School of Commerce and

Management
Department of MBA

NAME- Shruti Pratihari

SEMESTER- 2
ENROLLMENT NO-
AJU/230970

ROLL NO- 29

SESSION- 2023-2025
SUBJECT- COMPUTER APPLICATIONS FOR BUSINESS
1: Basics of Cybersecurity and its Importance

Cybersecurity: refers to the practice of protecting systems, networks,

and data from cyberattacks. It involves implementing measures to
safeguard digital information from unauthorized access, theft, or
damage.

Importance in the Corporate Environment: Cybersecurity is

crucial in a corporate environment due
to the reliance on digital technology
for operations. Businesses handle
sensitive information, such as
customer data and intellectual
property, making them targets for
cybercriminals. Protecting this data is
essential for maintaining business
continuity, customer trust, and legal
compliance.

Consequences of a Cybersecurity
Breach: A breach can lead to
financial losses, reputational
damage, legal penalties, and loss of
customer trust. It can disrupt
business operations and expose
companies to liability.
Critical Industries/Sectors: Cybersecurity is particularly critical in
industries like finance, healthcare, government, and critical
infrastructure (e.g., energy, water). In these sectors, a breach can have
severe consequences for both the organization and the public.

2: Identifying Common Cyber Threats and Risks

1. Phishing:
- Description: Phishing is a
form of social engineering
where attackers send deceptive
emails or messages to trick
individuals into revealing
sensitive information, such as
login credentials or financial
details.

- Impact: Phishing can lead to identity theft, financial fraud, and data
breaches. It compromises company networks and puts sensitive data
at risk.
- Exploitation: Cybercriminals create fake websites and emails that
resemble legitimate sources to deceive users.
2. Malware:
- Description: Malware is malicious software designed to damage
or disrupt systems, steal data, or gain unauthorized access. Types of
malware include viruses, worms, and ransomware.
- Impact: Malware can cause data loss, financial damage, and
operational disruptions. Ransomware encrypts data and demands
payment for its release.
- Exploitation: Malware often spreads through infected email
attachments, downloads, or compromised websites.

3. Insider Threats:
- Description: Insider threats occur when current or former
employees misuse their access to data and systems to harm the
organization. This includes data theft and sabotage.
- Impact: Insider threats can lead to data breaches, financial losses,
and reputational harm. They can also disrupt business operations.
- Exploitation: Insiders may exploit their knowledge of the
company’s systems to bypass security measures and access sensitive
information.

3: Best Practices for Safeguarding Sensitive

Information

1. Data Encryption:
- Strategy: Encrypting data
both in transit and at rest
ensures that even if intercepted,
the data remains unreadable
without the appropriate decryption key.
- Example: Many online banking platforms use encryption to
protect customer transactions.

2. Multi-Factor Authentication (MFA):

- Strategy: Implementing MFA requires users to verify their identity
through multiple means, such as a password and a one-time code sent
to their phone.
- Example: Many organizations use MFA for employee login to
secure access to company networks and data.

3. Regular Software Updates and Patching:

- Strategy: Keeping software and systems up to date helps protect
against known vulnerabilities that cybercriminals could exploit.
- Example: The 2017 Wanna Cry ransomware attack exploited
outdated systems, highlighting the importance of timely software
updates.

4. Employee Training and Awareness:

- Strategy: Educating employees about cyber threats and best
practices helps prevent security incidents. Training can include
recognizing phishing emails and following secure password practices.
- Example: Organizations often conduct simulated phishing
campaigns to test employees’ awareness and provide training on how
to handle suspicious emails.
5. Access Control:
- Strategy: Limiting user
access to data and systems based
on their role minimizes the risk
of unauthorized access and
insider threats.
- Example: Companies use
role-based access control to
restrict employees' access to
sensitive data based on their job
responsibilities.

- Strategy: Having a well-

prepared incident response plan
ensures quick and efficient
handling of cyber incidents to minimize damage.
- Example:Organizations conduct regular drills to ensure
employees know how to respond to a cybersecurity breach.

These best practices help organizations protect sensitive information

and mitigate cyber risks. By implementing these measures, businesses
can enhance their cybersecurity posture and maintain trust with
customers and stakeholders.