Potential Computer Security Threats and Policies to Manage the Risk
In the age of increased technological advancement and the implementation of computers in most areas of life, personal and professional, computer threats can range from meager to serious crises. Information systems are the most affected when computers are exposed to risk (Godugula, 2021). Damages affecting the stored information may range from small insignificant losses to information corruption where data integrity is compromised. In extreme situations, the data stored in computer information systems can be destroyed with no possibility of recovery. Therefore, due to the financial or integrity-related challenges, it is important to design countermeasures that can be put in place before the risks occur.
Information systems security risks are classified into two broad categories: (1) internal threats and (2) external threats. Both categories of information systems security risks can further be divided into three groups: (i) human, (ii) technological, and (iii) environmental threats (“WikiLeaks founder charged in computer hacking conspiracy,” 2019). Human threats will be considered for the completion of this case study. They include security threats to information systems as a result of human actions and activities. Human threats can occur due to malicious or non-malicious activities by either internal members of institutions such as employees or external attackers such as hackers.
Human threats can lead to various risk outcomes. First, human threats can result in denial of service and corruption of information. Internal or external threat agents can steal information whether they are granted access or use illegal means of collecting the information (“Top 3 Cyber Security Issues Organizations Face”, 2021). The stolen information can lead to financial challenges and loss of confidence in institutions where the security risk has occurred. For example, in America, a group of cybercriminals referred to as “FIN12” attacked hospitals with ransomware programs in 2020 and stole patients’ and hospital financial statements demanding payment to restore hospital assets to healthcare institutions (Sganga et al., 2021). It was an example of a cyber threat that has been experienced in the recent past.
Second, human threats can lead to theft and disclosure of important information. Internal and external human perpetrators can access information of individuals or institutions to steal them for illegal use. In some instances, the stolen information is often released to the public, disclosing confidential information that can threaten individuals, corporations, or governments. For example, Julian Assange, an Australian hacker, was touted to have stolen confidential United States (US) information and disclosed it through his website WikiLeaks without the approval of the US government (“WikiLeaks founder charged in computer hacking conspiracy,” 2019). As a result, the information disclosed by Assange led to security threats and challenges to the US government.
Policy or Procedure You Would Implement to Manage That Risk
To mitigate risks and threats to information systems, it is important to design and implement countermeasures that prevent or reduce the impact of the risks in the event they occur. For instance, one of the techniques that can be used to reduce internal human threats in an institution is to administer passwords to protect vital information. Therefore, it is easier to track the individuals who interact with the information by checking the login and log-out data by restricting access to sensitive information. Additionally, it is important to change passwords often to prevent previous employees from accessing sensitive information, which can lead to information system security risks.
Also, being prepared for data breaches means that the institution can set up redundancy systems that can help if the data is destroyed. Having external sites of redundant storage increases the likelihood of smooth recovery and transition if a security data breach occurs and the data is corrupted or completely damaged. It ensures that the institution’s data is up-to-date and that the services it offers can still be accessed in the event risk has occurred.
Potential Impact and the Severity of the Incident
The occurrence of theft of a computer with health information can lead to significant impacts. First, the information about the hospital and the patients can be exploited by the thief. For example, social security numbers, health information, and financial records of the hospital, among other important information, can fall into the wrong hands. As a result, attackers can steal the identity of the patients, hospital employees, and hospital management with the intent of causing financial harm. Also, the attacker can use the stolen computer to infect viruses and malware in the health institution system making it difficult to access and interact with the information. Such cases can lead to financial harm and physical harm to the patients if the services of the health institution are stopped due to the inconveniences caused by the incident.
Applying the Phases of Handling Data Incidents to This Instance
To handle such incidents of data breaches, it is important to employ administrative safeguards, including risk analysis, risk management, sanction policies, and information system activity review. Moreover, implementing procedural data handling incident response is an effective approach to recovery (“6 Phases in the Incident Response Plan”, 2021). The first step is to identify the breach., which is the theft of a computer containing health information. Next is to contain the incident, for, in the case of a stolen computer, the institution has to prevent it from accessing the health information on the internet by implementing firewalls that stop further breaches from the stolen computer. The last step is to find a recovery program that can be used to restore the institution’s programs.
Recommended Strategies to Prevent This Type of Data Incident from Occurring in the Future
One of the strategies to prevent the reoccurrence of the risk is employee training. The anticipation of the risk can lead to reduced risk occurrences. Therefore, preparing for the occurrence of the risk involves providing employees with information and computer handling training to prevent them from misusing, losing, or mistakenly causing harm. The institution can conduct incident rehearsals to gauge the employees’ incident preparedness if the risk occurs.
6 phases in the incident response plan. (2021). Security Metrics. Web.
Godugula, H. (2021). Evolving cybercrime and data security challenges. The Financial Express. Web.
Sganga, N., Herridge, C., & Bidar, M. (2021). Foreign hacking group targets hospitals, and clinics with ransomware attacks, says a new report. CBS News – Breaking news, 24/7 live streaming news & top stories. Web.
Top 3 cyber security issues organizations face. (2017). Maryville Online. Web.
WikiLeaks founder charged in computer hacking conspiracy. (2019). U.S. Department of Justice. Web.