This report is to critically evaluate and make a research foundation for further research. The main focus of the previous assignments was to review the cybercrime environments in some sector where the impact of the crime is high (Soomro 2016). Therefore, the organisation chosen is of manufacturing sector in mining called BHP Billiton. The research design and approach to conducting the research in the field is also outlined in the following discussions. The project objectives of doing the research are also discussed (Sales 2012). The data collection process and research limitations while doing the research is opined as suitable. Based on the research method and outlines activity the main tasks are scheduled in a chart below.
- To analyse the cyber protection level of the company by doing primary and secondary research of the company
- To build a primary foundation of doing research and gather data for to analyse
- To recommend further usage and increase responsibility of the companies regarding cyber crime and cite the advantage of using such protection system
The main scope of doing this research is to gather primary research data for further usage of the cyber crime laws and regulations. Further, this project will be useful for those companies, which are very prone to data hacking. This advantage of this research will be helpful in having further knowledge in this regard. The recommendations can also be useful for the companies, which are trying to incorporate the cyber security programs in their company and planning for implementing further improvement. The scope of this project also lies in recommendations of to develop more protections for the companies facing the cyber hacking problems and initiate actions to increase the responsibility of the companies towards their dat.
With the evolution of the technology, crime in the cyber space has also increased. The negative aspect of internet and technologies, the scope of crime has become a challenging aspect that threatens the company (Sales 2012). Therefore, the essential part of the process is to practise the preventive methods to increase cyber security. The company that are getting more responsibility about cyber security aspect is identified to be BHP Billiton, which tries to secure its data from cyber attacks. This company uses different internet protocols and recruited nine-security architecture for professional security purpose. It has a separate unit of the for cyber security, which incorporates security governance and risk mitigation group and compliance group. The transactional data that the company have or shares with their stakeholders are protected, recognised and analysed thoroughly.
There are many policies regarding cyber security that the company goes by, for insecurity of information. The responsibility of the company is also in the matter of national security and economic growth. The CIIP handbooks that gives an overview of how the security infrastructure must be in the issues that makes the mitigation of the company’s security more reliable are discussed and abide by in the process (Tonge et al. 2013). The critical sectors that gets affected by the cyber crime like breach of company data, Botnets, web based attacks, malicious software, malwares and malicious codes, virus, and Trojans. BHP takes different kind of initiatives in mitigates vulnerabilities of the systems, and protects its assets (Crozier 2017). The plan to employ the CIRT (critical incident response team) is also a stern step to revise the remaining security system of the company’s different process. BHP Billiton is also reinforcing their organization’s security architecture resources, which is outside the domain of specific security of the companies data (Jacobs 2016). The organization security architecture team of BHP Billiton will be leading globally based out of Melbourne. This new security team also in process of designing, implementing, supporting and documenting the architecture of security infrastructure. The collective security methods like using firewalls, role based access, physical separation, encryption of data and backing up the data for future use in emergency are also part of the process of security methods (Jacobs 2016). Cyber crime and security team always conducts an adequate audit trails in application to analyze the root cause of these kind of data breaches and crimes. To perform the administrative task in the company regarding security measures BHP Billiton conducts research for tracking the objectives of cyber security functional initiatives in partnerships with high level of authority.
- What are the risks involved in cyber crime for an organisation and what is the responsibility of the owners of the business in mitigating the risk?
- How BHP Billiton uses the cyber security programs?
- What are the data hacking risk factors affects the impacts the operation of the company?
- What are the different types of risk that BHP Billiton faces in their organisation and what protection level does it use in their company?
Research design and methodology
The research methodology here includes both qualitative research and quantitative research from the secondary and primary data. The qualitative approach is known as the respondent’s unstructured responds in different categorical variable but a quantitative research is based on the huge number of respondent’s survey analysis. This helps in generalising the responds for the research purpose.
In a research, approach of reliability and validity outlines the main concerns of the research system. This also ensures the outcomes of the research are valuable and can be correctly used. This validity and reliability is also takes into consideration about the ethics of conducting a research program. Reliability defines as a testing and evaluation of the data. The most important part of doing a qualitative research is to provide it with quality. The factors that must be given emphasise are credibility, neutrality, conformability, consistency, applicability and transferability (Low and Ong 2014). This is essentials among the factors that need to be considered. To ensure this factors the examination process must be trustworthy. On the other hand the validity must be kept in mind and while doing the qualitative research. The two kinds of validity must be kept in mind, the construct validity and concept validity. The concept validity must be taken into account for imperceptivity of conceptions (Sauter and Carafano 2012).
