A Threat Analysis to Enterprise Computer Networks and How to Mitigate Them.
Need help with my writing homework on A Threat Analysis to Enterprise Computer Networks and How to Mitigate Them. Write a 1250 word paper answering; Employees’ security awareness is significant in information systems’ security management. Employees of an organization can be risky or assets to information security. Some commentators consider the employees of an organization as the weakest link to information security. But some studies have found that employees can be assets in reducing risk to information security.
Most organizations depend on technology-based solutions in reducing risks to information security (Earnst & Young as cited in Bulgurcu et al., 2010, p. 524). This should not be the ultimate solution in reducing network security risks. Organizations have to rely on people. Some studies reported that risks pertaining to IT have been increasing even if organizations spend much for the protection of their company network. Security success can be achieved through a coordinated effort involving technical and socio-organizational factors.
Employees, who are considered insiders in an organization, can pose a security challenge because their ignorance and laxity, and conscious acts can put the organization in danger. Employees who have the tendency to abuse and misuse of information systems can jeopardize security. Bulgur et al.’s (2010) study focused on preventing inappropriate behaviors of employees in their use of information systems. Organizations should provide a punishment mechanism for erring employees who abuse organizations’ information systems. This can serve as a deterrent to others with the same behavior. (Straub & Nance as cited in Bulgurcu et al., 2010, p. 525)
Security risks pertaining to unauthorized access to information. This is also linked to data leakage, privacy and fraud, and other forms of security risks. A computer virus is a security risk. A virus attack can spread so rapidly over the Internet and can destroy files and maliciously collect private and confidential information and data.