atlseccon2011
Jonathan raymond 2010 rotman telus - atlseccon2011Atlantic Security Conference
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
Cyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessCyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessFibonalabs
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response SurveyFireEye, Inc.
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security reportMarco Antonio Agnese
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Hewlett Packard Enterprise Business Value Exchange
 
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxLogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxCNSHacking
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsCognizant
 
Creating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesCreating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesDiane M. Metcalf
 
8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docx8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docxmeghanivkwserie
 
8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docx8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docxpriestmanmable
 
Security Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessSecurity Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessGreg Wartes, MCP
 
application-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracodeapplication-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracodesciccone
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
True Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessTrue Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessIndusfacePvtLtd
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesCSNP
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowDharmendra Rama
 
56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docxalinainglis
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 

More Related Content

Similar to Project.pptx

InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security reportMarco Antonio Agnese
 
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxLogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxCNSHacking
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsCognizant
 
Creating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesCreating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesDiane M. Metcalf
 
8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docx8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docxmeghanivkwserie
 
8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docx8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docxpriestmanmable
 
Security Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessSecurity Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessGreg Wartes, MCP
 
application-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracodeapplication-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracodesciccone
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
True Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessTrue Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessIndusfacePvtLtd
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesCSNP
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowDharmendra Rama
 
56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docxalinainglis
 

Similar to Project.pptx (20)

InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security report
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxLogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
 
Creating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesCreating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware Practices
 
8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docx8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docx
 
8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docx8Network Security April 2020FEATUREAre your IT staf.docx
8Network Security April 2020FEATUREAre your IT staf.docx
 
Security Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessSecurity Minded - Ransomware Awareness
Security Minded - Ransomware Awareness
 
application-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracodeapplication-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracode
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
True Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessTrue Cost of Ransomware to Your Business
True Cost of Ransomware to Your Business
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation Strategies
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
The top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdow
 
56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx56 JULY 2017 WWW.COM.docx
56 JULY 2017 WWW.COM.docx
 

Recently uploaded

Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 

Recently uploaded (20)

Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 

Project.pptx

  • 1. WHY CYBER SECURITY RISK OF REMOTE WORKING IS NO FRIEND TO BUSINESS ORGANIZATIONS Dhruv Patel
  • 2. 1.1 BACKGROUND • Remote working is by no means a new concept. However, it is no context in which security has been given the priority it requires. Examining the situation back in 2006 revealed some drawbacks in terms of user awareness and safeguard in remote working. • The question is whether a decade later things concerning the situation which has forced work to be done remotely. An example is on 16 March, a week before lockdown, UK had only 15% of employees working remotely. However, the figures rose to 38% by 13 April. This shows how remote working has been embraced by many workforces. • The rise of teleworking in the pandemic situation has become an open invitation for scammers using cyber security threats such as phishing to attack victims such as government, tax authorities and even private business firms. • A report from the World Economic Forum (WEF) highlights phishing and hacking as the new norm after the virus attacks have been reduced. These scams are even more effective during the pandemic
  • 3. BACKGROUND(CONTINUATION) • . As cyber criminals are more aware of this, it is much easier for them to create fake messages or website to replicate the familiar authorities, this has become a global concern due to the state of handling such situation is vulnerable. • Many businesses make mistake of not addressing the security measures and solution to prevent employees making a mistake that would lead to a possibility of a cyber-attack. Experts also agree careless employees, consultants, vendors, and other stakeholders can be a danger to the organization’s cyber security as the hackers from the outside. • 90% of successful hack attacks are due to human error especially from the employer’s mistake. Therefore, Employees must learn routine security practices while remote working. • In conclusion, these means that organizations that do not have the infrastructure or policies to protects them against cyber-attacks must be more prepared than ever. To avoid these attacks when working remotely organization should, protect business data, secure remote networks, empower employees and plan on dealing with an attack situation.
  • 4. 1.2 PROBLEM STATEMENT Although two-step password verification and VPNs have been implemented by many businesses working from home, many minor threat protection steps are not taken seriously as they would have been taken in a workplace. Teleworkers are sending suspicious emails, attachments or even invitation links to the IT department claiming to send reports. (Borkovich, 2020). Malware attacks, especially ransomware, has increased during the remote working period. This shows that Human error is the primary threat when it comes to boosting the chance of a cyber-attack. According to (Malecki, 2020) cyber criminals are exploiting the situation of remote working and launching ransomware attacks on unprotected or unprepared business organization. According to the source, From February to April 2020, malware-attacks, especially ransomware attacks have increased by 283%. The bigger risk of this is that ransomware can encrypt even back- ups. To overcome this, companies are now testing their back-up systems regularly. Unfortunately, as shown in StorageCraft’s research (Malecki, 2020), shows that 68% of organization believe that they have effective measures to recover against ransomware attacks. However, only 46% or less of the organization test their systems once a year. While having backups is important, having to be able to recover all the data is critical for the business.
  • 5. 1.3 AIMS • The aim of the research is to explore potential risks of malware particularly ransomware attacks faced while working remotely. This will help with appropriate solution to solve the current issue or how to improve the current measures taken by the organization to counter the problems.
  • 6. 1.4 OBJECTIVES  To review literature on the cyber security risks of remote working  To Conduct small scale research, gathering data on malware attacks in remote working  To Present the finding on malware attack in remote working drawing meaningful conclusion found from the findings  To Reflect the values gained from project and whether its useful to organizational performance
  • 7. 1.5 SCOPE OF STUDY • The issue with remote working and the cyber security risk it brings to organizations is a common discussion especially after the pandemic situation where organizations have started working from home. Hackers are now targeting organizations with malware attack even more now targeting the unprepared and unprotected organizations. This research is focusing how remote working has caused increase in ransomware attacks. The reason behind this study is to find the potential vulnerability and the measures takes and try to improve the current situation. (Palmer, 2020)
  • 8. 1.8 RESEARCH QUESTIONS • Why are ransomware attacks a big concern within organizations working remotely? • How has ransomware attacks affected organizations working from home? • How does remote working make organization vulnerable against malware attacks? • What are the existing measures taken to resolve the risk of ransomware attacks? • Do the current measures need to be improved or replaced?
  • 9. LITERATURE REVIEW Case studies • Apex laboratory • Serco • A gas station in North Carolina Impact of ransomware attacks on remote working organizations • As we can see from the case studies, all the ransomware attacks occurred in the period of remote working especially between 2020 and 2021 where there was a rise in remote working due to the pandemic. • As we can see from the first case study, Apex laboratory faced a ransomware attack which was targeted towards their patient’s records. In this case Doppel Paymer ransomware was used to encrypt the company's servers. • We can also see that ransomware has exploited in recent months (midyear 2020) nearly forcing companies in the US to pay out around $350m where the treat of ransomware has increased up to 311%.
  • 10. LITERATURE REVIEW(CONTINUATION…) Measures taken to prevent ransomware attacks • As we can see from the case studies and related attacks it was clear that after shifting to homes, the strength of existing measures reduced due to employees using public or personal networks rather than the strong networks in the organizations. • Enterprises consider other remote working methods, such as a virtual private network (VPN). Good VPN solutions are meant to be used over the internet and offer two-factor authentication, which adds an extra degree of protection. • Keeping systems up to date and activate two-factor authentication for logins, regardless of what technology firms employ to enable remote working
  • 11. FINDINGS • The questionnaires were filled by 20 organizations where the results were as expected. There were many aspects of analysis from the data retrieved. The data showed many organizations had no measures in place when dealing with ransomware attacks during remote working. Out of the 20, 4 companies were not sure if they had measure taken in place this showed how the employees were unaware of the issue. From the 20, only 7 had measures in place. The chart below shows the number of organizations that had a measure against ransomware in place.
  • 12. CONCLUSION/RECOMMENDATION • The first recommendation to all organization will be stay up to date and create awareness amongst the employees. As simple as it sounds many organizations attacked often get the knowledge of ransomware attack after an incident has occurred. Studies also show the firms that neglected the WannaCry ransomware in 2017 were the most vulnerable. • Another recommendation to organizations would be using VPN services rather than public networks. VPN would hide the organizations IP address which would make it less vulnerable from attackers as they would not be able to tack an organization easily. Many organizations have implemented this approach however many employees tend to ignore this and sent organization related data through public networks especially when working remotely