WA08-Sample2.pdf

    Page 1

    Memo – Network Security

    To: Dr. Alan Carswell (IS-365)

    From: xxxxx

    Date: 3/18/2017

    Network Security is extremely important within a company – it’s what keeps their data safe and

    locked away in the right place, and accessible to only those who are authorized to handle it.

    Additionally, it keeps the company’s technological services and functions safe within their own

    hands, not manipulated my malicious outsiders attempting to wreak havoc on an organization.

    This memo will outline several important statistics on Network Security (specifically the causes

    and damage that network breaches can create) and stress the importance of training and

    diligence from any company’s employees.

    Network Breaches – Statistics

    There are a great number of manners in which companies can find their network breached,

    ranging from elaborate Phishing scams designed to gain passwords and access to core functions

    and data servers of companies, to hackers will ill-intent out to leak company information, or

    simply partake in mischievous behavior. While many employees may believe hackers to be the

    largest threat to companies – as they are mysterious and are perceived to have the power to

    break into any system – statistics from several sources show an alarming truth: employee error

    Page 2

    accounts for a massive percentage of data breach causes. Will Daugherty, a writer for Cyber

    Security Trend, writes that his

    study found Human error

    accounted for 37% of network

    breach incidents in 2015.

    (Daugherty, 2016) However, it is

    worth noting that while he lists

    these four as separate entities,

    Phishing and Malware also is

    traced back to employee

    negligence. Phishing scams

    require employees to give out information they are not meant to, and Malware is commonly –

    though not always – downloaded by employees who are ignorant to proper protocols or scams.

    As such, simple Employee errors should instead account for a massive 62% of all breaches,

    using Mr. Daugherty’s statistics.

    Company Response

    With employees making simple mistakes from ignorant downloading behaviors to other very

    minor errors, it seems appropriate that a company should respond to this information by

    2015 Breach Statistics

    Human Error Phishing/Malware External Device Employee Theft

    Page 3

    proposing an employee training program to familiarize employees with the risks of Phishing

    Scams and deceiving

    links. Rutrell Yasin, a

    writer for

    DarkReading.com,

    shows that only a

    surprisingly low

    percentage of

    Executives believe that Employee knowledge is a priority – and that 60% of executives

    interviewed would say their employees have little to no knowledge of security risks. (Yasin,

    2016) Negligence to implement Employee Training programs from both Executives and

    Employees themselves cost businesses greatly, especially considering the earlier statistics of

    employee error being the top cause of security breaches. Rutrell Yasin continues in his article to

    state that only 45% of organizations have mandatory training, but 29% of those courses from

    organizations are not mandatory. (Yasin, 2016) Additionally, many of these courses are not

    comprehensive, neglecting concepts such as cloud services, mobile device security, and even

    phishing attacks. (Yasin, 2016)

    Conclusion

    With Network Security being core to companies’ infrastructure and operations in the modern

    age, it should be alarming that employees are often the cause of breaches, and more

    importantly, that companies often fail to respond to these statistics. To maintain security,

    0%

    20%

    40%

    60%

    80%

    100%

    Executives in Favor of Priority Other Executives

    Executives Who Believe Employee Knowledge is a Priority vs Those Who Do

    Not

    Page 4

    Executives must not rely solely on the software and policies of the IT department, but ensure

    that all employees, regardless of department, be trained in good practices and how to avoid

    breaches. The information presented in this memo is only a small portion of the available

    statistics regarding network breaches, but it should serve its purpose in presenting the core

    dangers of employee ignorance in regards to network security. Executives must be diligent in

    training their employees, for the benefit of the entire company.

    Page 5

    Bibliography Daugherty, W. (2016, Jan 6). Human Error Is to Blame for Most Breaches. Retrieved from Cyber Security

    Trend: http://www.cybersecuritytrend.com/topics/cyber-security/articles/421821-human-error-to-blame-most-breaches.htm

    Yasin, R. (2016, May 24). Employee Negligence The Cause Of Many Data Breaches. Retrieved from DarkReading: http://www.darkreading.com/vulnerabilities—threats/employee-negligence-the-cause-of-many-data-breaches-/d/d-id/1325656

    • Bibliography

                                                                                                                                      Order Now