Computer security, cybersecurity, or information technology security (IT security) is the protection of computer systems from theft or damage to their hardware, software, or electronic data, as well as from disruption or misdirection of the services they provide. The field is growing in importance due to increasing reliance on computer systems, the Internet and wireless networks such as Bluetooth and Wi-Fi, and due to the growth of “smart” devices, including smartphones, televisions and the various tiny devices that constitute the Internet of things. Due to its complexity, both in terms of politics and technology, it is also one of the major challenges of the contemporary world. Some of the cybersecurity threats are
- Phishing, whereby users are lured into taking actions by sending emails
- OS/Network/Database/Router/Firewall level compromise
- Key loggers, wherein the keystrokes are captured to identify the user’s credentials
- Denial of service attacks which results in unavailability of information series
- Social engineering
Cyber Security threats can be addressed by organizations as follows:
- By having strong governance over technology design, procurement and implementation
- Strong technical expertise with the organization at all levels, application, operating systems, databases, networks( Routers, firewalls, Network links)
- Implementing monitoring controls at all levels referred above, real-time analysis of the potential threats and immediate action
- Implementation of IT security policies and continual user education.
Impact and Opportunities to Chartered Accountants
The accuracy and integrity of the data can be highly impacted due to the abovementioned threats. Hence, professionals need to be better equipped with a thorough understanding of the technology stack, as the entire technology landscape continues to become more complex. The complex technology threats bring forth opportunities for professionals to be trusted advisors to Managements boards Chief information systems officers, Chief technical information systems officers, etc. to assess the Business impact of technology risks and address the same. Further with a strong combination of business acumen coupled with technical understanding opens up opportunities for professionals, in technology areas where Business expertise is required.