Running Head: ISSUES WITH CYBER SECURITY 1

                                        Issues with Cyber Security

                           Nickolas Cuddie

                        Mid-Michigan College

                            

ISSUES WITH CYBER SECURITY 2

    Abstract

    Society is at a time when technology is everywhere. All of this technology helps us

with our lives.But with this technology being present there are those who seek to hack

and take the personal information that is on the technology. Even though cyber security

is there to help with protecting personal information it is flawed and multiple issues.

There are five ways in which the hacker can obtain the information. The hacker uses

DDoS, phishing, physical card skimmers, malware, and internal privilege misuse.

Without cyber security a hacker will be able to gain access to the personal information

on the technology.  In the end cyber security has existed and has multiple issues that in

some way shape or form affect how people’s information and technology is protected.
ISSUES WITH CYBER SECURITY 3

In today's society, technology has a major influence in everything that we do. It is

used to communicate with other people, shop, selling stuff, etc. In today’s day and age,

technology exist and in some way affects everything that people do. One issue that has

been around since technology has been cyber criminals and hackers. Society's

response to these groups of criminals is Cyber security. Cyber security protects a

person’s piece of technology and personal information from being hacked. With cyber

security being around it has both good and bad effects on how the community uses

technology. One of the good things is that people’s information is protected. One of the

bad things is that as technology is evolving, so are cybercriminals and how they go

about obtaining people’s personal information. Cyber security is important because it

helps a person protect what they consider important. If a cybercriminal gets a person’s

valuable information then they can sell it or use it how they deem fit. A person going into

this field should be aware of these issues and adapt how they work when these issues

present themselves.  As long as cyber security has existed, it has multiple issues that in

some way shape or form affect how people’s information and technology is protected.

    When looking at the issues of cyber security, they can be categorized into five major

issues. Grossbart (2017) points out that these five major issues consist of human error,

business limitations, talent shortage, newer and better cyberattacks, and new

vulnerabilities. The first issue that comes along with cyber security is human

error/human nature. This issue is presented when a person messes up in some way or

another. Some of the examples includes sharing passwords, opening items containing

malware, workers, in someway, making a company database vulnerable to hack, using

ISSUES WITH CYBER SECURITY 4

easy to guess passwords, and using the same password for multiple account

(Grossbart, 2017). So that means there are a lot of ways a person can make it where

their technology and personal information easier for a hacker or cybercriminal to gain

access to. That also means that in order for people to not have their personal devices

hacked so easy, they will need to fix their errors. Grossbart (2017) presents several

ways for people to fix their issues or errors. That would mean having a handful of

passwords to use, not sharing passwords with other people, making sure that workers

are doing their work properly and making sure that there are no vulnerabilities available

afterwards, and creating more complex passwords. With people maintaining their

security, it becomes harder for cyber criminals to hack their personal information. If they

don’t keep a proper maintenance on their security then they are making it easier for

their personal information to be hacked.

Another person who talks about the issue with human error is Miller (2018). He,

just like Grossbart (2017), points out that human error is one of the major reasons why

technology and personal information is hacked. Miller (2018) did some research and

found a survey that pointed out that about fifty two percent of the people that responded

said that they felt that issue with technology being hacked is due to human error. One

way to help reduce the amount of human error hacks is by putting a remote browser

isolation in place. remote browser isolation, works like incognito mode, makes it where a

person’s internet usage and personal files are hidden from hackers and everyone else

that is on the internet.  The remote browser isolation adds another layer of protection,

for those who use it, to technology and personal files (Miller, 2018). Even though human
ISSUES WITH CYBER SECURITY 5

error might not seem like a big issue with cyber security, in the end people are making

mistakes that end up with someone having access to their technology and personal

information. Some of the personal information that is or could be in a person’s

technology would be personal bank information, social security, personal information, or

anything that a person holds personally.

