Cybersecurity Strategies in Small Businesses: A Case Study on Ionone Textiles, Summaries of Computer science

Download Cybersecurity Strategies in Small Businesses: A Case Study on Ionone Textiles and more Summaries Computer science in PDF only on Docsity! Small scale research about ionone apparel and textiles About the company This study investigates the organizational performance of small scale manufacturing industries in Sri Lanka. The main objective of the study is to analysis cyber threads and vulnerability’s. Family and non- family controlled firm were considered as independent variables, and organizational performance - profitability, employee turnover, and employee morale- was considered as dependent variable. Ionone textiles have main garment and 1060 working employees in company. Abstract Cybercrime is one of the quickest growing areas of criminality. Criminals abuse the speed, accessibility, and privacy of the Internet to commit diverse crimes involving data and identity theft that cause severe damage to victims worldwide. Many small businesses do not have the financial and technological means to protect their systems from cyberattack, making them vulnerable to data breaches. This exploratory multiple case study, grounded in systems thinking theory and routine activities theory, encompassed an investigation of cybersecurity strategies used by 5 small business leaders in Middlesex County, Massachusetts. The data collection process involved open-ended online questionnaires, semi structured face-to-face interviews, and review of company documents. Based on methodological triangulation of the data sources and inductive analysis, 3 emergent themes identified are policy, training, and technology. Research Strategy There are different types of qualitative research strategies that need to be carefully considered in relation of the nature of the study. According to Creswell some of 35 these strategies are grounded theory, phenomenological research, ethnography, action research and narrative research. However, empirical research is taken into consideration when the real life phenomena is being investigated for acquiring knowledge of complex problems that need to be understood. The complexity of the problem introduced in this study comes from the possibility of different cyber security measures creation in SMEs where IT professionals answer interview questions based on their experience and knowledge that was gained from their everyday work setting. This study focuses on six different SMEs and their different contexts where experience and knowledge of IT participants let us understand why they make certain choices about the security measures that are in place in their organizations. For a detailed overview of the data collection method, the section below gives a detailed introduction. Cybercrime financial effects Asserting that financial crime through the Internet presents a constant technological danger due to the growth of virtual environments. Lack of targeted surveillance and coordination with Internet service providers (ISPs) has produced challenges for efforts to prevent terrorist financing actions on the Internet. Chamber-Jones emphasized that applying physical laws to virtual environments is impossible. Asserted that the development of an international standard to detect online terrorist financial activities should become a task for the Srilanka. Pre-cyber-attack Organizational Decision Making Under pre-cyber-attack organizational decision making we consider all the measures that are or could be created in order to prevent cyber-attacks. Here at the first place we would like to see if any of national, EU or international cyber security standards are adopted and used in particular organization. As mentioned and described before, these standards exist and could represent a useful security guide for IT professionals even if only partly adopted. Although cyber security standards exist, claims that there is not a unique optimal way to deal with organizing cyber security for every organization due to each organization is object to distinct business strategy, culture and organizational structure. In order to define these specific organizational needs, cyber security policy can be created. According to Doherty and Fulford, “information security policy provides a framework to ensure that systems are developed and operated in a secure manner”. Todd and Rahman provided a method for creating, implementing, and enforcing an information security plan at low cost to small businesses. To carry out this plan, Todd and Rahman reported 10 inexpensive, or free, security measures for quick implementation: 1. Know your equipment, in terms of maintaining an asset list. 2. Stay ahead and identify all possible methods of attachment for a network. 3. Learn from mistakes, or study past threats to be able to predict future attacks. 4. Prioritize your security concerns by identifying what will have the greatest negative impact on the business. 5. Control access to the network and virtual private networks used for remote employee access. 6. Test firewalls to protect from intrusion. 7. Provide access to systems only when necessary. 8. Backup systems frequently and have a backup of the backup. 9. Train users to be suspicious of emails from senders they do not know, including never opening attachments from a suspicious party. 10. Alert remote workers to remain mindful of their equipment and do not allow anyone to use the equipment when working remotely. Todd and Rahman argued for small businesses to utilize the steps and create a security-minded culture. Upon completion of a comprehensive security analysis, organizations would be able to create a practical budget plan. The security analysis contained components of assessment, requirements, policies, and procedures. Cybercrime’s Legal Effects Technology has been in a continuous state of progression, which in turn has advanced cybercriminal behaviors. Legislative efforts to fight cybercrime may lack efficiency and improvement to keep up with cybercriminals. Cade recognized if global laws do not advance and take precedence, a catastrophic