Application Security-Security Awareness
Consequences to the Organization
It is better to implement cybersecurity measures than deal with security incidents. Training employees is one way of mitigating cyberattacks (Talu, 2020). There are several consequences that an organization can face when employees do not adhere to security measures. The two major consequences are in the form of cyberattacks. These include malware attacks and phishing attacks (Silva, 2020).
Firstly, malware attacks mainly get into an organization’s system through the internet. The malware is then circulated by end-users (Silva, 2020). For example, an end-user could receive an email with an attachment from an unknown sender. Without sufficient training, the end-user would open the attachment and when it does not open immediately, instead prompts the user to run the file, the user clicks on okay. This automatically allows the malware to run and infest the end-user workstation. When sharing work files on the network from the affected workstation to another, the malware would also be shared. As a result, malware would spread fast across the organization’s network. Cyber attackers use malware to illegally collect information from an organization (Bendovschi, 2015). Consequently, this would lead to a data security breach that would pause litigation issues against the company.
On the other hand, phishing attacks occur when user data is collected and used for malicious purposes (Silva, 2020). This information would include usernames and passwords. For example, when employees use an online portal to conduct their duties, they could be redirected to a malicious site and required to provide a username and password. Untrained users would not suspect any foul play. Their login details would be collected and used by attackers to masquerade as legal users. Trained users would notice the redirection to another portal other than the work portal and immediately exit the site without providing login details.
Why this Issue Concerns the Organization’s Personnel
According to research by Talu (2020), employees whom the organization does not train on security measures cause adverse cybersecurity incidents. The reverse is true because trained employees help in protecting the organization’s IT infrastructure. When cybersecurity incidents occur, the organization and employees are negatively impacted. Employees who are end-users in an organization become responsible for their actions when accessing system resources (Talu, 2020). For example, employees handling sensitive data when executing their duties are responsible for maintaining data privacy. They are expected not to share data with unauthorized persons or use it for other purposes outside their duties. Accordingly, this would include keeping their passwords a secret and not sharing them with other system users. Research indicates that employees share their passwords or use simple passwords such as their names or pets’ names. This makes it easy for a hacker to crack the passwords through a brute force attack. If trained employees make such mistakes and a data security incident occurs, the employees would be held responsible, and punitive measures would be used against them.
Moreover, when lawsuits are made against an organization for cases such as breach of data privacy, the organization suffers financially. This is because the organization has to settle damages caused to its customers and other shareholders (Silva, 2020). Consequently, employees suffer too because the company could cut back on allowances and bonuses, and in some cases, employees’ salaries would be affected too. This would be based on the extent of the financial loss experienced by the organization. If the financial impact is adverse, the organization could be declared bankrupt, and employees would lose their jobs.
References
Bendovschi, A. (2015). Cyber-Attacks – Trends, Patterns, and Security Countermeasures. Procedia Economics and Finance, 28, 24-31. https://www.researchgate.net/publication/283967866_Cyber-Attacks_-_Trends_Patterns_and_Security_Countermeasures
Silva, N. R. (2020). Malware attacks Affecting organizations [Doctoral dissertation]. https://www.researchgate.net/publication/348578257_Malware_Attacks_affecting_organizations
Talu, S. (2020). Strategic Measures in Improving Cybersecurity Management in Micro and Small Enterprises. Advances in Economics, Business and Management Research, 156, 521-528. https://www.researchgate.net/publication/346679450_Strategic_Measures_in_Improving_Cybersecurity_Management_in_Micro_and_Small_Enterprises
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question 
Assume you are a security awareness trainer. Part of your job is to convince end users that paying attention to security procedures makes the entire organization more successful.
Application Security-Security Awareness
Answer the following question(s):
What are two consequences to the organization you would emphasize in your training and interaction with personnel to punctuate the importance of following security procedures?
Why should these consequences be of concern to an organization’s personnel?
Fully address the question(s) in this discussion; provide valid rationale for your choices, where applicable, be sure to INCLUDE AT LEAST 3 QUESTIONS in your thread, and respond to at least three other students’ questions.
Sources: 2 References to Support Your Answer
Citation Style: APA format
Length: 2 – 3 paragraphs