How To Deal With The Consequences
Just losing assets is one of the consequences of cyber misbehavior in e-commerce. Whether the attacker is inside or outside the organization, most of the time victims suffer from negative publicity. This can harm the organization’s fame and reputation very badly, erode business relationships with the customers and other stakeholders and reduce the amount of potential revenue. According to the reports of a survey that was conducted by Gallup organization for a marketing firm At Plan in March 2000 it was seen that consumers have been hurt badly by attack on different prominent sites. Almost one-third of the overall consumers stated that they might not be that much interested in purchasing products via the World Wide Web because of the recent news of cyber crimes. Almost seven out of every 10 online shoppers who were contacted via telephone said that they were concerned about the cyber attacks that has blocked access to prominent websites like Yahoo, Amazon etc.
Because of this ever present array of cyber threats, it is very important for the organizations to develop a cyber defense program that will interlace preventive measures into the e-business operations stuff.
But only prevention is not enough. Along with prevention, a defense program should also be developed for detection. Because, if you cannot detect the attacker, how will you prevent the attack? The detection process should be like a sound forensic incident response process. Because by the establishment of such procedure, policies as well as procedures for the departmental and individual behaviors are established. Along with that, ongoing communication process for the employees, other stakeholders, analysts, press is encompassed. This incident response process is very much important because it cannot be geared just for the emergency situations. An interesting thing is that the organizations repel lot of attacks everyday. In the world of interconnected business, these attacks are a part of everyday life of the organizations. But that does not mean that everyone should be treated or suspected as attacker. Then it will be impossible to conduct business. For that the organization leaders need to be judicious enough to detect different types of attacks. They should remember that attempted hacks are equally illegal to successful ones. The attempted perpetrators also need to be detected and punished. In emergency situations, the most important thing is to preserve the forensic evidence for the identification, apprehension and prosecution of the perpetrator.
E-business security is an ongoing and comprehensive process of adding, managing and removing layers of actions that are based on holistic strategies of risk management. As the organizations are providing system access to the inside and outside people, they should integrate a cyber defense system that encompasses all the possible points of interconnection, from the inside out. This is very much important because failing to do so can leave the organization vulnerable to different kinds of cyber attacks, both inside and outside the organization. That will not be good for the organization’s business. So it is important to design a very good cyber defense system.