Paper

Entrepreneurship Research Paper

Data-Breach Security Group

Tanya Sasnouskaya 

School of Cybersecurity, Old Dominion University 

CYSE 494: Entrepreneurship in Cybersecurity

Dr. Brian K. Payne 

June 20, 2022

Introduction

Cybersecurity is a significant concern for today’s business owners and technology leaders for a good reason. According to a survey published by RiskBased Security, data breaches exposed 36 billion records in the first half of 2020 alone. Hackers are well-versed in the fundamental flaws that affect businesses and organizations, keeping cybersecurity experts on their toes. As the ability to access cyberspace rises as a result of technological advancements, so does the number of cybersecurity challenges that businesses may confront. Cybersecurity breaches can strike any company at any time. In 2020, well-known companies like Marriott, MGM Resorts, Twitter, and Magellan Health all suffered cyber attacks. However, hackers do not only target heavyweights. According to Verizon Business’s 2020 Data Breach Investigations Report, small businesses were engaged in more than one out of every four data breaches (Verizon, 2020). These attacks can be pricey. According to a Hiscox analysis from 2019, the average cost of a cyber attack is roughly $200,000 (Kim, D., & Solomon, M. G., 2019). This economic impact has alarmed many people, including tiny business owners. According to a survey performed by the US Small Business Association, 88 percent of small firms believe they are vulnerable to cyber-attacks. Preventing these attacks is crucial financially. In today’s company landscape, there are various different cybersecurity risks to be aware of – issues that only a seasoned cybersecurity specialist may be able to assist.

Cybersecurity threats affect not only businesses; healthcare data breaches cost the industry $5.6 billion each year. Attackers target the healthcare industry because it has a lot of information, private data, and financial data, such as credit card numbers, bank account numbers, and information about medical research and innovation. You have to leave under the rock to not to notice that our daily routine becomes more and more artificial intelligence-based. We heavily rely on smart cars, phones, houses, autonomous gadgets, etc. Imagine what a big inconvenience it is for you to have your bank account information leaked. It is a highly stressful situation that costs you a lot of money. Now imagine what it would be like for a big or small business. Obviously, information confidentiality is a primary concern, and its protection can not be overestimated. In the modern age of cybersecurity threats, vulnerabilities abound for both large and small businesses. Understanding how hackers operate can help to reduce the risk of data loss. Cybersecurity professionals can avoid the potentially disastrous consequences of a large-scale data leak by keeping an eye on trends and emerging technology.

[description of the problem and the innovation]

In order to innovate, let’s look at the market and see if there is already any kind of solution provided. For many businesses, the risk associated with cybersecurity can be frightening. For every business, regardless of size, developing a solid cybersecurity program is sometimes challenging and difficult to understand. One of the solutions that already exist is a cybersecurity framework. A cybersecurity framework is a set of norms, principles, and best practices for dealing with risks in the digital environment. They usually pair security goals, such as preventing unauthorized system access, with controls requiring a username and password. This step has to be taken by every business/organization, yet it does not deal with the compromisation that has already occurred. A group of professionals gathered in one place can give the company an adequate assessment of the incident and provide them with a solution and instruction on prevention for the future. 

  1. NIST cybersecurity framework:

The National Institute of Standards and Technology’s (NIST) cybersecurity framework is a helpful tool for organizing and improving your cybersecurity program. It’s a set of standards and best practices designed to assist businesses in establishing and improving their cybersecurity posture. The Framework lays forth a set of guidelines and standards to help companies better prepare for cyber-attacks by identifying and detecting them, as well as providing advice on how to respond to, avoid, and recover from them. This Framework, developed by the National Institute of Standards and Technology (NIST), tackles the lack of cybersecurity standards by providing a consistent set of rules, guidelines, and standards for enterprises to apply across industries. The Cybersecurity Framework (NIST CSF) of the National Institute of Standards and Technology is widely considered the gold standard for building a cybersecurity program. Whether you’re just getting started with a cybersecurity program or have a well-established one, the Framework can be beneficial by serving as a top-level security management tool for assessing cybersecurity risk across the firm. All cybersecurity capabilities, projects, processes, and daily activities are categorized into these five fundamental functions under the Framework: identity, protect, detect, respond, and recover. Among its main advantages are:

  1. Superior and unbiased cybersecurity
  2. Enable long-term cybersecurity and risk management
  3. Ripple effects across supply chains and vendor lists
  4. Bridge the gap between technical and business side stakeholders
  5. Flexibility and adaptability of the Framework
  6. Built for future regulation and compliance requirements

The cybersecurity framework is excellent, yet at the end of the day, it is a set of guidelines that does not deal with the attack that has already occurred. This exact problem we will try to solve.

