Week 2 Discussion - Cybersecurity Threats and

Vulnerabilities
Not all professionals and industries face the same types or levels of cyber threats

Discuss the following

1. Explain whether the above statement is TRUE or FALSE

2. Which cyber threat(s) do you believe is universal across all professions and
industries?
3. In your profession or industry, describe and contextualise a particular security
vulnerability that can be a point of entry for a targeted cyber-attack.

Word count: 200 words maximum

The statement “Not all professionals and industries face the same types or levels of cyber
threats” is true. Actually, it depends of so much factors such as the technologies used,
applications involved, the security controls implemented and mainly to the industry in
question which matches with different threat actors, motivations, assets and geopolitical
events that drive adversarial activity in each sector. For instance, the banking and insurance
sector which move money around a lot, is affected by the largest portion of server attacks,
data theft and ransomware cases, according a report by IBM Security X-Force, titled Top 10
industries targeted 2019 vs 2020. Paralysing banks is less of a goal, but accessing internal
systems can yield hefty illicit returns. Yet in the manufacturing industry, where availability at
all times is essential, this paralysis is essential to give strength to ransomwares.

According to the above report the cyber threats that are universal to all profession and
industries, are ransomware and BEC attacks.

The particular security vulnerability in my profession, that can be a point of entry for a
targeted cyber-attack is the problem of weak passwords. Staff are slow and often resistant to
secure password management, and very often the same password is used both for personal
emails and corporate approved applications.