{"id":297,"date":"2022-04-21T23:48:15","date_gmt":"2022-04-21T23:48:15","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/adamjohnson\/?p=297"},"modified":"2022-04-21T23:48:16","modified_gmt":"2022-04-21T23:48:16","slug":"the-human-factor-in-cybersecurity","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/adamjohnson\/2022\/04\/21\/the-human-factor-in-cybersecurity\/","title":{"rendered":"The Human Factor in Cybersecurity"},"content":{"rendered":"\n<p>        In the article \u201cThe Impact of Human Behavior on Security &#8221; by Jeff Capone (2018), the author makes several points of why humans should not be in charge of cybersecurity.\u00a0 Capone states \u201cWhen it comes to effective data security, the most successful solutions are transparent. They work in the background and provide automated, non-disruptive protection of assets&#8221; (Capone, 2018).\u00a0 I think this sentiment is best described in the use of automation and full file encryption.\u00a0 File encryption for all systems and files would likely not cost anything as it is included as an option for most operating systems.\u00a0 Though the most secure method would be hardware encryption but this would add considerable costs.\u00a0 Another example of this would be implementing a VPN connection for the company or office and applying encryption to the network data.\u00a0 Since there is likely already a server in use, setting up a VPN would be an easy task and allow for network encryption. This could possibly make logging and auditing the network traffic more efficient as well.\u00a0 For automation, software such as antivirus would exist on each device and could be scheduled to run at times that would help stop people from making mistakes. I would have the antivirus configured to scan detachable devices before they can be used. I would configure the scanning of emails and attachments to prevent unwanted phishing attempts. I would also implement firewall rules at the server level to block unwanted access to the internet by keeping a whitelist or blacklist of domains and hosts to allow or deny.\u00a0 I believe this creates a good balance and minimizes the human input to maintain the network.\u00a0 While obviously still using least privilege when granting users access to system resources, I would create strict password requirements for the user accounts.\u00a0<\/p>\n\n\n\n<p>        These actions would require the users to be trained on very few aspects of the network.\u00a0 The main focus of training would be password security. Since this type of system would rely on a single log on with the accounts being stored in the server, users would need to be trained on proper creation and handling of their passwords.\u00a0 The VPN connection and all antivirus actions could be configured by automation. Concerning the budget, the main costs would be for the antivirus software and for the initial setup of the firewall and server by a professional.\u00a0 Managers could be trained to audit activity and create or maintain accounts without having full administrative access to the systems or server.<\/p>\n\n\n\n<p><strong>References<\/strong><\/p>\n\n\n\n<p>Capone, Jeff (2018). The impact of human behavior on security. https:\/\/www.csoonline.com\/article\/3275930\/the-impact-of-human-behavior-on-security.html<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In the article \u201cThe Impact of Human Behavior on Security &#8221; by Jeff Capone (2018), the author makes several points of why humans should not be in charge of cybersecurity.\u00a0 Capone states \u201cWhen it comes to effective data security, the most successful solutions are transparent. They work in the background and provide automated, non-disruptive protection &hellip; <a href=\"https:\/\/sites.wp.odu.edu\/adamjohnson\/2022\/04\/21\/the-human-factor-in-cybersecurity\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">The Human Factor in Cybersecurity<\/span><\/a><\/p>\n","protected":false},"author":23385,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/posts\/297"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/users\/23385"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/comments?post=297"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/posts\/297\/revisions"}],"predecessor-version":[{"id":298,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/posts\/297\/revisions\/298"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/media?parent=297"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/categories?post=297"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/tags?post=297"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}