Technical Problem

The specific issue is that system security experts who maintain federal networks and critical infrastructure systems are facing increased difficulty in preventing data breaches that could expose sensitive national security information. In the IT security business, there are both successes and failures when it comes to data breach prevention strategies (Iovan & Iovan, 2016). Furthermore, as data technologies advance in the IT business, the risk of data security breaches increases (Jacobs et al., 2016).

The President’s Executive Order calls for the federal government’s network and key infrastructure systems to be strengthened in terms of data breach prevention (Office of the Press Secretary, 2017). According to Hubbard, Weber, and Steinhoff (2017), 65 percent of 100 federal IT security experts have experienced a data breach, with 34% experiencing one in the previous year. According to federal IT security experts, 96 percent of the federal network and important systems are susceptible, with 48 percent being severely vulnerable (Hubbard et al., 2017). When compared to other industries, the federal government spends less on cybersecurity and has fewer resources to defend its networks and critical infrastructure systems (Hubbard et al., 2017).

Failure to implement sufficient cybersecurity protection methods by security professionals supporting federal networks and critical infrastructure systems might result in severe financial, legal, operational, and reputational implications (Willard, 2015). Understanding the implications of potential threats and safeguarding sensitive national security data are essential for proactive operations and the avoidance of national security failure. There are a lot of dangers that could happen. In 2015, the Federal Bureau of Investigation (FBI, 2016) recorded more than 64,000 cybercriminal attacks, resulting in global losses of more than $1 billion.

All federal networks and key infrastructure systems that operate globally store highly sensitive data such as private agency data, employee records, and trade secrets, all of which are appealing targets for cybercriminals (Iovan & Iovan, 2016). Internal personnel, foreign hackers from anywhere in the world, or organized cybercrime units could all be possible attackers (Leedy, P. D., & Ormrod, J. E. 2014). Assailant techniques are continually changing, becoming more complex, aggressive, and widely used. A data breach could have a detrimental influence on operations and damage an agency’s reputation, resulting in a potential loss of trust, according to Choong, Hutton, Richardson, and Rinaldo (2016); Iovan and Iovan (2016).

In the United States, businesses and federal agencies reported up to 3,000 data breaches in 2014, with more than 540 million stolen information and online data files (Romanosky, Hoffman, & Acquisti, 2014). According to Zafar, Ko, and Osei-Bryson (2015), cybersecurity attacks increased by 70% over three years, resulting in annual losses of more than $7.1 million. 

Security professionals who support federal networks and critical infrastructure systems should strive to ensure data breach prevention solutions are effective against cyberattacks, according to Borum, Felker, Kern, Dennesen, and Feyes (2015), and security professionals’ cyberdefense strategies rely heavily on identifying, assessing, and managing risk. To build information security plans, security professionals must understand the origins of information security risks as well as the potential business effects of such risks (Borum et al., 2015). Using frameworks like the NIST CSF to examine a company and risk-management methods could help security specialists sufficiently defend federal networks and critical infrastructure systems vulnerable to rising security threats (Lanz, J. 2016).

We propose to provide a specially trained staff of programmers capable of performing both “cyber-ambulance” and “cyber-police” operations in our innovation. When it comes to data breaches, it is not just about the money, it is also about employers’ privacy, and the response must be quick.

“Cyber-ambulance”

Purpose: An organization’s preparation during a cyber security disaster depends on its ability to plan appropriately. Recovery planning is an important part of an organization’s information security program because it allows employees to understand system dependencies, identify critical personnel such as crisis and incident management roles, set up alternate communication channels, services, and facilities, and other aspects of the business continuity plan. To better design a specific cyber event strategy, organizations might study “what if” scenarios, which may be based on cyber incidents that have impacted other organizations. 

Duties: recovery and prevention.

Methods: 

  1. Firewalls and virtual private networks (VPNs). Firewalls and VPNs provide you more control over your network’s traffic and accessibility. 
  2. Upgrades and updates. Keeping current with the most recent software patches and best practices can help you avoid the majority of recently discovered vulnerabilities. 
  3. Strict content controls. Internal content controls help protect your most sensitive data and apps from unauthorized access. 
  4. Accessibility limitations. You’ll face fewer dangers if a smaller number of employees have access to your company’s most sensitive data. 
  5. Staff education.  Human error is at the root of the majority of security flaws. As a result, it pays to train and educate your employees on cybersecurity best practices. 

Roles: 

  1. Information security specialists.

Information security analysts defend a company’s digital assets from hackers. This usually entails scanning networks for security breaches and investigating them, as well as adopting security software, conducting penetration testing, and developing company-wide security policies. 