    Human error is a major issue with cyber security and might have a role with the other

issues that are present with cyber security. Another issue that Grossbart (2017) points

out is new vulnerabilities, as these new vulnerabilities deals with when new technology

is created. Some of the new technology consist of online storage devices, such as the

cloud, phones, self-driving cars, and anything else that has some kind of technology

built into it. These new pieces of technology will have issues, or as some would say,

flaws or vulnerabilities in the technology. As these new devices and software are

presented to the public the hackers and cyber criminals will try to exploit these flaws

within the new devices and software for personal gain or for whatever reason these

people are doing what they do (Grossbart,2017). Melissa Lin (n.d.), does briefly talk

about how not all hackers are bad though. She says that some businesses will hire a

person, who she defines as a “friendly hacker”, and they will have the hired person try to

exploit any flaws or issues that the business’s technological product will have so that

when the final product is released hackers will not be able to find as many flaws in the

product. Some of the businesses that hire these “friendly hackers” are Google, Apple,

Tesla, United Airways, cloudflare, Netgear, United States Department of Defense, and

Oracle. All of these businesses are offering some type of “perks” to those that they are
ISSUES WITH CYBER SECURITY 6

hiring (lin, n.d.). With these businesses having a person exploit the flaws in their

products will present hackers with a more difficult time of finding or discovering any

other issues that might exist in the product.

    As human error and new products make it easier for hackers to be able to do what

they want, Cyber security is then presented with the issue of a talent shortage.

Grossbart (2017) says that there is about a two hundred thousand job shortages

currently in the United States and that there will be somewhere between one and two

million job shortages worldwide. With this large of a job opening for cyber security

businesses will be looking for people to fill these positions (Grossbart, 2017) Zadelhoff

(2018) also expands on the topic of the talent shortage within cyber security. He doesn’t

give a current estimate for current job shortages currently but says that there will be

more than one and a half million job shortages worldwide by the year 2020. He even

says that this job shortage will become about a one hundred and one billion dollar

opportunity when this job reaches its one and a half million person/job shortage. One

issue with the job shortage is that businesses are looking for a person who has a

traditional technology degree or a tech field degree rather than looking for a person who

has a more open ended degree. In other words a business has set requirements that

severely limits the amount of people for the job. Along with the job shortage Zadelhoff

says that cybercrime is on a rise and that a business can deal with around two hundred

thousand cyberattacks a day. That means that there is a huge demand for those who

are wanting to go into cyber security. One thing that IBM is doing is that they are

offering hands on training and other outside the classroom training so that people are
ISSUES WITH CYBER SECURITY 7

properly trained to have a job with cyber security (Zadelhoff, 2017). With this outside the

classroom training and hands on experience IBM is building a group of people who will

be able to deal with cyber security better. Some Schools are using the P-TECH

educational model to teach students the proper skills for the jobs they are going into. P-

TECH stands for Pathways in Technology Early College High School and this school,

just like IBM, is prepping people for the jobs they are going into (Zadelhoff, 2017). As

long as there is an interest in cyber security and people are being trained properly for

the job than cyber security can become better but at the same time could become

worse if it’s not fixed.

Besides dealing with the issues of a talent shortage, human error and newer

technology, another issue that is brought up with the problems in cyber security is small

business limitations. Grossbart (2017) says that businesses have been attacked by

cybercriminals and hackers for a while now. After a while bigger corporations have

come up with cyber security plans to protect themselves from the attacks which then

causes smaller business, not just in the U.S. but all over the world, are then targeted by

these criminals.  As these businesses are building a name for themselves they don’t

have the money to afford a proper cyber security attack and because of that they are

super vulnerable to be attacked (Grossbart, 2017). Lin (Cybersecurity: n.d.) uses

information from a study done in 2013 and 2017. The study showed that for small

businesses 75 percent did not have a proper source of protection against hackers and t

that two thirds of those who have a plan doubt that they will be protected. The study

also showed that out of the businesses that were hacked 88 percent were successfully
ISSUES WITH CYBER SECURITY 8

hacked and that about 40 percent of those that were hacked were able to deal with the

situation in a short amount of time. As for big businesses only about 24 percent were in

some way affected (Lin, n.d). The issue with bigger businesses is that the bigger and

more popular, the more they have to spend on a cyber security plan. In 2017 the

average cost that a larger business had to pay was about 7.35 million dollars. That

covers the cost of everything from being hacked to recovering information. One primary

example of a business being hacked is JPMorgan. When they were hacked, hackers

gained information to 83 million accounts. The reason to why so many accounts were

hacked was due to JPMorgan not having a dual authentication process in place (Lin,

Cybersecurity: n.d.). In the end both big and small businesses suffer at the hand of the

hacker and cybercriminal for not having the proper cyber security.

