As a senior manager and government representative following are the list of some top 10 threats:
- Inside crime: A disillusioned employee or espionage agent will find a way to gain access to records and sensitive data. Data can be alerted and copied or placed on worldwide web. Employees due to the human behavioral factors involved would continue to be involved in transferring the data ad money to and/or use programs to skim accounts or sell data and information to the competitors or an overseas government agency.
- Fraud orchestrated by an organised crime syndicates is becoming a way of life and the steeling and resale of people’s identity is big business and is likely to continue.
- Cyber attackers by hackers, crackers and government front companies is continuing , aided by internet and in some cases cannot be immediately detected.
- Lack of skilled cyber security professionals and therefore a gap vis-a-vis people writing the secure computer programs, managers with the ability and awareness to understand the technical gaps and human deficiencies; administrators who are not motivated to look into problems or ensure the recovery actions and or follow-up action is taken when necessary; and there is shortage of people who can write secure code and those that can produce secure websites.
- Easy for an malicious code to get into the system and the chance of the preparator being caught is very remote so hackers and crackers do not consider that they are at risk of being caught and prosecuted.
- Fake software products is causing concern and more education is needed to inform the public about this and the raise awareness.
- Inadequate cyber security policies and security plans in place, and do not implement recovery plans rapidly enough.
- Cloud computing is fine but its important to know how cloud computing is managed.
- Poor and ineffective patching can result in additional problems and sense of apathy, as managers believe they have solved the problem when in fact additional problems (viruses) have been created or have penetrated the system.
- Increasing targeting of social networking activities and resulting identify theft and fraud is worrying the authorities.
(Reference : Cyber Security Management by Peter RJ Trim and Yang-lm Lee)