  1. Penetration tester

Playing the villain and attempting to get into a security system is sometimes the greatest way to improve it. Penetration testers try to get into existing security systems in order to help an organization discover and fix weaknesses. Ethical hackers and assurance validators are two terms used to describe these experts. As you might expect, being a competent penetration tester necessitates a high level of ability and knowledge. Candidates with a formal cybersecurity or information technology degree and considerable experience in related areas are likely to be preferred by employers.

  1. Security awareness trainer

Even the most well-designed security measures can fail if an intruder gains access through the front door. Cybersecurity experts understand that the human factor is the weakest link in any digital security scheme. Security awareness officers, or security awareness training professionals, are in charge of a company’s security awareness education. Employees are taught to recognize security threats and follow security policy, which reduces risk. These specialists must know everything there is to know about cybersecurity, as well as people. They’ll create security awareness programs, teach individuals, identify threats, and work with people to encourage the safest behaviors possible.

  1. Data recovery specialists 

Even the best-laid plans can go wrong, as the specialists in this field are well aware. To save data from damaged hard drives or other media, you’ll want to contact data recovery experts (DRPs). They also look after computer gear, troubleshoot mechanical difficulties, undertake forensics, and devise disaster data recovery strategies. These specialists work on large-scale enterprise data recovery and damage mitigation activities in the context of cybersecurity. A vast organization generates a lot of data in a short time. Backups are produced regularly to prevent catastrophic data loss.

“Cyber-police”

Purpose: The process of investigating, analyzing, and recovering forensic data for digital proof of a crime is known as cybercrime investigation. A computer, cellphone, automotive navigation system, video game console, or other networked device recovered at the scene of a crime is an example of evidence in a cybercrime investigation. This evidence helps cybercrime investigators in determining the criminals and their intentions.

Duties: investigation.

Methods: 

Response and reservation: after receiving a scam report, cyber detectives’ first and most important step is to locate and reserve the digital devices engaged in the crime. It is vital to do so in order to avoid data loss or mistreatment. 

Gathering information: After securing the devices, detectives delve deep to discover as much evidence as possible. In this approach, they can clearly imagine the crime and plot a course to solve it. 

Security: Because internet devices are frequently used for hacking, investigations relocate all evidence to a secure location to prevent evidence from being tampered with.

Data analysis: Once all of the data has been collected, the agency evaluates and investigates the devices, extracting critical information. They accomplish so by employing specialist cybercrime investigation technologies. 

Findings and investigation: The use of data leads to the identification of suspects, who then take the inquiry forward. After some time, the investigation leads to the criminal.

Roles:  cybercrime investigator.

A cybercrime investigator investigates a variety of felonies, from recovering file systems on hacked or damaged computers to investigating crimes. It is worth noting that the “ambulance group” is also heavily involved in the inquiry. The gathering of evidence and leading marks is the first step in the recovery procedure (Lotz, N., Law, E. L., & Nguyen-Ngoc, A. 2014). Cybercrime detectives also recover computer data that can be used in criminal prosecutions. Cybercrime investigators create reports that will be utilized in court once they have obtained all of the relevant technological evidence. In addition, cybercrime detectives are required to testify in court. Large organizations may hire cyber crime investigators to test security systems that are already in place. Investigators do this by attempting to get into the company’s computer networks through various methods.

Into Reality 

The first and most critical step in this project is to put together a team of people who are both experts in their disciplines and team players. This type of employment necessitates both professional and personal qualities. One method I can envision discovering these people is through your school, your classmates, and teachers, but also through people on GitHub, because you never know where you’ll find a talent.

In terms of demographics, it is reasonable to consider launching this project in a large city with a mix of small and large businesses. Depending on the size of the business, renting an office and providing equipment may be an option. It’s also reasonable to assume that potential employees already have the equipment they require. However, equipment support is a major focus in the future, as is the employer’s continuous professional skills development. In today’s world of innovation, keeping up with rapid change is critical.

The legal part of the process will include way more legal requirements like:

  1. Create a LLC or corporation.
  2. Obtain business permits and licenses.
  3. Register a business name.
  4. Protect business with insurance.
  5. Open a business bank account.
  6. Consult the professionals.
  7. Apply for a federal Tax ID number. 
  8. Determine if needed a state tax ID number.

Interests/Skills:   

  • Interest in doing quality research
  • Communication Skills
  • Advanced technical skills
  • Robust computer skills
  • Ability to identify data trends
  • Writing Skills 
  • Organization Skills

Resources:  Computer, high-speed internet, database/spreadsheet/statistical software. There are several websites that appeal to those who perform data analysis, one of them is Internet Resources for Data Analysis, which is funded by NICHE and contains a variety of tools as well as links to other useful websites (ISC2. 2015).

