CYBER SECURITY (R20)

UNIT-V
Cyber security: Organizational Implications
Introduction, Cost of Cybercrimes and IPR issues, Web Threats for organizations, Social media marketing,
Social Computing and the associated challenges for organizations, Protecting People’s privacy in the
organization, Organizational guidelines for internet usage, Safe Computing guidelines and Computer usage
policy
Organizational Implications-Introduction

In the global environment with continuous network connectivity, the possibilities for cyberattacks can
emanate from sources that are local, remote, domestic or foreign. They could be launched by an individual
or a group. They could be casual probes from hackers using personal computers (PCs) in their homes, hand-
held devices or intense scans from criminal groups.

Fig: A cyber security perspective. EU is the European Union. PI is information that is, or can be, about or
related to an identifiable individual. It includes any information that can be linked to an individual or used to
directly or indirectly identify an individual. Most information the organization collects about an individual is
likely to come under “PI” category if it can be attributed to an individual. For an example, PI is an
individual’s first name or
First initial and last name in combination with any of the following data:
1. Social security number (SSN)/social insurance number.
2. Driver’s license number or identification card number.
3. Bank account number, credit or debit card number with personal identification number such as an
access code, security codes or password that would permit access to an individual’s financial
account.
4. Home address or E-Mail address.
5. Medical or health information.
An insider threat is defined as “the misuse or destruction of sensitive or confidential information, as well as
IT equipment that houses this data by employees, contractors and other ‘trusted’ individuals.”

NBKRIST, VIDYANAGAR 1 Prepared by K.KIRAN

 CYBER SECURITY (R20)
Insider threats are caused by human actions such as mistakes, negligence, reckless behavior, theft, fraud and
even sabotage. There are three types of “insiders” such as:
1. A malicious insider is motivated to adversely impact an organization through a range of actions that
compromise information confidentiality, integrity and/or availability.
2. A careless insider can bring about a data compromise not by any bad intention but simply by being
careless due to an accident, mistake or plain negligence.
3. A tricked insider is a person who is “tricked” into or led to providing sensitive or private company data by
people who are not truthful about their identity or purpose via “pretexting” (known as social engineering).

Insider Attack Example 1: Heartland Payment System Fraud

A case in point is the infamous “Heartland Payment System Fraud” that was uncovered in January 2010.
This incident brings out the glaring point about seriousness of “insider attacks. In this case, the concerned
organization suffered a serious blow through nearly 100 million credit cards compromised from at least 650
financial services companies. When a card is used to make a purchase, the card information is trans- mitted
through a payment network.
Insider Attack Example 2: Blue Shield Blue Cross (BCBS)
Yet another incidence is the Blue Cross Blue Shield (BCBS) Data Breach in October 2009 the theft of 57
hard drives from a BlueCross BlueShield of Tennessee training facility puts the private information of
approximately 500,000 customers at risk in at least 32 states.
The two lessons to be learnt from this are:
1. Physical security is very important.
2. Insider threats cannot be ignored.

What makes matters worse is that the groups/agencies/entities connected with cybercrimes are all linked.
There is certainly a paradigm shift in computing and work practices; with workforce mobility, virtual teams,
social computing media, cloud computing services being offered, sharp rise is noticed in business process
outsourcing (BPO) services, etc. to name a few.

Fig: Cybercrimes – the flow and connections.

NBKRIST, VIDYANAGAR 2 Prepared by K.KIRAN
 CYBER SECURITY (R20)
A key message from this discussion is that cybercrimes do not happen on their own or in isolation.
Cybercrimes take place due to weakness of cybersecurity practices and “privacy” which may get impacted
when cybercrimes happen.
Privacy has following four key dimensions:
1. Informational/data privacy: It is about data protection, and the users’ rights to determine how, when
and to what extent information about them is communicated to other parties.
2. Personal privacy: It is about content filtering and other mechanisms to ensure that the end-users are not
exposed to whatever violates their moral senses.
3. Communication privacy: This is as in networks, where encryption of data being transmitted is
important.
4. Territorial privacy: It is about protecting users’ property for example, the user devices from being
invaded by undesired content such as SMS or E-Mail/Spam messages. The paradigm shift in computing
brings many challenges for organizations; some such key challenges are described here.

Fig: Security threats – paradigm shift.