    After being presented with all of these issues, the last problem, and the worst due to

it being a combination of all the other issues, with Cyber security is the newer and better

attacks that cyber criminals are coming up with. As implied earlier with technology and

cyber security evolving and becoming better these cybercriminals and hackers will have

to up their game in order for them to gain access to people’s technology and personal

information. Grossbart (2017) says that cybercriminals are trying to come up with

smarter and better ways to hack or gain access to people’s information. With these

criminals becoming smarter and more aggressive it is becoming harder to keep up with

these attacks (Grossbart, 2017). Lin (n.d.) expands upon the issue of the cyber

criminals and the ways they attack. She divides all of the hackers into four groups and

says that there are five common ways that these hackers try to get a hold of a person’s
ISSUES WITH CYBER SECURITY 9

information.  Along with technology becoming more and more integrated into our society

it is becoming easier for these hackers to do what they do. The first group is nation -

state actors, and they are a government group that tries to hack or get a hold of

another, or enemy, governments private information (Lin, n.d). The second group is

financially motivated organized crime group, and they are a group of people who try to

get money from people to finance their crimes. The third group is called insiders, and

they are workers who are forced, blackmail or other ways, or accidentally give up

confidential information to an outside source. The last group are called activist groups,

and they are a group of people who do whatever is necessary to get their point across

(Lin, n,d.). In the end a hacker or cybercriminal will fall into one of these groups.

    These hackers and cybercriminals have multiple ways of getting what they want. One

way is through phishing. Phishing is when a hacker or cybercriminal sends a link to a

person asking them to input their information, such as bank  or social security

information, by misinforming the person of what the information is for, like paying for a

forgotten bill or a bank account being hacked, and that it needs to be taken care of

quickly (lin, n.d.). Another way is by DDoS, Distributed Denial of Service, and that is

when a hacker overloads a server, by sending information from multiple devices, with

information to the point that it freezes. While the server is “frozen” they will take

whatever information they want and do whatever they want with it. A downside to this is

that this is almost impossible to deal with due to the way the hacker uses the multiple

devices (Lin, n.d.) A third way is by physical card scanners, and these items are items

that get put on ATM and other devices that need a physical card scanner. These items
ISSUES WITH CYBER SECURITY 10

will record the information of whatever card is used and give access of the card to

whichever hacker installed it. Once the hacker has access to the card they can take

whatever they want off the card (Lin, n.d.). The fourth way is by using malware. Malware

is software, usually downloaded from a email or other source, that attacks a person’s

computer to either damage it or to gain access to whatever personal information is on

the computer. The last way that hackers use to gain access to personal information is

by internal privilege misuse. This process is when a worker takes confidential

information and hopes to sell out. Other way a worker gains access to the information is

by gossip, curiosity and were snooping around where they shouldn’t be, and/or trying to

gain access to someone’s personal information (Liz, n.d.). Overall these hackers have

multiple ways of gaining access to someone’s personal information and they are

becoming better and better at doing these types of things. If these hackers are not

properly dealt with then they will cause a lot of issues with technology then we are

currently dealing with.

    As technology is becoming more and more implemented into our society, Cyber

security is a must need in order for people to be protected. Without it people would be

hacked more easily and would lose all of their personal information. As long as

technology exist cyber security must exist so that people can be protected from

criminals.

Overall cyber security protects people from being hacked. The issues that come

along with it are there due to human error, business limitations, new technology,

hackers coming up with newer and better ways of hacking people's personal
ISSUES WITH CYBER SECURITY 11

information, and a talent shortage. In the end cyber security has existed and has

multiple issues that in some way shape or form affect how people’s information and

technology is protected.

             

 ISSUES WITH CYBER SECURITY 12

References

Grossbart, N. (2018, March 14). A Deeper Look at Current Issues in Cybersecurity.

Retrieved December 1, 2018, from https://adastra.fit.edu/blog/floridatechbound/a-

deeper-look-at-current-issues-in-cybersecurity/

Lin, M. Cybersecurity: What Every CEO and CFO Should Know. (n.d.). Retrieved

December 1, 2018, from https://www.toptal.com/finance/finance-directors/cyber-security

Miller, D. (n.d.). The Weakest Link: The Role of Human Error in Cybersecurity. Retrieved

December 1, 2018, from https://www.secureworldexpo.com/industry-news/weakest-link-

human-error-in-cybersecurity

Zadelhoff, M. V. (2018, February 06). Cybersecurity Has a Serious Talent Shortage. Here's

How to Fix It. Retrieved December 1, 2018, from https://hbr.org/2017/05/cybersecurity-

has-a-serious-talent-shortage-heres-how-to-fix-it