Abstract

Implementing cybercrime preventing technologies is critical in today’s connected world. As companies continue to rely on critical infrastructure, they should also address the risk and threats imposed by the use of these technologies. Bahrain is no different from anywhere else in the world when comes to cybercrimes, however, due to the lack of regulations and laws for the cyber world, small and medium companies were left to navigate their way through the cyber world. To understand how to assist small and medium organizations and the Bahrain cyber risk levels, a survey was designed to solicit Bahraini organization feedback with regards to four cybercrimes (Denial of services, web hacking and defacement, malware, spam and phishing). An audit plan was designed based on a set of proposed critical control objectives. The critical objectives ensure that organizations are well aware about their assets and the risks they are exposed to , build a solid boundary defence, secure configurations and applications, continues to monitor the environment and close any vulnerabilities and most importantly; to be vigilant and prepared to handle and respond to cyber incidents. The audit plan was tested with the help of a case study located in Bahrain and its use to prevent cyber attacks demonstrated in this research.