Surname 1

Student’s Name

Professor

Course

Date

Cyber-Crime

Have you or your business ever experienced fraud, hacking, scamming, identity theft,

computer viruses, or even DDoS attacks? These are all forms of cybercrimes that can happen

to anyone at any time when you are least expecting it. These cybercrimes cost the global

economy three trillion dollars in 2015 and will go up to six trillion dollars by 2021. The first

real cybercrime was not until the 1980s in which one person hacked another person's

computer to find, copy or manipulate personal data and information. However, the first

person to be found guilty was Ian Murphy. Murphy hacked an American telephone company

to manipulate its internal clock so that users could still make free calls at peak times. In these

times, technology was not as advanced as it is today. Even though cybersecurity is

improving, so are the hackers, finding different ways around it. Training employees to

identify and react to threats can help stop cybercrimes in businesses. Experienced employees

can help recognize social networking threats, detect and respond to phishing and other email

scams. Trained employees will, therefore, safely collect, store, manage, and send client and

company data, and comply with government and industry regulations.

 Surname 2
2

Challenges and solutions to cybercrime combat

Cybercrime continues to be a setback to many organizations in the present day. The

cybercrime problems have accelerated as a result of advancement in technology that has

made many organizations adopt computers for data storage and analysis. The use of

computers and other internet connecting devices in the cyberspace has made the

organizations' information and sensitive data to be more conspicuous to the cyber attackers.

Despite the organizations keeping strict measures and policies to protect the company data

and information safe, the employees have also been maintaining the organizations vulnerable

for phishing, pharming and hacking from careless actions in the computers. Many

organizations are therefore forced to train the employees on careful operations in computers

and handling of customers, organizations and stakeholder's data as well as detecting threats in

computers.

According to Al Awawdeh et al. (2014), and information and data security awareness

program is very crucial in any organization set up which is carried out in the IT department to

protect and secure employees and customer’s data in a shared pool. Organization information

security awareness through educating employees to handle company data in a manner that

does not bring threat can be the first step for the company to address the IT challenges.

Equipping the employees with knowledge on how to handle cybersecurity threats is the best

decision a company can make, which in return can help reduce breaching of security and

company incurring unnecessary costs involved in data hacking.

The stealing of personal data, as well as financial data, has become popular in many

organization by cybercriminals to gain access to bank accounts or register new lines of credit

that have a monetary value. Many employees without cyber-attack knowledge may keep the

company data vulnerable to hacking of organization databases or through pharming, making

 Surname 3
3

it easier for the criminals to access sensitive data to masquerader. To counter these challenge,

training employees on cybersecurity actions such as not carelessly using infected flash drives,

joining public Wi-Fi hotspots and downloading of suspicious software to prevent company

data from being vulnerable to hackers. Consequently, through cybersecurity awareness

training the company will be in a position to protect its sensitive information as the

employees will be able to actively identify underground economy to disrupt the circulation of

powerful and easy to use cyber attacker's botnets and malware kits.

The second challenge is the converging of information in the society, which has also

enabled the criminals to evolve new techniques and infrastructures that hack personal

information far more quickly than the authority cannot trace. The crimes have industrialized,

making them able to access organization information through other leased networks at a high

pace, leaving no trace for the authority to respond to the mushrooming viruses and malicious

codes. The organization will have to address the challenge through making efforts to train all

employees to enable them to detect threats and take necessary steps to mitigate the problems.

Steps to implement cybersecurity combating methods

According to Crane & Casey (2019), laying down robust security infrastructures to

prevent cybercrime involves following various steps which coincide with organization needs.

The steps to achieving quality cybersecurity skills include implementing strong techniques to

protect the organization sensitive data by many organizations and proven successful. The first

step to creating a secure environment in the organization, the company has to consider the

needs, capabilities, threats and vulnerabilities depending on its size and services produced.

Secondly, the IT unit in the organization needs to implement proper server monitoring,

warning employees from downloading malicious software's and utilizing firewalls to block
 Surname 4
4

the public from accessing organization data. Thirdly, the IT unit should ensure and maintain

updates, asset lists and patches in the organization computers.

The fourth step is to ensure that the IT department should be active in the

management of critical domains such as TLS and SSL and using the proper protocol

coinciding with the website. The fifth step is to offer training to the organization employees

to create cybersecurity awareness and ways of detecting cyberspace threats and ways to

mitigate them. The sixth step includes enhancement of phishing techniques and detecting of

malicious emails from unknown sources. The seventh step is to enhance the security of data

by carrying out consistent patrols to identify data trafficking by employees with bad

intentions to help hackers. The eight-step involves carrying out constant tests to identify

vulnerable areas in the computers that can ease hacker's access to sensitive data. Lastly, the

organizations require to implement strong policies and enforce rules that restrict remote

access of data, encryption of computers and email lines.

