IT Security and Cybercrime prevention

Modern has widespread, coordinated criminal effort enabled by a plethora of vulnerabilities of the Internet, browsers, operating systems, and applications that are easily exploited by cybercrime techniques. Cybercriminals have found that compromising employee endpoints is a far simpler path into the corporate network than directly attacking networks. Unpatched “zero-day” vulnerabilities allow cybercriminals to secretly install malware on end user endpoint devices and essentially gain the same level of access to the corporate network, applications, and employee data 

IT Security and Cybercrime Prevention Framework focuses on using business drivers to guide cyber security activities and considering cybersecurity risks as part of the organization’s risk management processes and prevention mechanism. Through use of the Profiles, cybercrime framework help organizations align cybersecurity activities within business requirements, risk tolerances, and resources. The Board and the Executive requires that the Framework include a methodology to protect individual privacy and civil liberties when critical infrastructure organizations conduct cybersecurity prevention activities

‘’There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again. Maintaining a code of silence will not serve us in the long run’’ 

FBI Director Robert Mueller