Name TSITSI KASHIRI

Reg Number
M23620F

Program
INFORMATION SYSTEMS

Module MANAGEMENT INFORMATION SYSTEMS

[INSY212]

ASSIGNMENT 2

Lecturer MR RANGANAI
Question 2: Information security is a critical aspect of management information systems.
Discuss the major threats and challenges related to information security in organizations.
Identify and explain strategies and best practices that organizations can implement to
mitigate these threats and ensure data confidentiality, integrity, and availability.

Information Security is the practice of preventing unauthorized access, use, disclosure,

disruption, modification, inspection, recording, or destruction of information. With the
increasing frequency and sophistication of cyber threats, organizations face significant risks to
the confidentiality, integrity, and availability of their sensitive information. The following essay
is going to provide an overview of the key aspects and challenges related to organizational
information security, highlights the importance of implementing robust security measures, such
as firewalls, intrusion detection systems, encryption technologies, and secure coding practices, to
protect against external threats. It is also going to demonstrates the need for continuous
monitoring, threat intelligence sharing, and incident response capabilities to detect and respond
to security incidents effectively2.
In 2020, Zimbabwe Revenue Authority (ZIMRA) experienced a data breach that exposed
sensitive information of taxpayers and in this incident, hackers gained unauthorized access to the
sensitive taxpayer information, including personal identification details, financial records, and
tax compliance statuses. The stolen data could be used for identity theft, fraud, and other
malicious activities. The incident highlighted the vulnerability of organizations that handle vast
amounts of personal data and raised concerns about the security practices and measures
implemented by such entities. The breach not only had severe implications for the affected
individuals but also resulted in a significant loss of trust in ZIMRA and the credit reporting
industry as a whole. The incident attracted scrutiny from regulatory bodies and stakeholders
who called for improved cybersecurity measures within governmental institutions.

We also have malware attacks which are malicious software, such as viruses, worms, trojans,
ransomware, and spyware, that can infiltrate systems and networks, infecting computers and
stealing or damaging data2. For example the Ministry of Health and Child Care was attacked by
ransomware, which encrypted critical files and demanded a ransom for decryption. The attack
disrupted operations within the ministry, affecting access to important health data and services at
a critical time, especially during the COVID-19 pandemic. The disruption raised concerns about
the delivery of essential health services, as the Ministry struggled to access necessary
information for service provision. The nature of the data involved was particularly sensitive, and
the potential for exposure or misuse heightened concerns regarding patient privacy and public
trust.

In addition we have phishing and social engineering where phishing involves tricking individuals
into revealing sensitive information or performing actions that can compromise security. CBZ
Bank and Standard Chartered Bank for instance, have reported incidents where customers
received fraudulent emails and SMS messages where attackers impersonated bank
representatives, sending messages that appeared to be legitimate requests for account verification
or updates. These messages often contained links to fake websites designed to capture login
credentials. Customers who fell for these phishing attempts had their accounts compromised,
leading to unauthorized transactions and financial losses.

Social engineering techniques exploit human vulnerabilities to manipulate people into divulging
confidential information or granting unauthorized access. An examples of social engineering
incidents that occurred on a local non-governmental organization (NGO) where an attacker
posed as a senior official from the NGO and contacted a staff member via phone. They requested
sensitive information about ongoing projects and financial details, claiming it was for an urgent
report. The staff member, believing they were speaking to a legitimate authority, inadvertently
shared confidential information. This incident highlighted the importance of verifying identities,
especially when sensitive data is involved.

During election periods, there have been concerns about cyberattacks aimed at discrediting
opposition parties or influencing public opinion. These attacks often involve misinformation
campaigns and targeted hacking attempts and they are known as Advanced Persistent Threats
(APTs) which are, sophisticated and targeted attacks usually perpetrated by well-funded and
organized groups. They involve long-term infiltration, espionage, and data exfiltration, with the
aim of gaining unauthorized access to sensitive information.

Furthermore, we have Distributed Denial of Service (DDoS) Attacks that overwhelm a network,
system, or application with a flood of traffic, rendering it inaccessible to legitimate users. These
attacks disrupt services, leading to financial loss and reputational damage. Physical security
breaches has been an issue as unauthorized access to physical spaces, such as data centers or
offices, where sensitive information is stored has been reported. Theft or tampering with physical
assets, such as servers or storage devices, can lead to significant data breaches.

Organizations leveraging cloud services are facing risks such as data breaches, insecure APIs,
mis-configurations, insider threats at the cloud provider, and lack of control over data security.
There is also an issue of insider threats, where inside with authorized access to an organization's
systems and data can intentionally or inadvertently cause harm. This includes employees,
contractors, or business partners who misuse their privileges, steal data, or accidentally expose
sensitive information3

To protect against information security threats, organizations should employ various

technologies that work together to create a robust defense posture. We have Intrusion Detection
and Prevention Systems (IDPS) technologies which monitors network traffic and system
activities, looking for suspicious patterns or behaviors that may indicate an intrusion. They can
alert security personnel or automatically take action to block or mitigate potential threats.