The key challenges from emerging new information threats to organizations are as follows:
1. Industrial espionage: There are several tools available for web administrators to monitor and track the
various pages and objects that are accessed on their website.
2. IP-based blocking: This process is often used for blocking the access of specific IP addresses and/or domain
names.
3. IP-based “cloaking”: Businesses are global in nature and economies are interconnected.
4. Cyberterrorism: “Cyberterrorism” refers to the direct intervention of a threat source toward your
organization’s website.

Confidential information leakage: “Insider attacks” are the worst ones. Typically, an organization is protected
from external threats by your firewall and antivirus solutions

NBKRIST, VIDYANAGAR 3 Prepared by K.KIRAN

 CYBER SECURITY (R20)
Cost of Cybercrimes and IPR issues
Cybercrimes cost a lot to organizations

Fig: Cost of cybercrimes.

When a cybercrime incidence occurs, there are a number of internal costs associated with it for
organizations and there are organizational impacts as well.
Detection and recovery constitute a very large percentage of internal costs. This is supported by a
benchmark study conducted by Ponemon Institute USA carried out with the sample of 45 organizations
representing more than 10 sectors and each with a head count of at least 500 employees.
Organizations have Internal Costs Associated with Cyber security Incidents
The internal costs typically involve people costs, overhead costs and productivity losses. The internal costs,
in order from largest to the lowest and that has been supported by the benchmark study mentioned:
1. Detection costs.(25%)
2. Recovery costs.(21%)
3. Post response costs.(19%)
4. Investigation costs.(14%)
5. Costs of escalation and incident management.(12%)
6. Cost of containment.(9%)

The consequences of cybercrimes and their associated costs, mentioned

1. Information loss/data theft.(42%)
2. Business disruption.(22%)
3. Damages to equipment, plant and property.(13%)
4. Loss of revenue and brand tarnishing.(13%)
5. Other costs.(10%)

The impact on organizations by various cyber crimes

1. Virus, worms and Trojans-100%
2. Malwares-80%
3. Botnets-73%
4. Web based attacks-53%
5. Phishing and Social engineering-47%
6. Stolen devices-36%
NBKRIST, VIDYANAGAR 4 Prepared by K.KIRAN
 CYBER SECURITY (R20)
7. Malicious insiders-29%
8. Malicious code-27%

Average days taken to resolve cyber Attacks

1. Attacks by Malicious insiders-42 days
2. Malicious code-39 days
3. Web based attacks-19 days
4. Data lost due to stolen devices-10 days
5. Phishing and social engineering attacks-9 days
6. Virus,worms,and trojans-2.5 days
7. Malware-2 days
8. Botnets- 2 days

Among the other reasons for the growth in the cost of cybercrime:
Cybercriminals are embracing new attack technologies.
Many new Internet users come from countries with weak cybersecurity.
Online crime is becoming easier through cybercrime-as-a-service and other business schemes.
Cybercriminals are becoming more financially sophisticated, making it easier to monetize their exploits.

There are many new endpoints in today’s complex networks; they include hand-held devices.
Again, there are lessons to learn:
1. Endpoint protection: It is an often-ignored area but it is IP-based printers, although they are passive
devices, are also one of the endpoints.
2. Secure coding: These practices are important because they are a good mitigation control to protect
organizations from “Malicious Code” inside business applications.
3. HR checks: These are important prior to employment as well as after employment.
4. Access controls: These are always important, for example, shared IDs and shared laptops are dangerous.
5. Importance of security governance: It cannot be ignored policies, procedures and their effective
implementation cannot be over-emphasized.

Organizational Implications of Software Piracy

Use of pirated software is a major risk area for organizations.
From a legal standpoint, software piracy is an IPR violation crime. Use of pirated software increases serious
threats and risks of cybercrime and computer security when it comes to legal liability.
The most often quoted reasons by employees, for use of pirated software, are as follows:
1. Pirated software is cheaper and more readily available.
2. Many others use pirated software anyways.
3. Latest versions are available faster when pirated software is used.

Web Threats for organizations

Web Security is very important nowadays. Websites are always prone to security threats/risks. Web
Security deals with the security of data over the internet/network or web or while it is being transferred to
the internet. For e.g. when you are transferring data between client and server and you have to protect that
data that security of data is your web security.
Hacking a Website may result in the theft of Important Customer Data, it may be the credit card
information or the login details of a customer or it can be the destruction of one’s business and
propagation of illegal content to the users while somebody hacks your website they can either steal the
important information of the customers or they can even propagate the illegal content to your users
through your website so, therefore, security considerations are needed in the context of web security.