Qualitative research is more naturalistic approach to seek the phenomena that are context specific. The categorical variable are more used in this king of research but the numeric and alpha numeric is considered more quantitative approach to study the research (Creswell and Poth, 2017). The quantitative approach to research is more findings based and takes into consideration the following things. For example, prediction, generalisation also extra and interpolation of the findings. This is not philosophical in nature rather like qualitative research.
After designing, the research comes the approach. The more basic of the approach process is inductive and deductive. It has been described, the inductive approach to be done in the data collection, analysis and observation of data (Low and Ong 2014). The theory selection, hypothesis testing and implementation of theories are confirmation of research done on the topic. Here the part of collecting the research data is done in inductive ways.
The research design in this study is exploratory. This design enlightens the background information that has been collected while doing the literature review of the study. There is also descriptive study process done in the finding the objectives of the research. Here in this research design the focus is to collect primary data from the company and based on the fining and analysis the correct conclusion must be given (Yin 2013).
Data collection process
By objectives of this study, it has been decided that primary and secondary both data must be collected on the company BHP Billiton.
The research topic is based the cyber security and what are the precautions that must be taken in mitigating the risk arising from not having cyber security method incorporated in the company Information system (Yin 2013). The group of six managers are identified from the company to do a primary research. Based on the case objectives the research questions will be prepared. The secondary data will be collected from the group of employees that are from BHP Billiton. The set of hypothesis will be constructed based on the data collected and findings are analysed.
As the research goes after primary and secondary data collection, which is the crucial part of the system and surveying the respondents (Creswell and Poth 2017). Sampling method includes interviewing the appropriate candidate for research and based on that sample must be chosen. The probability sampling is the best method chosen for this research study. Convenient sampling reduces the deviation of the responds of the candidate. 6 managers are chosen for interviewing and remaining 50 employees of the company will be surveyed for primary data collection. The sample variables that are collected will be one dependent and one independent variable. The independent variable here is the cyber crime rate and dependent is the security system that is incorporated in BHP Billiton.
There are some limitations to conducting research. For example, getting authentic journals of the research and building the research foundation for further research. In addition, the budget constraint must be kept in mind. However, it also must be kept in mind the time constraint of the research.
Therefore, from the above text it can be suggested that the company BHP Billiton takes a number of protection measure in there system and takes care of their confidential datum of their system and operations. Further, the text outlines a research method for conducting a research on the measuring the cyber security and what the company takes into consideration while incorporating protection level in the system. The data collection process and research limitations while doing the research is opined as suitable. Based on the research method and outlined activity the main tasks are scheduled in a chart above.
Creswell, J.W. and Poth, C.N., 2017. Qualitative inquiry and research design: Choosing among five approaches. Sage publications.
Crozier, R, 2017, BHP Billiton to create big Aussie infosec unit, retrived on 19th August 2017 from:
Franke, U. and Brynielsson, J., 2014, Cyber situational awareness–a systematic review of the literature, Computers & Security, 46, pp.18-31.
Goo, J., Yim, M.S. and Kim, D.J., 2014, A path to successful management of employee security compliance: An empirical study of information security climate, IEEE Transactions on Professional Communication, 57(4), pp.286-308.
Jacobs, T., 2016, Industrial-sized Cyber Attacks Threaten the Upstream Sector, Journal of Petroleum Technology, 68(03), pp.42-50.
Low, S.P. and Ong, J., 2014. Research Design and Methodology. In Project Quality Management (pp. 69-77). Springer Singapore.
Sales, N.A., 2012. Regulating cyber-security.
Sauter, M. and Carafano, J., 2012. Homeland Security: A Complete Guide 2/E. McGraw Hill Professional.
Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016, Information security management needs more holistic approach: A literature review, International Journal of Information Management, 36(2), pp.215-225.
Tonge, A.M., Kasture, S.S. and Chaudhari, S.R., 2013, Cyber security: challenges for society-literature review, IOSR Journal of Computer Engineering, 2(12), pp.67-75.
Yan, Z., Zhang, P. and Vasilakos, A.V., 2014, A survey on trust management for Internet of Things, Journal of network and computer applications, 42, pp.120-134.Yin, R.K., 2013. Case study research: Design and methods. Sage publicat