StudyDaddy Article Writing Subject: Enterprise Risk ManagementQuestion: Quantitative vs. Qualitative Analysis Assignments PART1: Quantitative Analysis - For this assignment, you will need to perform a quantitative analysis on t

Subject: Enterprise Risk ManagementQuestion: Quantitative vs. Qualitative Analysis Assignments PART1: Quantitative Analysis - For this assignment, you will need to perform a quantitative analysis on t

Running Head: THREATS IN MARKETING COMPANY IT INFRASTRUCTURE 0


Week 4: Worst Case Scenario Assignment

Threats in Marketing Company IT Infrastructure





Introduction

The biggest threats facing IT infrastructure in a marketing company comes from within the company. The risks, in most cases, gets attributed to challenges in the cybersecurity aspect. The threats reported in the IT section of a marketing company all relate to a failure in the technology. There are various sources of these threats related to the circumstances, as well as risks that perpetuate their occurrence. Risk and conditions that lead to IT threats in a marketing company include accidents such as fire and human error. In this context, I will discuss seven threats about a virtual company created in mind and based on activities that take place in a marketing company IT section. The dangers I will consider will highlight the topics of their identification and management techniques, as well as the factors that accelerate their occurrence. Human error will form the reference source to the event of the seven threats to get discussed.

Felsam Agencies creates the name of the virtual company that I choose to discuss the IT threats. It forms one of the marketing companies in the Kansas City marketing sector. In brief, Felsam Agencies exist as a strategic marketing firm and which offers the services of customized and integrated solutions of marketing issues to their clients. The company employs the strategy of achieving its marketing solution goals through the delivery of the correct message and by using the most appropriate media to the right clients and at the right time. The company has an IT infrastructure and has a website which contains content regarding marketing solutions. The marketing services offered by the company encompass advertisements and the creation of brands through an integrated media program articulated to digital broadcast and cable to outdoor radio. The company has a team of expert employees that carry the daily activities.


IT threats facing marketing Company

Data Breaches:

Data breaches form a significant threat in an IT network possible to occur due to errors made by humans. The frequent mistakes that employees of a company make that expose the IT network to the threat of breaches include using weak passwords and careless handling of data. Human error, on the same not also encompass low-security awareness by the employees in such a marketing company. As a fact, human error contributes to 52 percent of data breach cases that occur in an IT network. Data breaches refer to an IT security threat where a cyber attacker may hack or gain access to a company's database with a malicious intention. Since possible risks of this threat relate to human error, the risk management plan encompasses measures of making employees in an IT company develop an awareness of possible ways and sources of cyber-attacks. Also, backup and data recovery strategy form a critical approach that ensures serious issues don't arise in the event of a cyber-attack (Teplow, 2016). On the other hand, employees and clients using the marketing IT system should get walked through when they make any errors in the process. The users should get well trained and informed well on how to use the system safely. Other strategies of mitigating such a threat include the use of default credentials and passwords that contain personal or company data to log into the system.


Unauthorized Access to IT physical infrastructure room:

The physical damage in this context relates to the physical security of an IT infrastructure room. As mentioned earlier, the marketing company used in this study has website access by the clients and the employees as well. Any IT infrastructure has a hardware component that supports the network component and its working capability. In this aspect, the room containing these physical hardware devices should get kept out of bound to an unauthorized person. Failure to ensure proper lockout of the unauthorized access to the office may cause severe damage to the system and the entire network. An attacker may gain access and interfere with the hardware by installing a virus to the system hence consequences extending up to the network component of the infrastructure. The possible risks attributed to this threat also include the physical damage to the hardware component of the IT network. This damage may lead to ineffective functioning of the network and therefore leading to other severe consequences like other system attacks getting launched without the administrator noticing. The countermeasures and threat management technique in this regard calls for a tight and well-organized security plan to deny unauthorized access to IT hardware room. The exercise could get accomplished by executing measures of digital identification and unlock access to the office by the concerned personnel.


Loss of power and issues in the grid system:

An IT infrastructure entirely relies on electronic devices, which only become operational with the presence of electricity power. Loss of control, therefore, in this context forms another threat to an IT infrastructure, however hard to attribute the risk to human error. Damage of power across the grid may get caused by various circumstances, including natural calamities such as floods and hailstones (Cummins & Weiss, 2019). The power grid system of an IT infrastructure, therefore, remains vulnerable to damages and challenges attributed to natural factors, sometimes human errors, among others. On the aspect of human errors in this threat, a person may accidentally cause electrocution in the system leading to power loss and sometimes damage to the connected hardware. Power loss in the grid means that the IT infrastructure as a whole turns off and could no longer work until a supportive power system gets set on. The network component remains at risk of getting affected in the event of loss in power across the grid. The network in this context gets at risk of a possible attack in the event the devices supporting it switches off due to power loss in the grid. Power loss across the grid, therefore, becomes a significant threat to a network based on IT components. In this regard, the company needs to have a stand by a power system. The power system switches on automatically in the event of power loss in the grid. The recovery and mitigation technique of this threat also encompasses a regular examination of the power system across the entire network as much frequently as possible. It is essential to note that some companies rely on a private power system while others use the government-provided power grid.


