INVESTIGATIVE ANALYSIS OF THE FINANCIAL IMPLICATION OF COMPUTER VIRUS ATTACK ON ORGANIZATION’S DATA ASSET
ABSTRACT
This study investigates the financial implication of computer virus attack on organization’s information. Unlike previous studies that used an event study methodology, we used a matched-sample comparison analysis to investigate the financial implication of virus attack. To investigate this implication, we considered the method following the virus attack and determine if the affected organization suffers financial challenges compared to that of the peer organizations. It also identifies the need for organizations to address the issue of virus infection in its computer system as well as how organizations should proceed in order for these efforts to be successful. The authors present a schema to serve as a basis for future research and as a guide for organizational response. Overall the paper highlights the importance of culture in adequately addressing the risks associated with virus attack. The results suggested that data asset virus attack has minimal long term financial implication. One possible explanation is that the affected organization responds to the attack by making additional virus prevention investment to prevent from any future similar incident. This can lead to either help reduce the negative reputation of the firm caused by the virus attack or even has a positive long-term economic impact on the organization.
TABLE OF CONTENTS
Abstract
Table of Contents
List of Tables
CHAPTER ONE
INTRODUCTION
1.0 Introduction
1.1 Theoretical background
1.2 Statement of the problem
1.3 Aim and objectives of the study
1.4 Significant of the study
1.5 Scope of the study
1.6 Organization of the research
1.7 Definition of keyword terms
CHAPTER TWO
LITERATURE REVIEW
2.0 Introduction
2.1 Attacks on Computer Systems
2.2 Computer Viruses
2.2.1 Type of Targeted File
2.2.2. Longevity
2.3 Computer Virus Attack/Security Breach and Impact on Performance
CHAPTER THREE
RESEARCH METHODOLOGY
3.0 Introduction
3.1 Sample Selection
3.1.1 Financial Performance Measures
CHAPTER FOUR
RESULTS
4.0 Within Organization Differences
4.1 Results of the Treatment Samples
4.2 Results of the Control Samples
4.3 Between Organization Differences
SUMMARY, CONCLUSION AND RECOMMENDATION
5.0 Introduction
5.1 Constraint of the Study
5.2 Summary
5.3 Conclusion
5.4 Recommendation
References
LIST OF TABLES
Table 1: Descriptive Statistics
Table 2: Description of Financial Performance Measures
Table 3: Within Organizations Differences Analysis
Table 4: Between Firm Differences Analysis
CHAPTER ONE
INTRODUCTION
1.0 Introduction
As the number of organizations that conduct their businesses electronically grows continuously, information protection becomes one of major concerns for top them. According to a recent survey by Forrester, out of 410 IT decision makers, about 75 percent reported that IT security has become critical to their business planning and over 80 percent reported that they are concerned about financial losses from it [20]. In another survey taken from risk managers of the U.S and European companies,
computer risk was ranked as the top concern among European companies and the number two concern among U.S. companies [14].
Information system or data asset protection incidents are also continuously rising. According to the 2005 computer crime and security survey by CSI/FBI, 95 percent of respondents reported that their organization experienced more than 10 Web cite incidents in 2005 compared to only 5 percent of respondents in 2004 [11,12]. The same survey also reported that the average loss per incident from the unauthorized access to information has increased to $300K from 51K and loss from the virus attack data asset has also increased to $356K from $169K since 2004. Thus, a data asset attack incident could result in tremendous financial losses to organizations [8, 22].
Employing an event study methodology, a few previous studies have investigated the market reaction of data asset protection announced publicly [5, 6, 9, 10, 14, 15]. The event study methodology is based on the assumption that capital markets are efficient to evaluate the impact of the events on expected future cash flows of the organization [7]. Overall, these previous studies found that the market discriminates affected companies in the first few days following the public announcement of the virus attack. However, no previous studies have investigated the impact of virus attack on long-term financial implication.
This study investigates the financial implication of virus attack on data asset.
1.1 Theoretical background
Virus has traditionally been spread via downloaded files, email and computer devices most especially storage devices. Expectations are that virus attack will become more common in the future with predictions that a single attack could result in billions of naira in damages alone in 2020. Nowadays, perpetrators of the external attacks (outsiders) can also use Malware to open external network ports to allow systems’ penetration or to perform a remote coordinated denial of service attack.
Denial of service attacks merely attempt to deny legitimate users access to resources by overwhelming a network or system (LabMice.net 2003). This is often achieved through the development of specific computer programs that seek to mount simultaneous attacks on organizational websites, networks or email servers. The content of the attack in itself is not harmful to the target (website, network or email server); however it is the volume of traffic directed at the target that results in slowing of system traffic or total system failure.
Systems penetration by an outsider occurs when a person, external to an organization, gains access to the organization’s computer system through the Internet (or other network system such as a wireless network access point). Once entry to the system is gained, the external attacker is often able to access corporate information.
1.2 Statement of the problem
The affected organizations incur tangible and intangible costs. Thus, we argue that financial implication of these organizations is high compared to others.
Virus can be downloaded when people open an infected email attachment or click a suspicious link in an email, downloading infected files and sharing infected computer devices. Virus can be used to steal your usernames, passwords or other information, which is then forwarded to a third party as such a lot of money is needed in order to stop this from happening.It is therefore on this ground that the researcher aims at investigating the financial implication of this virus attack with focus on highlighting measures, capable of solving the above mentioned problems.
1.3 Aim and objectives of the study
The aim of this project research work is to investigate the financial implication of computer virus attack on organization’s data asset.
The objectives of the study include the following;
- To identify the effects of computer virus attack on the organization’s data asset
- To examine the cost effect of preventing computer virus attack
- To analyse the consequences of financial burden on organization
- To point out the causes of computer virus attack on organization’s data asset
1.4 Significant of the study
This research would be considered worthless if it has no significance to mankind. The following significance can be derives from this research;
- It will make other related organization to see the need of investigating financial implication of computer virus attack on organization’s data asset.
- It will assist in displaying the proper, reliable and effective medium used in managing organization’s data asset.
- Finally, the research work will serve as a good reference material to other student interested in researching further on the similar research topic in future.
1.5 Scope of the study
The research work is focused on organization’s data asset, with selected organizations as case study. Its scope covers the financial implication of computer virus attack on organization’s data asset as it hinders data collection, analysis, storage and retrieval of information. It does not extend to other areas such as data management of the organization.
DOWNLOAD COMPLETE PROJECT MATERIAL
INVESTIGATIVE ANALYSIS OF THE FINANCIAL IMPLICATION OF COMPUTER VIRUS ATTACK ON ORGANIZATION’S DATA ASSET
