Free-Writes/Discussion Posts
Ade Swinger
CYSE 200T
Professor Duvall
3/26/25
CYSE 200T
Professor Duvall
3/26/25
BLUF: Write-Up on SCADA systems, the vulnerabilities associated with critical
infrastructure systems, and the role SCADA applications play in mitigating risks.
What Are SCADA Systems?
The acronym SCADA stands for supervisory control and data acquisition, and they are systems used to control critical infrastructure, facility-based, or industrial processes. There are a few subsystems that make up the SCADA system, such as programmable logic controllers, a device used to track data by human operators, and remote terminal units that convert the signals sent by sensors into digital data. Knowing how important these systems are to all kinds of processes in the world. Cybersecurity professionals must understand the vulnerabilities that come with these systems.
What Are the Vulnerabilities?
With our critical infrastructure being so dependent on SCADA systems, they are vulnerable to cyberwarfare and other serious attacks (SCADA Systems p.6.) According to the article, there are two major threats: unauthorized access to software and “packet access to network segments that are hosted by SCADA systems.” With the first one, it would be human error or intentional attacks upon the control host machine. The second one would be the lack of control protocol on the packets themselves. This allows for the possibility of attackers sending malicious packets with the intent of gaining control of a SCADA device. Additionally, I found out that in recent years, “browser and web-based technology has become a powerful tool for operators of infrastructure and industrial systems,” according to ‘Critical Infrastructure Systems Are Vulnerable to a New Kind of Cyberattack.’ This means attackers have another potential attack vector to gain full access to these systems.
Mitigating Risks
SCADA applications are specific software pieces of the subsystems that make up the whole SCADA system to perform all the tasks necessary. These applications are continuously taking detective and protective measures to mitigate risks. Processes like real-time monitoring, data logging, and cybersecurity and network protection are all examples of what these applications do to protect these critical systems that are responsible for so many important things to people’s livelihoods.
Conclusion
SCADA systems are crucial to critical infrastructure, but their vulnerabilities are something all cyber professionals should care about. Unauthorized access and network-based attacks highlight the need for cybersecurity measures strong enough to protect these systems. Also, SCADA applications are a huge part of mitigating risks by monitoring real-time, logging data, and protecting networks through firewalls and other means. As cyber threats continue to grow and change, methods of strengthening the security of these systems are critical to maintaining and protecting critical operations.
Sources:
https://docs.google.com/document/d/1DvxnWUSLe27H5u8A6yyIS9Qz7BVt_
8p2WeNHctGVboY/edit?tab=t.0
https://coe.gatech.edu/news/2024/02/critical-infrastructure-systems-are-
vulnerable-new-kind-cyberattack
ChatGPT to gain a better understanding of the role of SCADA applications.
ChatGPT to gain a better understanding of the role of SCADA applications.
Ade Swinger
CYSE 200T
April 6, 2025
Professor Duvall
CYSE 200T
April 6, 2025
Professor Duvall
The Human Factor in Cybersecurity
BLUF: Humans are the weakest link in any organization’s overall cybersecurity,
so any budget decisions must reflect that.
Cyber Threats Still Target Human Mistakes
According to a study done by PhishMe back in 2016, over 90 percent of all cyberattacks start with a phishing email. Ten years later, chances are this is still the case. With that being said, organizations must bear this fact in mind when allocating funds for security.
Human error is our biggest threat, so how should we move forward?
so any budget decisions must reflect that.
Cyber Threats Still Target Human Mistakes
According to a study done by PhishMe back in 2016, over 90 percent of all cyberattacks start with a phishing email. Ten years later, chances are this is still the case. With that being said, organizations must bear this fact in mind when allocating funds for security.
Human error is our biggest threat, so how should we move forward?
Budget Allocation Strategy
The budget should be split 60/40 with sixty percent of funds going toward human
security training and awareness and forty percent of it going toward actual fortification of
systems and security tools. By doing this, we can focus on the fact that people are the
weakest link in our security plan while also addressing the technological side of
cybersecurity.
The budget should be split 60/40 with sixty percent of funds going toward human
security training and awareness and forty percent of it going toward actual fortification of
systems and security tools. By doing this, we can focus on the fact that people are the
weakest link in our security plan while also addressing the technological side of
cybersecurity.
Conclusion
As the importance of cybersecurity grows in every aspect of business, the importance of
employee training continues to grow as well. While technical defense is still very
important, none of it matters if employees are making dangerous mistakes. By utilizing a
60/40 split of the budget, this reflects the idea that systems are only as strong as those
using them.
As the importance of cybersecurity grows in every aspect of business, the importance of
employee training continues to grow as well. While technical defense is still very
important, none of it matters if employees are making dangerous mistakes. By utilizing a
60/40 split of the budget, this reflects the idea that systems are only as strong as those
using them.
References:
https://docs.google.com/document/d/1QplIrfcKlmkSOuKt9i0Kte72kYrukFeCm1wj9
DxpnGU/edit?tab=t.0#heading=h.iafeicx83xq5 – Why is Cybersecurity About
Human Behavior?
https://www.darkreading.com/endpoint-security/91-of-cyberattacks-start-with-a-
phishing-email – 91% Of Cyberattacks Start With A Phishing Email
https://docs.google.com/document/d/1QplIrfcKlmkSOuKt9i0Kte72kYrukFeCm1wj9
DxpnGU/edit?tab=t.0#heading=h.iafeicx83xq5 – Why is Cybersecurity About
Human Behavior?
https://www.darkreading.com/endpoint-security/91-of-cyberattacks-start-with-a-
phishing-email – 91% Of Cyberattacks Start With A Phishing Email
Discussion Board: Ethical Considerations of CRISPR Gene Editing
Mar 9, 2025 10:48PM
ADE SWINGER
CRISPR gene editing, along with many potential benefits, also has many ethical considerations concerning misuse. The ability to change DNA could have unintended consequences under the scope of privacy and security. With CRISPR, the gene information has to be stored digitally, which is something that makes it vulnerable to attacks. People could gain access to the information and perform identity theft, amongst other possibilities. With this being a possibility, those in the IT teams of medical facilities must put in the proper cyber measures and access control, as Ms. Doris Locking suggested in her presentation. My position is one of optimism in regard to the future of gene editing, understanding that serious security has to surround it because of the delicate information it works with. I also believe the government should recognize this and put the right regulation in place to ensure the safety of citizens in a blanketed way.
Mar 9, 2025 10:48PM
ADE SWINGER
CRISPR gene editing, along with many potential benefits, also has many ethical considerations concerning misuse. The ability to change DNA could have unintended consequences under the scope of privacy and security. With CRISPR, the gene information has to be stored digitally, which is something that makes it vulnerable to attacks. People could gain access to the information and perform identity theft, amongst other possibilities. With this being a possibility, those in the IT teams of medical facilities must put in the proper cyber measures and access control, as Ms. Doris Locking suggested in her presentation. My position is one of optimism in regard to the future of gene editing, understanding that serious security has to surround it because of the delicate information it works with. I also believe the government should recognize this and put the right regulation in place to ensure the safety of citizens in a blanketed way.