Trust in the Digital Marketplace: Key Metrics for E-Commerce Security

179 views 5 pages ~ 1174 words Print

E-commerce has continued to gain traction in the United States. Currently, 80% of Americans using the internet are online shoppers (Laudon & Traver 2013). The huge number of internet shoppers has made e-commerce to be a lucrative business undertaking. Nevertheless, e-commerce is faced with tremendous security challenges such as phishing, hacking, and sniffing. The vulnerability of a small e-commerce shop can be minimized by adopting the following security metrics: vulnerable management, patch management, email, and malware management.

Vulnerability management

            The computer networks and software are an increased risk of security threats. However, vulnerability management can greatly lower the risk of cyber threats. Vulnerable management deals with filtering of security risks that threaten computer networks and software of an e-commerce business (Bunker et al 2014). The protection of computer software and the network is executed in real time. The generation of real-time data on the vulnerability of the security system helps to prevent data intrusion, publication or theft of sensitive information.

Vulnerability management creates a database of network vulnerabilities that help to filter out security risks or create security updates and notifications in real time (Bunker et al 2014). Network vulnerability can be realized through the use of Intrusion Protection System which detects and filters out the security threats. Another method of preventing network vulnerability is to identify or detect any intrusions occurring to the computer network and then sending security notifications to the e-commerce business. As such, it acts as an alarm system that notifies the e-commerce about intrusions that are happening to the network environment in real time.

Patch management

            Patches are additional codes that help to update software in order to reduce vulnerability to security issues (Mell et al 2015). Patch management is important since it allows upgrades to software especially to fix or solve any issues present in the software following its initial release. It also prevents vulnerabilities to the network infrastructure. A small e-commerce shop can take advantage of the automated patch management system to continuously update software and networks. However, computers with unique configurations or ones that are impossible to update using automated patching tool require manual patching.

E-mail

            E-mail plays a useful role in facilitating communication and flow of information in a cost-effective manner. Utilization of e-mails, however, is vulnerable to spamming and phishing (Hearth et al 2014). Use of e-mails can help people with malicious intentions to access financial and personal information of other internet users leading to online fraud as well as identity threat. In addition, e-mails can be used wrongly to send malware to unsuspecting internet users. The security threats alter or corrupt data and increase the vulnerability of personal information. Email filters are used to curtail online security threats. E-mail filters allow blockage of malicious emails.

            Mechanisms to determine sender authentication have also been developed to minimize online security threats (Hearth et al 2014). E-mail authentication systems include proofPoint and GlobalSign which allow safe e-commerce to take place. The mechanisms prevent the malicious emails from being delivered to the email account holders. In addition, it can also allow the email account holder to verify the authenticity of the emails sent. This is important since the authenticity of the domain used can be established before allowing the emails to reach the user thus preventing spamming and other online security issues.

Malware management

            Malware is malicious software that is used to inflict harm on a computer system. Malicious software can cause data intrusion, corrupt, erase or crash the computer system (Blumfield et al 2013). In addition, they can interfere with the normal operations of the computer system. One of the common malware is spyware. Spyware cause data breaching or intrusion and steal sensitive data that is later used to target specific internet users with specific commercial advertisements. Malware can be managed by using two approaches: introducing antivirus software to a computer network system and quarantining software.

            Introducing antivirus software is used to prevent the vulnerability of a computer system to worms and viruses (Blumfield et al 2013). The antivirus software works by scanning data in order to identify the signature used by malware. The antivirus software must be continuously updated in order to detect and protect the computer system from attack by malware. Antivirus software can also be used to quarantine computer systems and software once infection by malware occurs. Malware can be isolated by altering data. Quarantine can also help to prevent the deletion of files that have been wrongly categorized as malware.

Key Performance Indicator (KPI)

            Security operations greatly depend on KPIs in coming up with measurable goals (Moran 2018). The goals set help to analyze data in order to identify potential malicious activity. Key Performance Indicators ensure that actionable data generated can be used continuously to address security issues that threaten the security operations of an organization. Examples of operational security KPIs include a source of a security incident, time spent to detect a malicious activity, the number of security analysts allocated to a given assignment. The KPIs above are analyzed in the table below:

Key Performance Indicator (KPI)

The likely measurements

Source of security incident

-the number of security analysts on an average per event

-the number of security analysts on an average per event type

Time spent to detect a malicious activity

-time spent to detect a malicious activity in days/hour/minutes

-average time spent to successfully detect a malicious activity

-outliers

The number of security analysts allocated to a given assignment

-average number of security analysts in each event/event type

Average number of security analysts per security level

Conclusion

            E-commerce is a profitable business undertaking that is increasingly becoming popular among internet users. However, the use of the internet makes e-commerce vulnerable to malicious attacks like hacking and phishing. E-commerce businesses must invest in technologies such as email filters and intrusion protection systems that reduce vulnerability to online security issues in order to continue enjoying the numerous business opportunities.

References

Blumfield, A., Bisso, R., & Schaefer, E. (2013). U.S. Patent No. 8,381,298. Washington, DC: U.S. Patent and Trademark Office. Retrieved from: https://patents.google.com/patent/US8381298B2/en

Bunker, E., Bunker, N., Mitchell, K., & Harris, D. (2014). U.S. Patent No. 8,881,272. Washington, DC: U.S. Patent and Trademark Office. Retrieved from:

https://patentimages.storage.googleapis.com/f6/77/25/04fa94d2e058b3/US8881272.pdf

Herath, T., Chen, R., Wang, J., Banjara, K., Wilbur, J., & Rao, H. R. (2014). Security services as coping mechanisms: an investigation into user intention to adopt an email authentication service. Information systems journal, 24(1), 61-84. Retrieved from:

https://pdfs.semanticscholar.org/2b96/6319a10dc131ca89b9c3ddd97deedb24da64.pdf

Laudon, K. C., & Traver, C. G. (2013). E-commerce. Pearson. Retrieved from:

https://www.cpe.ku.ac.th/~mcs/courses/2008_01/214571/slides/Laudon_Traver_E-commerce4E_Chapter09.pdf

Mell, P., Bergeron, T., & Henning, D. (2005). Creating a patch and vulnerability management program. NIST Special Publication, 800, 40. Retrieved from:

http://www.datasecuritypolicies.com/wp-content/uploads/2007/04/nist-vulnerability-management-program-sp800-40v2.pdf

Moran, J. (2018). Key Performance Indicators (KPIs) for Security Operations and Incident Response. DFLABS. Retrieved from: https://www.dflabs.com/wp-content/uploads/2018/03/KPIs_for_Security_Operations_and_Incident_Response-2.pdf

September 11, 2023
Category:

Business

Subcategory:

Corporations

Subject area:

Company

Number of pages

5

Number of words

1174

Downloads:

35

Writer #

Rate:

4.8

Expertise Company
Verified writer

I enjoyed every bit of working with Krypto for three business tasks that I needed to complete. Zero plagiarism and great sources that are always fresh. My professor loves the job! Recommended if you need to keep things unique!

Hire Writer

Use this essay example as a template for assignments, a source of information, and to borrow arguments and ideas for your paper. Remember, it is publicly available to other students and search engines, so direct copying may result in plagiarism.

Eliminate the stress of research and writing!

Hire one of our experts to create a completely original paper even in 3 hours!

Hire a Pro

Similar Categories