Moreover, we also have data encryption technologies which transform sensitive data into
unreadable formats , ensuring that even if intercepted, the information remains protected . It is
commonly used for data at rest (stored data) and data in transit (communication
channels)3.Firewalls can also be employed as they act as a first line of defense by monitoring
and controlling incoming and outgoing network traffic based on predetermined security rules .
They help prevent unauthorized access and protect against external threats.

We can use Multi-factor Authentication (MFA) that adds an extra layer of security by requiring
users to provide multiple forms of identification for example passwords, biometrics, security
tokens to verify their identities. This mitigates the risk of unauthorized access due to
compromised passwords. Antivirus and Anti-malware Software can also be employed as these
technologies scan systems for known viruses, malware, and other malicious software. They help
detect and remove or quarantine threats, protecting against a wide range of malicious code and
exploits.

While significant advancements have been made in the prevention of organizational information
security threats, there are still several research gaps that need to be addressed, where further
research is needed for improved techniques to detect and mitigate advanced persistent threats
(APTs) and zero-day attacks. Therefore, research is required to develop more effective
approaches for identifying and responding to emerging threats in real-time.

Insider threats continue to be a significant concern for organizations. Further research is needed
to develop robust techniques for detecting and mitigating insider threats, including the use of
behavioral analytics, anomaly detection, and privileged user monitoring.

The proliferation of Internet of Things (IoT) Devices in various sectors introduces new security
challenges. More research work is needed to address vulnerabilities in IoT devices, develop
secure communication protocols, and design effective security architectures to protect against
IoT-related threats. Artificial Intelligence (AI) and Machine Learning (ML) technologies are
being increasingly integrated into security systems. However, there is a need to study the
potential vulnerabilities and adversarial attacks that can exploit AI/ML algorithms, as well as
develop techniques to secure and defend against such attacks.

With the growing concerns over data privacy, there is a need for research on privacy preserving
technologies. This includes developing methods for secure data sharing, privacy-enhancing data
analysis techniques, and secure computation protocols that protect sensitive information while
still enabling valuable insights to be derived.

Human behavior remains a critical factor in organizational security. There is need for research
directed towards better understanding human vulnerabilities, motivations, and decision-making
processes that can lead to security breaches. This includes studying user awareness, training
effectiveness, and designing user-centric security interfaces and systems.

Enhancing collaboration and information sharing among organizations and security

professionals is crucial in combating evolving threats. A need arises to develop frameworks,
protocols, and platforms that facilitate the sharing of timely and actionable threat intelligence
while addressing privacy and trust concerns.

In conclusion to the above discussion, the rapid pace of technological advancements and the
increasing connectivity of systems further amplify the complexity of securing organizational
information. To navigate this landscape effectively, organizations need to adopt a comprehensive
and proactive approach to information security. This includes implementing a combination of
robust technologies, well defined policies and procedures, regular training and awareness
programs, and incident response capabilities. Collaboration with external partners, such as threat
intelligence providers and industry peers, is also crucial for staying ahead of evolving threats.

References

[1] Tounsi W, Rais H. A survey on technical threat intelligence in the age of sophisticated cyber
attacks. Computers & security. 2018 Jan 1, 72:212-33.

[2] Skopik F, Settanni G, Fiedler R. A problem shared is a problem halved: A survey on the
dimensions of collective cyber defense through security information sharing. Computers &
Security. 2016 Jul 1, 60:154-76.

[3] Whyte C, Mazanec BM. Understanding Cyber-Warfare: Politics, Policy and Strategy. Taylor
& Francis, 2023 Apr 18.

[4] Jimo S, Abdullah T, Jamal A. IoE Security Risk Analysis in a Modern Hospital Ecosystem.
InCybersecurity in the Age of Smart Societies: Proceedings of the 14th International Conference
on Global Security, Safety and Sustainability, London, September 2022 2023 Jan 3 (pp. 451-
467). Cham: Springer International Publishing.

[5] Renaud K, Flowerday S, Warkentin M, Cockshott P, Orgeron C. Is the responsibilization of

the cyber security risk reasonable and judicious?. Computers & Security. 2018 Sep 1, 78:198-
211.

[6] Abduljabbar ZA, Abduljaleel IQ, Ma J, Al Sibahee MA, Nyangaresi VO, Honi DG,
Abdulsada AI, Jiao X. Provably secure and fast color image encryption algorithm based on s-
boxes and hyperchaotic map. IEEE Access. 2022 Feb 11, 10:26257-70.

[7] Datta P. Supply network resilience: a systematic literature review and future research. The
International Journal of Logistics Management. 2017 Nov 13.

[8] DiMaggio J. The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware,

and Organized Cybercrime. No Starch Press, 2022 Apr 26.

[9] Ryan M. Ransomware Revolution: The Rise of a Prodigious Cyber Threat.

Berlin/Heidelberg, Germany: Springer, 2021 Feb 24.5