Single Physical Incidents:

These are incidents that cause cyber disruptions mostly articulated to external factors such as nuclear detonations, earthquakes changes in space weather as well as natural disasters like hurricanes. They form threats to the network of IT systems, which occurs by damage to an entire IT infrastructure. The mentions risk factors under this threat make a network system vulnerable to data loss and electrocutions. The effects caused by these threat factors are known to cause network disruptions over large regions once they occur (Glenn et al., 2016). Therefore, they may not get attributed to getting caused by human error factors. Space weather changes on this note may cause severe solar geomagnetic storms leading to a failure of the high-power transformers and a collapse in the entire network electrical system. Companies that rely on network connectivity based on the affected satellite system in this aspect hence gets affected. The policies should, therefore, get hardened through the principle of diversity and employing different measures of alternative routing methods. Operations of a network in the occurrence of such an event could get maintained through backup and multiple capability strategies.


Blockage of a Network:

A network system sometimes gets blocked on the internet component. Various circumstances relate to the threat of a network blockage. The blockage may get caused due to a certain disconnection in the hardware component of a network system or a malicious attack followed by an installation of a blocking virus application by a cybercriminal. In this regard, threat occurs due to the occurrence of another previous access to the network system unauthorized. Network blockage threat poses multiple risks to a network system and makes it vulnerable to consequent data loss as well as cyberattacks. These threats happen to the critical infrastructures but of late has significantly impacted the business and marketing IT infrastructure. On this note, the ideal risk management technique calls for an IT company to develop certain levels of systems and networks. These levels are the internet, intra, and independently blocked networks. In the event of a network blockage, the internet network gets separated from the intra network. Hence it means that workers and users only work within the intra network. Access on the internet, in this case, gets done through the only internet network separated from the intra network.


Physical and remote manipulation of network-based systems:

It forms another significant threat that the operations and activities of a company may get affected through physical manipulations of the network system in use. The manipulations in the network systems occur through changing, deleting, or adding certain information in the operation database of a company network system (National Academies Press, 2018). This threat is hence associated with a possible cyber-attack to a network system, and in this case, it counts for remote manipulations. Manipulation of network-based systems by the physical aspect gets associated with physical tampering of the physical hardware on network infrastructure. The risks involved in such a threat include data loss, database corruption, and failure. The users of a network may also get denied access to their data and access to the web completely. The physical disruption forms an avenue for other destructive attacks on the entire network system and increased cyber-attacks. Vulnerabilities of a network system that leads to this threat include gaining access to the network control room by unauthorized persons. Human error also counts for the fragility and risk of a network's physical and remote manipulations. The mitigation measures to this threat included a complete denial of access to the network control room by unauthorized persons. Company employees and users should also avoid giving the logging in credentials to unauthorized persons.


The threat of aging infrastructure:

As mentioned earlier, the network system depends on the hardware component set to support it. Technology developments and advancements form another determinant factor essential to the security and workability of a network system. On this note, aging as a threat factor makes a network system vulnerable to possible attacks due to the inefficiency of the hardware component. The advancement of technology gives rise to new devices and developments in the IT sector. Therefore, it may become necessary to replace the old and outdated hardware components with more advanced tools. The possible risks involved with an old, outdated IT infrastructure includes easy access to the database through cyberattacks and loss of data. The vulnerability of the network system, therefore, gets addressed through the replacement of the network hardware with newly developed components.






















References

Cummins, J. D., & Weiss, M. A. (2019). Systemic risk and the U.S. insurance sector. Journal of Risk and Insurance, 81(3), 489-528. https://doi.org/10.1111/jori.12039

Glenn, C., Sterbentz, D., & Wright, A. (2016). Cyber threat and vulnerability analysis of the U.S. electric sector. https://doi.org/10.2172/1337873

National Academies Press. (2018). 2 types of threats associated with information technology infrastructure | Information technology for counterterrorism: Immediate actions and future possibilities | The National Academies Press. The National Academies Press. https://www.nap.edu/read/10640/chapter/4

Teplow, L. (2016). Human error: The biggest risk to client data? MSP Software & IT Management Software Solutions | Continuum. https://www.continuum.net/blog/the-biggest-risk-to-your-bdr-solution-human-error

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!