NBKRIST, VIDYANAGAR 5 Prepared by K.KIRAN

 CYBER SECURITY (R20)
Security Threats:
A Threat is nothing but a possible event that can damage and harm an information system. Security Threat
is defined as a risk that which can potentially harm Computer systems & organizations. Whenever an
Individual or an Organization creates a website, they are vulnerable to security attacks.
Security attacks are mainly aimed at stealing altering or destroying a piece of personal and confidential
information, stealing the hard drive space, and illegally accessing passwords. So whenever the website
you created is vulnerable to security attacks then the attacks are going to steal your data alter your data
destroy your personal information see your confidential information and also it accessing your password.
Top Web Security Threats:
Web security threats are constantly emerging and evolving, but many threats consistently appear at the top
of the list of web security threats. These include:
 Cross-site scripting (XSS)
 SQL Injection
 Phishing
 Ransomware
 Code Injection
 Viruses and worms
 Spyware
 Denial of Service
Security Consideration:
 Updated Software: You need to always update your software. Hackers may be aware of
vulnerabilities in certain software, which are sometimes caused by bugs and can be used to damage
your computer system and steal personal data. Older versions of software can become a gateway for
hackers to enter your network. Software makers soon become aware of these vulnerabilities and will
fix vulnerable or exposed areas. That’s why It is mandatory to keep your software updated, It plays an
important role in keeping your personal data secure.
 Beware of SQL Injection: SQL Injection is an attempt to manipulate your data or your database by
inserting a rough code into your query. For e.g. somebody can send a query to your website and this
query can be a rough code while it gets executed it can be used to manipulate your database such as
change tables, modify or delete data or it can retrieve important information also so, one should be
aware of the SQL injection attack.
 Cross-Site Scripting (XSS): XSS allows the attackers to insert client-side script into web pages. E.g.
Submission of forms. It is a term used to describe a class of attacks that allow an attacker to inject
client-side scripts into other users’ browsers through a website. As the injected code enters the browser
from the site, the code is reliable and can do things like sending the user’s site authorization cookie to
the attacker.
 Error Messages: You need to be very careful about error messages which are generated to give the
information to the users while users access the website and some error messages are generated due to
one or another reason and you should be very careful while providing the information to the users. For
e.g. login attempt – If the user fails to login the error message should not let the user know which field
is incorrect: Username or Password.
 Data Validation: Data validation is the proper testing of any input supplied by the user or application.
It prevents improperly created data from entering the information system. Validation of data should be
performed on both server-side and client-side. If we perform data validation on both sides that will
give us the authentication. Data validation should occur when data is received from an outside party,
especially if the data is from untrusted sources.
 Password: Password provides the first line of defence against unauthorized access to your device and
personal information. It is necessary to use a strong password. Hackers in many cases use
sophisticated software that uses brute force to crack passwords. Passwords must be complex to protect
against brute force. It is good to enforce password requirements such as a minimum of eight characters
long must including uppercase letters, lowercase letters, special characters, and numerals.

NBKRIST, VIDYANAGAR 6 Prepared by K.KIRAN

 CYBER SECURITY (R20)
Social media marketing
Social Media Marketing is an important tool for businesses of all sizes, but it can be difficult to know
where to start. With the right guidance and resources, however, you can be successful in creating an
effective social media presence. This complete guide will provide you with the information you need to
understand what social media marketing is, how to do it, strategies to employ, examples of social media
marketing, and tools to help you along the way. So without any further ado, let’s get going!
What is Social Media Marketing?
Social media marketing is the process of using social media platforms and websites to promote a
product or service. It involves creating and sharing content on social networks in order to achieve
marketing and branding goals. Social media marketing is becoming an increasingly popular form of digital
marketing, with companies of all sizes and from all industries taking advantage of its reach.
Purpose and Benefits of Social Media Marketing
The main purpose of social media marketing is to create content that users will share with their social
networks, increasing the brand’s visibility and reach. This content can be anything from blog posts,
product reviews, and videos to images and interactive content. Companies use social media marketing to
engage with their customers and build relationships with them.
Social media marketing also helps companies to build loyalty and trust among their customers. By
engaging with their customers and responding to their questions and comments, companies can show that
they are listening to their customer’s needs and concerns. This helps to build trust and loyalty, which can
lead to increased sales and customer loyalty.
It can also be used to increase brand awareness and engagement. Companies can use social media to
create campaigns and promotions that will be seen by a large number of potential customers. This helps
spread the word about the company and its products and services, driving more traffic to its website and
increasing its sales.

