Information:
-
The risks to privacy from collecting and storing personal information.
Issues of collecting and storing information can pose privacy concerns in the digital age. One major worry is the threat of data breaches that are actually quite common. An Example of a data breach was the Equifax data breach in 2017, affecting 147 million users. The breach exposed a lot of information such as: Names, addresses, and social security numbers. This shows why we need better security measures. Going beyond data breaches there is a growing unease of how companies store and use our personal information we give them. Many Social Media companies have been criticized for exploiting users' data for targeted advertising. Cambridge analytica scandal in 2018 gives an example showing the concerns of irresponsible misuse of personal data for political actions. This example shows the need for better practices within data utilization to protect users from something they did not think they signed up for. The lack of transparency in data collection usage also worries privacy concerns. Surveillance technology likes to collect face recognition and location tracking data on users, also raising additional concerns of privacy. This can lead to a mass data leak and show people who use other people's information for misuse. Many people are worried and we need to fix how information can be stored within a company's server. We have gone far into making technology better, faster, etc., but this is a sorry excuse if we go into the future without better security of private information.
-
How can computing resources be misused and how can it be protected?
Computing resources can be misused in many different ways, and can impose harm to many different people and even the security of our own government. One major issue and misuse can be cyberattacks. Cyberattacks are when someone or a group exploit vulnerabilities in computer systems and does this to get data or to disrupt service. Ransomware attacks, like the WannaCry incident in 2017, would encrypt files on a user's systems and demand money for their files back. Not only did it affect people with sensitive information, but also caused financial damage to many major companies. Another misuse can involve unauthorized use of computing resources for crypto mining. Cyber criminals will infect computers with malware that can secretly run on one's computer without them knowing, using their computer resources. Not only does it affect the users pc by slowing it down, but it can use more energy withdrawal and cause an increase in the users electricity bill. An example of this would be a malware known as Coinhive, in 2018, it was known to exist through websites and it would affect you through the website. It would then mine without your consent, sneaking on to your computer. To protect computing resources from misuse, cybersecurity measures need to be higher. This can include regular software updates for patching major vulnerabilities, implementing better firewalls, and educating users on phishing. Giving users better and stronger authentication methods such as multi-authentication helps prevent unauthorized access. Big corporations should invest and provide better, and a more affordable way to help combat potential threats for users. By developing a better security network, users and corporations can both mitigate risks that are caused by the misuse of computing resources.
-
How unauthorized access to information is gained?
Insider threats that are involved in cybersecurity in an organization misuse their access either maliciously or unintentionally. Insider threats may include employees intentionally stealing data, such as confidential client information for their own personal gain. This can happen if an employee falls under a phishing attack or if they mishandle sensitive information. They can save this information on either unsecured or personal devices. An example of this was a phishing attack on the Democratic national committee during the 2016 presidential election, when unauthorized use of information was accessed. Keeping control on inside threats takes many precautions within this important information. Implementing access controls based on job roles can minimize risk of potential misuse. An example,limiting employee access to information reduces the risk of potential data breaches within a company. Cyber security training increases awareness of certain unintentional threats. The monitoring of user behavior can contribute to early detection of unintentional data leaking. Also doing this can identify unusual patterns of what employees can do so there isn't a potential intent of leaking information. Building a defense against insider threats can cause an increase in trust and people also keeping their jobs. While doing this, keeping their personal information safe is an important part of the trust aspect. This can also encourage employees to report security concerns without a fear factor. As technology evolves, awareness remains a major aspect of security against major insider threats.