Week One (Job I would find interesting)

Cryptanalyst- Decipher coded messages without a cryptographic key

The part I would find most interesting would be the criminal aspect of it, as well as finding out hidden parts of a system. It would be fun to decipher serial killers’ code to solve crime, decipher hidden content, and solve mysteries not known about.

Understanding CyberSec & Privacy Best Practices highlights essential actions for maintaining strong cybersecurity and protecting privacy:

  1. Risk Assessment: Regular, thorough risk assessments are crucial for pinpointing vulnerabilities and potential threats within a system.
  2. Data Encryption: Encrypt sensitive data, whether in transit or at rest, to protect it from unauthorized access.
  3. Access Controls: Implement strict access controls to ensure that only authorized personnel can access critical information.
  4. Employee Training: Continually educate employees about the latest cyber threats and best practices to maintain security.
  5. Incident Response Plans: Develop clear incident response plans to efficiently address security breaches or cyberattacks.
  6. Regulatory Compliance: Adhere to regulatory standards and frameworks like GDPR and HIPAA to ensure compliance and protect user privacy.

“After reading the full text, which part of the CIA Triad do you think is the easiest to maintain? Justify your answer.”

Integrity is the easiest of the three, as it should be checked regularly to verify no changes have been made. There should be logs to show changes if made and by whom. Availability is harder as a process must be made before access is given. As easy as, one bad person could mess up this process and lead to more wait time before it could be accessed again. Integrity is the easiest of the three, as it should be checked regularly to verify no changes have been made. There should be logs to show changes if made and by whom. Availability is harder as a process must be made before access is given. As easy as, one bad person could mess up this process and lead to more wait time before it could be accessed again.

Information Systems for Business and Beyond – Chapter 6: Information Systems Security covers the following key points:

  1. Security Principles: This chapter introduces fundamental security principles such as confidentiality, integrity, and availability, which are crucial for safeguarding information systems.
  2. Threats and Vulnerabilities: It examines various cyber threats and vulnerabilities, such as malware, phishing, and social engineering attacks, that can compromise information systems.
  3. Security Measures: The chapter outlines various security measures and controls, including firewalls, antivirus software, and intrusion detection systems, to protect information systems.
  4. Risk Management: It emphasizes the importance of risk management in information systems security, including identifying, assessing, and mitigating risks.
  5. Policies and Procedures: The chapter highlights the need for establishing and enforcing security policies and procedures to ensure consistent and effective security practices.
  6. Legal and Ethical Considerations: It also addresses legal and ethical issues related to information systems security, such as data privacy laws and ethical hacking.

Why Study Interdisciplinary Studies? Emphasizes the advantages of pursuing an interdisciplinary degree, blending coursework from multiple fields to offer a well-rounded education. Here are the key points:

  1. Career Flexibility: An interdisciplinary degree prepares you for various career paths by equipping you with knowledge and skills from different disciplines.
  2. Customization: If your desired degree isn’t available at your institution, you can tailor your education to your interests by combining subjects.
  3. Exploration: It’s perfect for students who are undecided or enjoy exploring multiple areas of study, providing more flexibility than traditional majors.
  4. Innovation: Interdisciplinary studies foster innovative thinking by bridging gaps between fields and encouraging new perspectives.
  5. Holistic Understanding: This approach offers a broader understanding of complex issues by integrating insights from various disciplines.

Week Two

“Open Source software is “Open,” meaning that anyone can freely inspect the code and see how it works. Open Source software is often run by unpaid volunteers, who can be susceptible to social engineering or bribes. Do you think business should avoid open source software and only used closed source software?”

Yes, I believe the vast majority should avoid using open source code. It’s better to be safe than sorry, when selling a product. Open source can lead to the attacker staying in the shadows for however long they wish until possibly caught. Open source should only be used with a strong foundation and constant surveillance. You would however want to use open source if you are new to a field to learn.

The open-source software community was recently shaken by the discovery of a sophisticated backdoor in XZ Utils, a popular data compression utility for Linux systems.