Finally, social media marketing can be used to monitor and measure the success of digital marketing
campaigns. Companies can use analytics tools to track the performance of their campaigns and determine
which ones are most effective. This can help companies to fine-tune their digital marketing efforts and
make sure that they are using the most effective strategies for reaching their target audience.
Social media marketing is an essential part of any digital marketing strategy. It can help companies to
build relationships with their customers, increase brand awareness and engagement, and measure the
success of their digital marketing campaigns. Companies should use social media to their advantage in
order to maximize their reach and visibility.
How to Start Social Media Marketing
To get started with social media marketing, you first need to understand the basics of social media
marketing and how to use it to your advantage.
1. Establish Social Media Presence
First & foremost, you need to establish a social media presence in the following ways:

NBKRIST, VIDYANAGAR 7 Prepared by K.KIRAN

 CYBER SECURITY (R20)
A. Identifying the Target Audience
When deciding to establish a social media presence, it is important to identify the target audience. This
will determine which social media platforms to use, and how to craft messages that will be most effective
for the intended audience. Companies should consider the age, gender, interests, and geographical location
of their target audience in order to create a presence that is tailored to their needs.
B. Selecting Social Media Platforms
Once the target audience has been identified, it is important to select the most appropriate social media
platforms. Different platforms have different user bases and features, so it is important to choose the ones
that are most likely to reach the desired audience. Companies should consider the types of content they
will be posting, the frequency of posts, and the overall goals of their social media presence when selecting
platforms.
C. Creating Social Media Profiles
After selecting social media platforms, companies should create profiles that accurately reflect their brand.
In order to do this, they should create consistent branding across all of their social media accounts. This
includes using the same profile picture and cover photo, as well as having similar descriptions of the
company, website links, and contact information. Additionally, companies should ensure that their profile
is properly optimized for search engines so that it is easy to find.
2. Developing Content
Moreover, you need to start working on content development:
A. Defining Goals and Objectives
Before you can create engaging content, it’s important to define your goals and objectives. What do you
want your content to accomplish? Make sure your goals and objectives are measurable, achievable, and
realistic. Consider your target audience and create content that speaks to them.
B. Creating Engaging Content
Creating content that is engaging is essential for success. Consider the type of content that you want to
create, such as blog posts, videos, podcasts, infographics, and more. Focus on topics and ideas that are
relevant to your target audience and that will capture their attention. Use an effective writing style that is
easy to understand and keep it concise.
C. Utilizing Visual Content
Visual content, such as photos, videos, and infographics, can be highly effective in engaging your
audience. Visual content is more likely to be noticed and shared, which can help to spread your message.
Use high-quality images and videos that are relevant and interesting to your target audience. Incorporate
graphics, animations, and other visuals to make your content more engaging.
3. Promotion
Now, comes the promotion part:
A. Utilizing Paid Advertising
Paid advertising is a great way to promote products and services. This can be done through various
channels, including search engine optimization (SEO), pay-per-click (PPC) campaigns, display ads, and
social media. The key to successful paid advertising is to target the right audience and ensure that your
message is seen and heard.
B. Leverage Influencers
Influencers can be a powerful tool for promoting products and services because they have already
established relationships with their followers and can reach a much larger audience than a brand can on its
own. Influencers can help spread the word about your product or service, and help create brand awareness.
C. Track and Measure Performance
Tracking and measuring the performance of your promotional efforts is key to understanding what’s
