Insider Threat The Literature Review covers the three main types of Insider Threats:1. Human Error: Mistakes made by employees or third-party associates play a huge role in cyberattacks, which range from sending emails containing confidential information to the wrong recipients, to sending confidential information to home systems using personal email addresses, to theft of work devices containing login accounts and passwords.2. Leaked passwords: Employees with the intent to damage the business’ reputation by stealing or leaking confidential information and/ or passwords to outsiders.3. A Wolf in Sheep’s Clothing: Hackers or cyber thieves steal the identity of an employee by using malware or phishing attacks to compromising their system. Others utilize stolen credentials that they have collected from their victim’s social accounts (Zadelhoff, 2016).The insider threat to a retail business is one of the most dangerous and imminent cyber threats. As an employee or third party affiliate, users have access to a significant amount of online or digitalized data because they supply the retailer with goods and services. Employees are assigned workstations which more often than not include some type of computer, laptop, or mobile device. These devices store company statistics, customer databases, payment accounts, and other confidential/privileged information. Insider threats are given the authorized computer access to modify and erase company data. They can also provide or sell their login credentials to motivated hackers or cyber thieves.Web App AttacksWeb application attacks are intended to exploit any software flaws or shortcomings that present in the actual protocols and applications (NSFOCUS, n.d.). These attacks try to interrupt service by overwhelming memory, CPU, or storage resources found in the servers that are running the application, ultimately making the application inaccessible to authorized users. Web attacks can also crash the application by transmitting malicious communications or unanticipated input to the application. Examples of Web application attacks include: SIP header manipulation attacks, HTTP GET/POST attacks, and SQL injection attacks (NSFOCUS, n.d.). The retail industry ranked third place for the highest number of vulnerabilities clearly illustrating the cyber threat of web applications (Franko, 2017). Every day, more technological advances are made. In order to keep up with the times and continue to make revenue, retail businesses must have a significant online presence. The convenience of having goods and services available at the tip of your fingertips is key. Retail businesses can reach consumers that are physically unable to travel to the store. This urgent need to have an online presence makes retail businesses more vulnerable to a cyberattack. 205 days to repair vulnerabilities is a substantial amount of time in which a retail business can remain accessible to the hacker and susceptible to a greater breach of information security (Franko, 2017). DoS Attacks When it comes to DoS attacks, hackers will stop users from accessing the retail business’ online services. This means that consumers will be unable to purchase goods or services on the retailer’s website. The Literature Review lists the following basic DoS attacks: 1. Flooding the network to interrupt and halt legitimate network traffic2. Disrupting the network connections between two devices, and in turn denying the use of a service3. Blocking a specific user from using a service4. Discontinuing a service for a specific individual or user5. Interrupting the state of information, like resetting of TCP sessions (Techopedia Inc., 2017) Participation in E-commerce is essential for a successful retail business. DoS attacks create frustration, loss of revenue, and missed sale opportunities. Over time, the retail business’ customer database will deplete as a result of a decrease in customer trust and loyalty. There are direct and indirect costs of a DoS attack to the victim. Generally, direct costs like direct revenue are easier to quantify and can be linked to the attack instantly. Whereas indirect costs such as damage to the brand and loss of customers, are much harder to spot and their consequences almost always go undetected for weeks, months or even years following the initial attack (NSFOCUS, n.d.). Many assessments and reports have been conducted to study the cost of DoS attacks. Although the outcomes of these studies differ based on several factors including industry, size of the business, security budget, etc., the cost is strongly related to the duration of the outage produced by the DoS attack (NSFOCUS, n.d.). The amount of downtime after a DoS attack is approximately 54 minutes and the cost for each minute of downtime is approximately $22,000. However, the cost per minute of downtime can vary from $1 to over $100,000 per minute (NSFOCUS, n.d.).POS Security IssuesOne of the leading sources of stolen payment cards for cybercriminals is Point-of-sale malware. The threat of POS malware originated 2005, since then attackers improved their techniques, and successfully breached around 100 million payment cards in the United States between 2013 and 2014 (Symantec Corporation, 2014). The escalation of POS attacks is partially due to the availability of POS malware kits on the Dark Net. Attackers can buy tools that can potentially easily cost them millions of dollars. Although there have been major developments in card security and PCI Compliance standards, there are still deficiencies in the security of POS systems (Symantec Corporation, 2014). As discussed in the Literature Review, hackers steal customer information in one of two methods, and then return to the Dark Net to sell the information to a third party (Rouse, 2015). The hacker can either infiltrate the databases where the information is stored or obtain the data during the checkout process (Rouse, 2015). Similar to consumers not needing to set foot inside the store, POS malware allows hackers the ability to gather information without ever having the comfort of their workstation. This along with other general security vulnerabilities in corporate IT infrastructure means that retail businesses are unprotected against creative and organized hackers (Symantec Corporation, 2014). Although there have been major improvements in card security technologies and PCI-DSS requirements, holes in the security of POS systems still exist. They include:• Accessibility – breaches caused by direct access to POS systems along with the corporate network.• Lack of point-to-point encryption (P2PE) – no credit card number encryption in the POS system and numbers can be found in plain text within the memory of the POS system (Symantec Corporation, 2015). • Software vulnerabilities –older operating systems, such as Windows XP or Windows XP Embedded, these systems are more vulnerable to attack. • Susceptibility to malicious code – Many POS systems run on a version of Windows, therefore they are susceptible to any malware that runs on Windows (Symantec Corporation, 2015).Payment Card Skimmers Credit/Debit Card skimmers are usually difficult to spot. As mentioned in the Literature Review, these devices can be found on gas station pumps, ATMs, or they can be portable (Brittain, 2017). Once the card information is copied by the skimmer, the hacker can then use the information to steal another person’s identity, sell the card information on the Dark Net, or create brand new fraudulent cards. The fraudulent credit/debit cards are then used for shopping sprees. Often times these fraudulent cards are printed with bogus names to evade detection. By the time the true cardholder receives their credit card statement that they discover their card information has been breached the hacker could have maxed out their credit card (Brittain, 2017).Theme Two: Damage Control Research question two: What recommendations could be made to mitigate future threats? Establish IT governance Creating an IT governance program that incorporates people, procedures and devices is essential when supplying the groundwork for the security necessary to push business modernization while still alleviating risk, mitigating costs and lessening the burden of regulation (Symantec Corporation, 2015). Training is a must. As the network grows with each new customer and business partnership, the business becomes more susceptible to the risk of a cyberattack.