Based on the information
in this case analysis, unfortunately, Deep Blue Robotics (DBR) may face several
different types of threats. These include
but are not limited to malware, advanced persistent threats (APT), hacktivist
threats, physical threats, and misplacement or loss of backup data due to the
use of a courier service (Information Systems Audit and Control Association
(ISACA), 2014a; Marrs, 2015; “The 11 Most Common,” n.d.).
To begin expanding upon a couple of these threats,
malware is an umbrella term to describe programs/software that can be harmful
to a computer or computer system (Wright & Lee, n.d.). Examples of malware are viruses, worms,
Trojans, spyware, ransomware, rootkit, and keylogging (“The 11 Most Common,”
n.d.; Wright & Lee, n.d.). In DBR’s
situation, a keylogging program could capture one of the employee’s passwords
to be able to log into the system to gain access to vital information (“The 11
Most Common,” n.d.). Or ransomware could
encrypt the crucial data in DBR’s system, and demand that the company pays a
certain amount of money to decrypt it (Wright & Lee, n.d.).
Next, when an unauthorized and undetected person/s gains
access into a computer system network to steal valuable data over a lengthy
period of time it is called an APT (Rouse, n.d.). DBR is vulnerable to this type of a threat
due to the network infrastructure at the company. They currently only utilize a simple virus
scanner to protect their virtual private network (VPN) between the two offices
(ISACA, 2014b). Therefore, it would be
very simple for an unwanted individual or group of individuals to gain access
into the network, and go unnoticed for a great deal of time.
Lastly, physical threats involve any type of disaster
like a fire, storm (e.g. tornado, hurricane, etc.), or loss of power that could
negatively impact the computer system and workflow at the company (Marrs,
2015). Since DBR keeps all of the
servers in one place at the head office, the company is putting itself in a
risky situation if any of these types of disasters occur. Although daily backups are conducted, if all
of the servers are destroyed, there would be nothing to run the backup on until
they are replaced.