working and what isn’t. Tools such as web analytics, A/B testing, and surveys can help you measure the
success of your campaigns and adjust them accordingly. This will help you maximize your ROI and
ensure that your promotional efforts are as effective as possible.
Key Social Media Marketing Strategies
It is important to have a sound social media marketing strategy in place in order to ensure the success of
your business. In this section, we will discuss some key social media marketing strategies that can help
you reach your marketing goals.
NBKRIST, VIDYANAGAR 8 Prepared by K.KIRAN
 CYBER SECURITY (R20)
1. Establish Your Goals
Before you can begin any social media marketing strategy, you must determine what you hope to achieve.
Common goals include increasing brand awareness, driving website traffic, and expanding your reach.
Having a clear understanding of what you want to accomplish will help you create an effective strategy.
2. Analyze Your Audience
Knowing who your target audience is and what they are interested in will help you create tailored content
that will resonate with them. Understanding their age, gender, interests, and other demographics will help
you create content that speaks directly to them.
3. Create a Content Strategy
Once you have identified your goals and target audience, you can begin to create content. This content
should be engaging, informative, and tailored to your audience. You should also consider the type of
content you will post, such as videos, images, and articles.
4. Utilize Automation Tools
Automation tools are essential for creating and managing a successful social media strategy. These tools
help you schedule posts, monitor conversations, and measure results. Automation tools also allow you to
focus on other aspects of your business.
5. Leverage Influencer Marketing
Influencer marketing is a great way to reach a larger audience and build trust with potential customers.
Identify influencers in your industry who have an engaged following and invite them to share your
content.
6. Track & Measure Results
The only way to know if your social media marketing strategy is successful is to track and measure the
results. Monitor the metrics that are most important to you, such as followers, likes, comments, and
website traffic. This will help you determine if your strategy is working and make adjustments as needed.
Social Media Marketing Examples
Social media marketing is a great way to reach potential customers and build relationships with your
current ones. In this section, we will explore some examples of the social media marketing that have
been successful!
1. Contests and Giveaways
Contests and giveaways are popular ways to engage with customers on social media. Companies can use
contests and giveaways as a way to boost brand awareness and encourage users to take action. Contests
can be as simple as a caption contest or an image-based challenge that requires users to post a picture of
their product or service. Giveaways are typically sweepstakes-style contests where users enter to win a
prize. Companies can use contests and giveaways to promote their products or services, build brand
loyalty, and generate leads.
2. User-Generated Content
User-generated content (UGC) as the name suggests is content created by users, not brands. UGC can be
anything from reviews, photos, videos, or posts about a particular product or service. UGC is a great way
to engage with customers and build trust. Brands can use UGC to create content that is more relatable and
authentic than traditional marketing methods. UGC can also help brands build a community and increase
brand visibility.
3. Paid Advertising
Paid advertising on social media is a great way to increase visibility, reach new customers, and drive
conversions. Companies can use paid ads to target potential customers based on their interests, location, or
demographics. Paid ads provide the opportunity to reach a larger audience and gain exposure to products
and services. Companies can also use paid advertising to promote special offers or discounts, run contests
or giveaways, or drive traffic to their website.
Example: Dove Social Media Marketing Campaign
We have always seen Dove being focused on the causes that connect them with their audience. Thus,
keeping the same in mind Dove launched a social media campaign #ShowUs where the main theme was
to make people understand that beauty comes in many forms and challenged the stereotype of beauty. It
employed women and non-binary people and the collaboration was done with Getty images and Girlgaze
Photographers.

