Case Study Essay Example | Topics and Well Written Essays - 1250 words - 14

Case Study - Essay Example ed start-up company, the Chief Information Security Officer (CISO) should be well equipped to handle a myriad of challenges and security threats posed by using online transactions. Companies like American Express, Visa, Discover, JCB, and MasterCard among others have experienced information security threats thus the new company should employ mechanisms that should protect information from both internal and external threats. The medium-sized credit card company needs to employ several mechanisms to ensure its customers and their private information remains safe and confidential. There have been cases of credit card frauds that have led to provision of guidelines to help in securing credit cards; for instance, the Payment Card Industry Data Security Standards (PCI DSS) that helps in securing credit cards data. Cyber-criminals careless users, disgruntled former and current employees present major challenges in handling network security especially the experts that target the system with aim of disrupting the normal company operations. There are major advancements that the company needs to perform to ensure cyber threats are kept at bay. Berry (2013) pinpoints several fundamentals that the company should focus on while offering its credit card services to its customers. For the company to be secure, it has to carry out the following tasks: There are vulnerabilities that are exploited by cyber criminals mostly in the operating systems, web browsers, browser plug-ins and software applications among other avenues. The company gadgets and computers that are frequently used should be kept updated thus reducing chances of them being exploited by cyber-criminals. Programs such as Adobe Acrobat, Flash, Oracle, Java, Microsoft Internet Explorer and other MS programs should be kept updated as they are mostly used during credit card usage. Using strong passwords for the cards enhances protection of the customer’s information. Cyber attackers use the loopholes of weak