Key aspects of training employees on cybersecurity

Cybersecurity training of employees should not be a one-time event but an integral

part of the company's culture (Kemper, 2019). The key areas to help combat and prevent

cyber-attacks of the organization confidential information should be done through; Backing

the company's data and customers data according to the procedures stipulated by the

organization policy. Encryption of computers with strong passwords which are hard to be

guessed can provide data security. The computers used within the organizations should also

be kept free from malicious and suspicious programs, data and apps. Lastly, the IT personnel

should be vigilant in identifying irregularity in the computers.

Justification of cybersecurity awareness training of employees

 Surname 5
5

According to Nykodym et al. (2010), Cybersecurity awareness training of employees

is paramount to any organization that looks forward to creating a secure working

environment and that does not want to incur unnecessary costs involved after cyber-attacks.

Dell End-User Security Survey in 2017 indicated that employees are always ready to share

and reveal company confidential data and information due to lack of knowledge of the data

security protocols and the consequences of their actions. The careless sharing of confidential

information concerning the organization with external sources explains the significance of

offering cybersecurity awareness training to the employees.

Secondly, training employees on the security of organization data do help reduce the risk

and incidences of security breaches. Trained employees on the importance of keeping

organization sensitive and information that makes the company vulnerable to hacking can

help reduce the chances of the organization from facing major security breaches and

corruption of data from the computers (Adams & Makramalla, 2015). Equipping the

employees with experience in detecting cyber threats, the company safeguard sensitive

information, increase operational ability and limit the chances of facing lawsuits and fines

from authority due to data security breaches.

Thirdly, training employees regularly concerning cybersecurity help reduce the cost

incurred in repairing damage to a company's assets such as computers, paying fines to

customers and company reputations when a major security breach occurs. Training of

employees on cybersecurity promotes proactive methods of dealing with security breaches

which is cheaper compared to retroactive methods. Trained employees on cybersecurity

threats can be a major asset to the company through early detection of threats and spotting of

breaches before large damage. The early response can save the company from incurring huge

amounts of money and resources as the organization can address the threat quickly to

minimize the risk and the impacts.

 Surname 6
6

Lastly, doing cybersecurity awareness training to the employees can help improve the

worker's confidence working in a secure environment which provides job security.

Employees are always ready and active to work in secure organizations, especially when

dealing with modern technology devices which are protected from attacks. On the other hand,

customers will always feel confident to share information where the organization safeguard

their data privacy hence making such organizations have a large customer base.

However, training of the employees concerning cybersecurity skills should be well

thought by the organization because the costs of training can exceed the company needs.

Similarly, the employees can be a threat to the organization when they get the cybersecurity

experience and therefore, proper monitoring of the employee's computers should be done

constantly by experts in the IT departments. Training employees can also be challenging to

striking a balance between keeping employees maintaining their productivity and keeping

confidential organization data secure. Therefore, the organization should develop clear and

simple policies that guide and address potential data security breaches.

Conclusion

The employees without knowledge and experience about cybersecurity form the

weakest link in the organization efforts to counter company cybersecurity defence. The

ability of the attacker's to gain access s to organization data through successful attempts to

phishing scams explains the reasons for providing employees with cybersecurity education.

Training the employees on cybersecurity provides more benefit to the organization. After all,

they can never compromise because they have solid basics of network security.
 Surname 7
7

Work cited

Adams, M., & Makramalla, M. (2015). Cybersecurity Skills Training: An Attacker-Centric

Gamified Approach. Technology Innovation Management Review, 5(1), 5-14. doi:

10.22215/timreview/861

Al Awawdeh, Shadi, and Abdallah Tubaishat (2014). "An information security awareness

program to address common security concerns in IT unit." 2014 11th International

Conference on Information Technology: New Generations. IEEE.

Crane, Casey (2019). “How to Prevent Cybercrime: 9 Helpful Tips.” Hashed Out by The SSL

Store™ www.thesslstore.com/blog/how-to-prevent-cybercrime-9-helpful-tips/.

Kemper, G. (2019). Improving employees' cybersecurity awareness. Computer Fraud &

Security, 2019(8), 11-14. doi: 10.1016/s1361-3723(19)30085-5

Nykodym, Nick, Lisa Kahle‐Piasecki, and Erika L. Marsillac (2010). "The managers' guide to

understanding, detecting, and thwarting computer crime: An international

performance issue." Performance Improvement 49.5 42-47.

Surname 8
8