Time Required: full-time 30-40+ hrs/week

Training:  Intermediate to advanced math, computer, and communication skills

Market:  Small Businesses, Non-Profit Organizations, etc. 

Home Based:  Yes

Internet:   Yes

Location: to be determined

Start-Up Costs:    $500 – $5,000

According to the research tank Third Way, just about 0.3 percent of all registered cybercrime accusations are investigated and prosecuted. It corresponds to three arrests and prosecutions for every 1,000 malicious cyber events. Malicious cyber actors can engage in nefarious actions without fear of being identified, prosecuted, or penalized because of the wide cybercrime enforcement gap. Furthermore, because a huge percentage of cybercrime victims do not report their crimes, the enforcement gap could be as low as 0.05 percent (Lord, N. 2017). Computer Forensic Services’ CTO, Mark Lanterman, made a similar remark, suggesting that less than 1% of hackers are detected and convicted. Finding a cybercriminal is similar to searching for a needle in a haystack, where the needle may or may not exist (Smaroff, D. G. (2017). Good hackers are aware of the evidence left behind after carrying out a certain attack and will go to considerable efforts to ensure it does not exist. As a result, numerous businesses may be hacked while remaining ignorant of their vulnerability. Security threats to online data are growing in volume, complexity, and velocity, resulting in global monetary losses of more than $125 billion in the last three years due to cybercrime (Jacobs et al., 2016). Security experts supporting federal networks and key infrastructure systems must clearly comprehend the substantial dangers to data infrastructures and implement suitable policies to limit the risk of data security breaches across the country, according to the national concern (Jacobs et al., 2016). It is critical that we do not feel defenseless in the face of cyber strands in today’s society, and that cyber criminals do not feel unpunished in the face of the law. This concept offers a blurry and undefined answer to a huge problem, yet it could be a start toward a very effective countermeasure against cybercrime.

Self-reflection

This assignment really pushes you to think about the field that you want to be a part of a little bit broader—relying on the knowledge that you already had. I had to think outside the box and offer a service that could benefit society and the group of people that will work for it. During the research, I realized how tremendous the data breach problem is in the healthcare industry along with small businesses and organizations and how little the percentage of cybercrime complaints are enforced and prosecuted. This problem has to be addressed in no time. 

From this assignment, I have learned that as an entrepreneur, you have to consider an enormous number of things in your head. I would divide them into two big sections: professional and legal. The professional part would serve the purpose of the core and flash of the business. Everything that makes it physically real. These imply skilled employees, equipment, offices, and communication between both business/client and employer/employee. The legal part would serve the purpose of bridging the gap between business and the law. It implies registering your business name, applying for a Federal Tax ID number, determining if needed a state tax ID number, obtaining business permits and licenses, protecting your business with insurance, opening a business bank account, and consulting the professionals.

I would say that in order to consider this project successful, the only satisfying numbers would be a lower percentage of the data breaches and reduction in the cybercrime disaster itself. 

References:

  1. ISC2. (2015). What is a security expert? Retrieved from http://blog.isc2.org/isc2_blog/2015/02/what-is-a-security-expert.html
  2. Iovan, S., & Iovan, A. (2016). From cyber threats to cybercrime. Journal of Information Systems & Operations Management, 10, 425-434. Retrieved from http://jisom.rau.ro/forward.html
  3. Jacobs, P., Solms, S., & Grobler, M. (2016). Towards a framework for the development of business cybersecurity capabilities. The Business and Management Review, 7(4), 51-61. Retrieved from http://journals.udsm.ac.tz/index.php/bmr
  4. Lanz, J. (2016). Communicating cybersecurity risks to the audit committee. The CPA Journal, 86(5), 2-5. Retrieved from https://www.cpajournal.com/
  5. Leedy, P. D., & Ormrod, J. E. (2014). Practical research: Planning and design (8th ed.). Upper Saddle River, NJ: Pearson.
  6. Lord, N. (2017). The history of data breaches. Retrieved from https://digitalguardian.com/blog/history-data-breaches
  7. Lotz, N., Law, E. L., & Nguyen-Ngoc, A. (2014). A process model for developing learning design patterns with international scope. Educational Technology, Research and Development, 62, 293-314. doi:10.1007/s11423-014-9333-x
  8. Money makes the cyber-crime World Go Round – Verizon Business 2020 data breach investigations report. About Verizon. (2020, May 19).
  9. Smaroff, D. G. (2017). E-Discovery Process and Electronically Stored Information (ESI) Strategies. The CPA Journal, 81(3), 66.
  10. Willard, G. N. (2015). Understanding the co-evolution of cyber defenses and attacks to achieve enhanced cybersecurity. Journal of Information Warfare, 14(2), 16-30.