Cybersecurity is an ever-increasing risk. In fact, leaders in the profession have identified cybersecurity as the number one technology risk, which is consistent with the findings in The IIA’s 2015 Common Body of Knowledge (CBOK) study, Navigating Technology’s Top 10 Risks: Internal Audit’s Role. The term “cybersecurity” refers to the technologies, processes, and practices designed to protect an organization’s information assets— computers, networks, programs, and data—from unauthorized access. The proliferation of technology today enables more user access to an organization’s information than ever before. Third parties are increasingly provided access to organizational information through the supply chain, customers, and service providers. A greater variety of data has become readily available as organizations often store large volumes of sensitive and confidential information in virtualized infrastructure accessible through cloud computing. There is an increasing number of devices that can be connected and always engaged in data exchange. As organizations globalize and the organization’s web of employees, customers, and third-party providers expands, expectations for constant access to the organization’s information also increases. Cyberattacks are perpetuated for varied reasons, including but not limited to financial fraud, information theft or misuse, activist causes, to render computer systems inoperable, and to disrupt critical infrastructure and vital services of a government or organization. Five common sources of cyber threats include nation-states, cybercriminals, hacktivists, insiders and service providers, and developers of substandard products and services. Utilize the KnowledgeLeader website and perform the following:
A. Authenticate to the KnowledgeLeader website using your username and password.
B. Perform research and identify/discuss alternative approaches to implementing effective cybersecurity.
C. Submit a brief write-up indicating the results of your research to your instructor.