NBKRIST, VIDYANAGAR 9 Prepared by K.KIRAN

 CYBER SECURITY (R20)
Apple Social Media Marketing Campaign
Another very famous social media campaign by Apple “The shot on iPhone challenge” in which they
asked people to capture small things in a big way with their iPhones in order to highlight great photos. It
was also done to highlight the greatness of the camera. The photographers were asked to share the images
on social media (Instagram) using #ShotOniPhone and 10 winners were selected for this campaign who
were selected by a designated panel.
Starbucks U.K Social Media Marketing Campaign
Another amazing example of a Social Media Marketing Campaign is Starbucks U.K #WhatsYourName,
where they partnered with the company name Mermaids and focused on the rights of transgenders. This
company also works in the support of gender-diverse youth and transgenders and helps them grow and
prosper. In this, the names which were written on the side of the cup were the ones that the customer
wanted to be called. Along with this, they also sold mermaid tail cookies as a fundraiser for the
mermaids.
Social Media Marketing Platforms
Social media marketing is becoming increasingly popular for businesses of all sizes, as it provides an easy
and cost-effective way to reach new customers. With the right tools, businesses can easily create, manage,
and track their social media campaigns. Here are some of the most popular social media marketing tools to
help you get started.
1. Facebook
With more than 2.27 billion active users Facebook is one of the widely used social media marketing
platforms. It is the first choice for promoting any content as here you target a large number of people that
too of different age groups, locations, gender, behavior, interests, etc. On Facebook, you can also create a
custom audience list and reach out directly.
Facebook Ad Manager – Facebook Ad Manager is a powerful tool to manage, create, and track your
campaigns on the largest social media platform. With this tool, you can create targeted campaigns,
optimize your ad spending, and access detailed insights into the performance of your campaigns.
Additionally, you can use Facebook Audience Insights to gain valuable insights into your target audience.
Finally, Pages Manager allows you to easily manage your Facebook page, including posts, messages, and
reviews.
2. Instagram
Instagram is a visual platform that has more than a million monthly active users and also allows you to
surface your business to a large audience. Although it does not allow links within the posts yes you will be
provided numerous access for showcasing your creativity to the target audience.
Instagram Ads Manager – Instagram Ads Manager is a great tool for managing, creating, and tracking
your campaigns on the world’s most popular photo-sharing platform. With this tool, you can create
targeted ads and access detailed insights into the performance of your campaigns. Additionally, you can
use Insights to gain valuable insights into your target audience. Finally, Creator Studio allows you to
easily manage your Instagram page, including posts, messages, and reviews.
3. LinkedIn
LinkedIn is also a nice platform for promoting your business where you can connect with various business
partners, recruit new members as well as share your own creativity. Also, it is a good choice for B2B
social media marketing. LinkedIn has been ranked as one of the best websites for generating professional
leads.
LinkedIn Ads Manager – LinkedIn Ads Manager is a great tool for managing, creating, and tracking
your campaigns on the world’s largest professional network. With this tool, you can create targeted ads
and access detailed insights into the performance of your campaigns. Additionally, you can use Analytics
to gain valuable insights into your target audience. Finally, Publisher allows you to easily create and
manage content on your LinkedIn page.
4. YouTube
It is one of the best social media platforms for highlighting about your company, its culture, products,
and other important highlights. YouTube has almost 2 billion registered users so if you think that your
company can create something creative which can be promoted on YouTube then you can definitely use
this great platform for promoting your company in an effective way.

NBKRIST, VIDYANAGAR 10 Prepared by K.KIRAN

 CYBER SECURITY (R20)
5. Twitter
As we know that Twitter is a fast platform where things can get instant reach as here users keep on
visiting for new updates. Hence, it makes a good marketing platform where if you keep posting regularly
you create a good reputation in the industry where people will come to your page and crave new things.
On Twitter, one can easily share blog links, posts, and pages and promote numerous things very easily.
Social Media Marketing Tools
For increasing your reach on social media there are various tools available. No matter what social media
platform you are using, these popular social media marketing tools will help you create, manage, and
track your campaigns. With the right tools, you’ll be able to reach new customers and maximize your
return on investment.
 Sendible
 AgoraPulse
 Visme
 Buffer
 Canva
 Zapier
 Hootsuite
 Loomly

Social Computing and the associated challenges for organizations

The Social Web has become an important means of communication for everyone: people, organizations, and
governments all use it to spread and share information, offer opinions and engage in discussions. This
medium creates large social networks through which vast amount of information flows quickly and easily.
Many events are now first reported on the social web (e.g., Twitter, FaceBook, Instagram, watsapp etc.).
specially in emergencies such as explosion , accidents , fires , natural calamities riots, and later in news.
Social media has also overcome the impact of news channels because handling a phone is portable and
convenient.
New web technologies and especially social networks enable users to share and discuss common interests
and provide infrastructures for integrating various user experiences: synchronous and asynchronous
communication, game playing, sharing links and files. Social network and social interaction using mobile
and cloud platforms capture vast amounts of data that can be mined to discover implicit knowledge,
common beliefs, preferences, and experiences, that could potentially empower users to learn from each other
and together. Social computing can be broadly defined as the computational facilitation of social studies and
human social dynamics as well as the design and use of computing technologies that consider social context.
Social computing empowers individual users with relatively low technological sophistication to use the web
to engage in social interactions, contribute their expertise and share their content, experiences and opinions
Impact of Social Computing
Social Media has impacted almost every section of the society including professionals, scientists , students
and even a housewife. The spreading of information through social media has become very easy and
affordable. Social computing techniques enable and support communication and collaboration between
service providers and consumers. One of the interesting features of social networks is their growth
characteristics: sudden and unpredictable. Social networks grow in members and contents following the
principle of human dynamics—bursts followed by a long tail.Mobile devices, smartphones in particular,
have penetrated our social life, compounding this social communication revolution and its need for
scalability of processing power.
One of the problems with smart phones is the limitation of their battery power. The increasing complexity of
new mobile applications puts a heavy load on batteries. To overcome this problem, some techniques off-load
mobile computations to software clones of real devices in the cloud. This process involves communication
among many entities like mobile devices, their clones, the cloud providers, and mobile network operators.

