CYBER TERRORISM - A MODERN SECURITY THREAT TO INFORMATION SYSTEMS

Purpose: Important information is saved in the information systems of organizations; therefore, their security plays a vital role for the appropriate operation of any organization. Cyber terrorism, which takes advantage of abilities and weaknesses of computers and online services, is one of those threats. The purpose of this article is to examine cyber terrorism and the way in which organizations understand and manage it. The problem is that many organizations are not even aware of it. For this reason, a survey has been conducted among various organizations. In order to learn about the extent and nature of cyber terrorism, a descriptive analysis of secondary sources was employed. The main problem is incomprehension of such threats because in public it is mostly mistaken for other known attacks on information systems. To date, there has been no research conducted on cyber terrorism in Slovenia. Therefore, this study represents the first opportunity for Slovenia to learn about the risks and threats of as well as how to effectively combat such risks. Design/Methodology/Approach: The focus of the study presented in this chapter relied on organizational perceptions about cyber terrorism within Slovenia. For this purpose, a research has been conducted among different organizations. The results of the research unveil the problems of threat incomprehension, while threats also adjust to changes. With minimal effort and knowledge, terrorism can cause terrible consequences and threaten the existence of every organization. Methods and techniques of such attacks do not differ from the classic threats. The most common attacks focus on information systems and critical infrastructure. Findings: The consequences of a terrorist attack on the organization's information system are mostly economic damage, injuries or casualties among employees. The threats and protection needs are classified according to those consequences, which can be caused by cyber terrorism. Protection against the cyber threat is therefore necessary; however, it depends on every individual organization. Research limitations/Implications: The results cannot be generalized as a relatively small number of companies were included in the research. Practical implications: The article represents a useful source of information for companies establishing an information security risk management system and represents a basis for further researches. Originality/Value: Organizations have a chance to study the nature of this modern information threat and get to know it better. They will have the opportunity to see what kind of understanding and protection other companies use against it. At this point they will have a reference point in order to see what protection level they currently attain. A similar research has never been conducted in Slovenia before. Therefore, organizations will have the opportunity to get acquainted with imperfections in understanding cyber terrorism as a threat and to adapt properly to changes in the virtual world.