Cyber security breaches in corporate networks : a literature review on recent threats and their impact
Kadam, Vivek (2025)
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2025051612380
https://urn.fi/URN:NBN:fi:amk-2025051612380
Tiivistelmä
In this thesis, some of the predominant cyber threat actors threatening enterprises in Finland and the rest of the European Union are analyzed. The goal was to uncover the most frequent attack types, the financial and operational costs, and what an organization could do to mitigate them. The relevant information was obtained from official reports by Kyberturvallisuuskeskus (Finland), ENISA (European Union Agency for Cybersecurity), F-Secure, IBM and other cybersecurity units. We also studied real-world case studies including the Equifax data breach and the Pegasus Airlines cloud misconfiguration, to learn about real impacts and trends.
The study identified ransomware, phishing, insider threats, DDoS, and cloud security risk as being the most prominent threats. Such attacks have serious implications such as monetary losses, loss of reputation, and business disruption. Results also emphasized that an approach that covers multiple types of security measures, including technical solutions, organizational policies, employee training, and management’s role is also believed to be an effective way to prevent attacks to corporate networks. Specific tactics like Zero Trust Architecture and planning for proactive incident response were highlighted.
According to the findings, an organization should incorporate cyber security into extortion planning, adopt early detection systems, and sustain ongoing staff security awareness training. Ultimately, there may also be an opportunity in future research to design enhanced detection and prevention approaches to counter next-generation cyberattack methods.
The study identified ransomware, phishing, insider threats, DDoS, and cloud security risk as being the most prominent threats. Such attacks have serious implications such as monetary losses, loss of reputation, and business disruption. Results also emphasized that an approach that covers multiple types of security measures, including technical solutions, organizational policies, employee training, and management’s role is also believed to be an effective way to prevent attacks to corporate networks. Specific tactics like Zero Trust Architecture and planning for proactive incident response were highlighted.
According to the findings, an organization should incorporate cyber security into extortion planning, adopt early detection systems, and sustain ongoing staff security awareness training. Ultimately, there may also be an opportunity in future research to design enhanced detection and prevention approaches to counter next-generation cyberattack methods.