NBKRIST, VIDYANAGAR 11 Prepared by K.KIRAN

 CYBER SECURITY (R20)
Establishing trust in the communication chain, more specifically with the cloud provider and the mobile
network operators, is challenging. A lot of private information could be eavesdropped on and revealed.
On the other hand , social media has also negative impact when not used carefully. The youth is wasting
most of the time in just scrolling the webpages , gaining less and wasting more time in learning nothing.
Challenges
As a highly inter disciplinary field, research on social computing requires vast collaboration from
researchers from a variety of disciplines, including computer science, social science, anthropology,and
applied physics. For a newcomer, it is hard to obtain an overall view of this field. The growth and popularity
of social networks tend to shortage of computational resources and storage infrastructure for the huge data
traffic generated everyday. The other threats are scalability, maintenance and management. Managing and
processing a network with millions of edges (e.g., LinkedIn), distributing status updates to millions of users
(e.g., Twitter, Facebook, Watsapp, etc.), and distributing user generated content to millions of users spread
across the globe are some of the practical challenges posed by social networks, or the social web in general,
where cloud computing can contribute solutions. An important research area is thus to develop distributed
cloud architectures that can handle sustained traffic generated by millions of users in social
networks.Whether it is for a social or political event, a marketing campaign or an emergency scenario, it is
important to know how to disseminate information on the social web so that it has the desired impact. This
requires identifying the influential nodes in the network and providing the right incentives for them to
propagate the desired message.

Protecting People’s privacy in the organization

• Tracking and monitoring people on the Internet is a controversial issue.
• From privacy perspective, people would hate to be monitored in terms of what they are doing, what they
are moving, etc.

Organizational guidelines for internet usage

Appropriate Internet Usage by Employee
Employees are advised to use organization’s internet connection for the following reasons:
1. To complete their job duties.
2. To seek out information that they can use to improve their work.
3. To access their social media accounts, while conforming to social media policy and privacy
4. Employees should:
– Log into their corporate accounts only from safe devices.
– Use strong passwords to log into work-related websites and services.
– Keep their passwords confidential at all times.

Inappropriate Internet Usage by Employee

Employees mustn’t use organization’s internet connection for the following reasons:
1. Download or upload obscene, offensive or illegal material.
2. Send confidential information to unauthorized recipients.
3. Invade (assault) another person’s privacy and sensitive information.
4. Download or upload copyrighted software and other digital data such as movies and music.
5. Perform unauthorized or illegal actions, like hacking, fraud, buying/selling illegal goods.

Safe Computing Guidelines and Computer Usage Policy

1. Install anti-virus software
2. Keep Operating System up to date
3. Take a back-up
4. Use a secure password
5. Use a desktop firewall
6. Keep programs up-to-date with the latest patches

NBKRIST, VIDYANAGAR 12 Prepared by K.KIRAN

 CYBER SECURITY (R20)
7. Physically secure your computer
8. Log out when you don’t use
9. Don't store sensitive data on your computer
10. Exercise Internet and email safety

Incident Handling: An Essential Component of Cyber security

Computer security incident means “any adverse event which compromises some aspects of computer or
computer network security”.
Classification of incidents:
• IT security incidents
• Data incidents / Data privacy incidents

– Any loss/theft of organizational confidential data or client information

IT Incidents
Following are the types of IT security incidents:
• Inappropriate usage of organization’s assets/resources
• Tampering with IT controls such as disabling firewall, stopping antivirus software, etc
• Unauthorized changes to IT systems
• Spam and email forgery
• Use of unlicensed software / tools / applications
• Downloading inappropriate materials
• DoS that affects services to legitimate users
Priorities of Incidents
Incidents are prioritized as follows:
1. High priority incidents
These have high impact on the organization’s business or service to customer. Incident response team must
respond immediately.
Ex: Malicious code attacks including Trojan horse program, Virus infections and unauthorized system
access
2. Medium priority incidents
These have significantly moderate impact on organization’s business or service to customers.
Incident response team can respond using standard procedures within normal management structures.
Ex: Password cracking attempts.
3. Low priority incidents
These have low impact on the organization’s business or services to customer. Incident response team can
respond using standard procedures when time allows. Ex: Denial access to the system due to unexpected
lockout.

NBKRIST, VIDYANAGAR 13 Prepared by K.KIRAN