Cybersecurity, Technology, and Society
Write Up: The Human Factor in Cybersecurity
The human contribution to cyber threats is the most common occurrence when sensitive data is at stake. Therefore, having funds to protect this is crucial, and allocating these funds effectively provides for efficiency.
Human Contribution to Cyber-Threats
Examples of human contribution to cyber threats vary. Cybercrime is often categorized as a white-collar crime “Committed by a person of respectability and high social status in the course of his occupation” (Payne B. K. et al., 2018). Many employees committing these crimes are given access to essential or sensitive data that they should not have immediate access to, or the information is not secure enough. As a result, information is likely to be sold or released to opposing corporations. One instance of human contribution to cyber threats was when a contract security guard compromised and damaged the hospital; he was employed at the computer system. As a result, the security guard “pleaded guilty to an indictment charging two counts of transmitting malicious code” (Payne B. K. et al., 2018). This was made possible through areas not under constant surveillance, such as nurse’s stations and locked rooms. Although, as a security guard, he has keys that grant him access to various locations, had the computers had more secure measures, his actions would not have been able to have occurred.
Allocating Funds to Reduce Cyber-Threats
The vastly growing technology within workplaces has enabled cyber threats and crimes to go undetected as it remains ambiguous. As a result, prevention and intervention are limited. As a chief information security officer, allocating funds to reduce cyber threats is essential. One area in which funds should be given is training. Employees who can acknowledge a potential threat will save the organization money in the long run. For example, training could be taught by identifying guardianship strategies. This could be done through a “honey pot,” which is a network used to be attacked as a method of research (Payne, B. K., & Hadzhidimova, L. (n.d.). While this could be costly, it would show attack patterns and inspiration for innovation to provide much more secure systems.
Conclusion
Regardless of cost, having security measures in place and hiring qualified employees with the proper training will ensure the longevity of safe work environments where cybercrime does not have the opportunity to occur. Adequate training is also crucial to maintaining a professionalism that protects sensitive data at all costs.
References
Payne, B. K., & Hadzhidimova, L. (n.d.). Cybersecurity and criminal justice: Exploring the intersections. Retrieved April 3, 2023, from sites.wp.odu.edu/cyse-200/wp-content/uploads/sites/14757/2019/05/payne-hadzidimova.pdf
Payne, B. K., Hawkins, B., & Xin, C. (2018). Using labeling theory as a guide to examine the patterns, characteristics, and sanctions given to Cybercrimes. American Journal of Criminal Justice, 44(2), 230–247. https://doi.org/10.1007/s12103-018-9457-3
Write Up: SCADA Systems
Critical Infrastructure Systems are heavily relied upon by society, which makes them easily susceptible to becoming vulnerable to disruption. As a result, SCADA systems are used to mitigate these risks providing for each sector to remain operational at all times.
Vulnerabilities of Critical Infrastructure Systems
Critical Infrastructure Systems are defined through sixteen sectors: transportation systems, water and wastewater, food and agriculture, financial services, energy, health care, and public health (Cyber Security 2022). Each of these sectors heavily relies upon the others, which brings vast vulnerabilities. For example, if transportation systems were to be backed up, individuals who work in health care would be unable to get to work. As a result, it would leave hospitals short-staffed, bringing about another set of complications. Actual vulnerabilities to critical infrastructure include insider threats, lack of redundancy, and lack of cybersecurity awareness are just a few but worthy of much acknowledgment.
SCADA used in Mitigating Risks
Supervisory control and data acquisition (SCADA) systems obtain information from processes in real-time from wherever it is located. With this ability, conditions and equipment are controlled “centralized systems that control and monitor entire sites, or are the complex systems spread out over large areas.” (SCADA N.D.) When it comes to Critical Infrastructure System vulnerabilities, one example where SCADA can be seen to mitigate risks for critical infrastructure is transportation. These systems regulate electricity to subways and other services by automating traffic lights (SCADA 2020). In addition, critical infrastructure can be monitored by SCADA systems to detect any suspicious behavior occurring within sectors through Human Machine Interfaces, “an apparatus that gives the processed data to the human operator.”
Conclusion
Critical Infrastructure systems are crucial and, as the name states, “critical.” Consequently, society must have plans to monitor various sectors to protect them from vulnerabilities. SCADA systems are in place to ensure these critical infrastructures can operate effectively without being targeted from within an organization, lack of redundancy, and lack of cybersecurity awareness.
References
Cyber Security and Infrastructure. The University of North Dakota Online. (2022, August 25). Retrieved March 19, 2023, from https://onlinedegrees.und.edu/blog/cyber-security-infrastructure/#:~:text=CISA%20defines%20sixteen%20distinct%20sectors,they%20can%20also%20be%20intertwined.
SCADA systems. SCADA Systems. (n.d.). Retrieved March 19, 2023, from http://www.scadasystems.net/
SCADA: Industrial, manufacturing, transportation, and facilities. Second Sight Systems. (2020, July 23). Retrieved March 19, 2023, from https://www.secondsightsystems.com/markets/industrial-manufacturing-transport-facilities/#:~:text=Transit%20authorities%20use%20SCADA%20technology,to%20control%20railroad%20crossing%20gates.
Discussion Board Post:
How has cyber technology created opportunities for workplace deviance?
Workplace deviance is the deliberate intention to cause harm to one’s place of work. One reason someone may want to retaliate is being fired, watching a fellow employee receive a promotion that that individual may have wanted, etc. Cyber technology has created many opportunities for these individuals to act maliciously. For example, upset workers could save and sell files to other companies before losing access to sensitive information to bring their previous employers down. Another way that cyber technology could create opportunities for workplace deviance is the ability to create false information to receive financial gain of their own. For example, they change numbers around to seem like the company is on track with previous data while funneling out money simultaneously. These examples are crucial for organizations to acknowledge and should be considered when hiring individuals.