  1. Discovery: Andres Freund, a Microsoft engineer, discovered the backdoor when he noticed unusual performance issues in Debian’s SSH.
  2. Backdoor Details: The malicious code, found in versions 5.6.0 and 5.6.1, allowed attackers with a specific encryption key to execute remote code on affected systems.
  3. Impact: If widely deployed, the backdoor could have had catastrophic consequences, potentially affecting major Linux distributions like Debian and Red Hat.
  4. Response: The issue was promptly patched after discovery, preventing widespread damage.

The CIA Triad is a core concept in information security, representing Confidentiality, Integrity, and Availability. These three principles are the cornerstone of effective security strategies. Here’s a concise overview:

  1. Confidentiality: Ensures that sensitive data is accessible only to authorized individuals. Achieved through methods like encryption, access controls, and authentication.
  2. Integrity: Ensures data remains accurate and unaltered during storage, transmission, and processing. Techniques like hashing, checksums, and digital signatures help maintain integrity.
  3. Availability: Ensures that information and resources are accessible to authorized users when needed. This involves implementing redundancy, disaster recovery plans, and regular maintenance to prevent downtime.

Examples:

  • Confidentiality: Encrypting emails to prevent unauthorized access.
  • Integrity: Using digital signatures to verify the authenticity of a document.
  • Availability: Implementing backup systems to ensure data remains accessible during system failures.

The SolarWinds Supply-Chain Attack was a sophisticated cyber intrusion uncovered in December 2020. Here’s a summary:

  1. Discovery: FireEye identified the attack, which involved embedding a backdoor into SolarWinds’ Orion software through a compromised update.
  2. Attackers: The hackers, believed to be linked to Russia’s Cozy Bear, accessed multiple U.S. government departments and private companies.
  3. Impact: The compromised updates allowed the attackers to execute remote code on affected systems, potentially accessing sensitive information.
  4. Scope: Numerous organizations were impacted, including Fortune 500 companies, government agencies, and cybersecurity firms like FireEye.
  5. Response: SolarWinds released security patches to address the vulnerability, and affected organizations initiated remediation efforts.

The video Why is the global supply chain so fragile, and how can it be fixed? Delves into the vulnerabilities of the global supply chain and offers solutions to enhance its resilience. Here’s a summary:

  1. Causes of Fragility: The video identifies various factors contributing to the fragility of the global supply chain, including geopolitical tensions, natural disasters, pandemics, and cyber-attacks.
  2. Impact: These disruptions can cause shortages, delays, and increased costs, affecting businesses and consumers worldwide.
  3. Solutions: To mitigate these challenges, the video suggests diversifying suppliers, increasing inventory buffers, investing in technology for better visibility and tracking, and fostering stronger collaboration among supply chain partners.

By implementing these strategies, the global supply chain can become more robust and better equipped to handle future disruptions.

Week Three

Functional Management

Scope: Focuses on specific cybersecurity functions, such as network security, application security, or incident response. Responsibilities:

  • Implementing security measures within their domain.
  • Ensuring compliance with security policies and standards.
  • Conducting regular security assessments and audits.
  • Responding to security incidents and breaches.
  • Providing training and support to team members in their area of expertise.

Skills Required:

  • Deep technical expertise in their specialized domain.
  • Knowledge of security tools and technologies.
  • Strong problem-solving abilities.
  • Attention to detail and analytical thinking.

Senior Management

Scope: Oversees the entire cybersecurity strategy and operations of an organization. Responsibilities:

  • Developing and implementing the overall cybersecurity strategy.
  • Aligning cybersecurity initiatives with business goals and objectives.
  • Ensuring compliance with regulatory requirements and industry standards.
  • Managing the cybersecurity budget and resources.
  • Communicating cybersecurity risks and strategies to stakeholders, including the board of directors and investors.
  • Building a security-focused culture within the organization.

Skills Required:

  • Broad understanding of cybersecurity principles and trends.
  • Strategic planning and leadership abilities.
  • Strong communication skills for engaging with various stakeholders.
  • Decision-making and resource management expertise.

Key Differences

  • Scope: Functional management focuses on specific cybersecurity functions, while senior management oversees the entire cybersecurity strategy.
  • Responsibilities: Functional managers handle implementation and operation within their domain, while senior managers develop and align the overall strategy.
  • Skills: Functional managers require technical expertise, whereas senior managers need strategic, communication, and leadership skills.

Key Similarities

  • Goal: Both aim to protect the organization from cybersecurity threats.
  • Compliance: Both ensure adherence to security policies, standards, and regulations.
  • Collaboration: Both roles require effective collaboration with other departments and stakeholders.

In essence, while functional managers dive deep into specific areas of cybersecurity, senior managers take a holistic approach to ensure that all cybersecurity efforts align with the organization’s broader objectives and risk management strategy

Considering recent cybersecurity events like the XZ Utils backdoor and the SolarWinds attack, it’s essential for all departments within an organization to actively participate in the cybersecurity process. Here’s how each department can contribute:

1. Human Resources (HR)

  • Recruitment and Training: Ensure cybersecurity awareness is part of the onboarding process and provide regular training sessions to employees.
  • Policy Enforcement: Collaborate with IT to enforce cybersecurity policies and practices.

2. Legal

  • Compliance: Ensure the organization complies with relevant data protection regulations and standards.
  • Incident Response: Be prepared to handle legal implications of cyber incidents, including reporting requirements and litigation support.

3. Finance

  • Budgeting: Allocate funds for cybersecurity tools, training, and initiatives.
  • Fraud Detection: Implement controls to detect and prevent financial fraud, such as monitoring for unusual transactions.

4. Operations

  • Business Continuity: Develop and maintain disaster recovery and business continuity plans that include cybersecurity considerations.
  • Process Improvement: Work with IT to identify and mitigate operational vulnerabilities.

5. Marketing

  • Public Relations: Manage communication during and after a cybersecurity incident to maintain public trust.
  • Secure Campaigns: Ensure marketing campaigns and digital assets are secure from cyber threats.

6. Research and Development (R&D)

  • Secure Development Practices: Implement secure coding practices and conduct regular code reviews.
  • Vulnerability Testing: Continuously test products for vulnerabilities and patch them promptly.

7. Customer Support

  • Customer Education: Educate customers on secure practices and how to report suspicious activity.
  • Incident Reporting: Provide a clear channel for customers to report cybersecurity issues.

8. IT and Security Teams

  • Monitoring and Response: Continuously monitor for threats and respond to incidents promptly.
  • Access Controls: Implement strict access controls and ensure that only authorized personnel have access to sensitive data.

Collaborative Efforts

  • Cross-Departmental Teams: Form cybersecurity task forces with members from various departments to enhance communication and coordination.
  • Regular Drills: Conduct cybersecurity drills that involve all departments to ensure everyone knows their role in case of an incident.

Staying Ahead in the Cybersecurity Game: What Matters Now covers the evolving landscape of cybersecurity and the strategies needed to stay ahead of threats. Here’s a brief summary of the first fifty pages:

  1. Evolving Threats: The book highlights the constantly changing nature of cyber threats, including advanced persistent threats (APTs), ransomware, and state-sponsored attacks.
  2. Defense Mechanisms: It emphasizes the importance of implementing effective defense strategies such as multifactor authentication (MFA), zero-trust architecture, and regular software updates.
  3. Regulatory Compliance: Various regulatory frameworks like GDPR, CCPA, and HIPAA are discussed, stressing the need for compliance to protect data and avoid penalties.
  4. Human Factor: The critical role of human behavior in cybersecurity is explored, underscoring the need for ongoing training and awareness programs to mitigate human error.
  5. Technology and Innovation: The adoption of AI and machine learning in identifying and mitigating threats is examined, with a focus on balancing technological advancements with human oversight.

Elements of Information Security from NIST SP 800-12 outlines the fundamental principles of information security. Here’s a concise summary:

  1. Confidentiality: Ensuring that sensitive information is accessible only to authorized individuals.
  2. Integrity: Safeguarding data from unauthorized modifications to maintain its accuracy and reliability.
  3. Availability: Ensuring that information and resources are accessible to authorized users when needed.

Weeks 4-end featured on posts page.

Write ups and projects

Prescott-Kowalski-SCADA-systems-write-up.docx