Overview

In this CYSE/IT-200T class, participating in discussion boards and free-writes has really improved my understanding. First and foremost, these exercises foster critical thinking because they force me to reflect carefully on the course material and organize my ideas into a logical argument or answer. Additionally, they encouraged teamwork and participation, gave me a chance to interact with my peers and gain insight from their differing viewpoints, and fostered cooperation. By participating in discussion boards and free-write assignments, I was able to improve my research abilities, communication skills, and ability to reflect on my own learning and development during the course. I was able to communicate with others more effectively, have a better comprehension of the course subject, and monitor my development over time by consistently taking part in these activities. Below I will post three of my favorite free-writes / discussion boards from this semester!

Write Up – The Human Factor in Cybersecurity  Apr 12, 2023

A Chief Information Security Officer must comprehend the benefits of funding more
cybersecurity technologies and employee training. Both are essential for a good cybersecurity
stance, yet investing in one over the other can occasionally be viewed as more advantageous if
one were to have a restricted budget.
Businesses around the nation will probably invest more in cybersecurity technology in the
near future since the modern world is more technologically oriented. That cannot be used to
minimize the need of bringing up cybersecurity best practices and knowledge among staff
members, as it is a crucial component of any cybersecurity program. When it comes to an
organization’s security, employees may either be the weakest or the strongest link, and the
correct training can lower the likelihood that a breach will happen due to human error.
Regardless matter how much training a worker has had, the chance of a human error in
cybersecurity must also be considered. There are many other ways to deliver training, including
practical exercises, online learning, and traditional classroom instruction.
On the other hand, investing in cybersecurity technology is also necessary for protecting an
organization’s systems and data. It is sensible to periodically invest in cybersecurity because
technology is always changing. Firewalls, antivirus software, and event management (SIEM)
systems are just a few examples of the several types of cybersecurity solutions available. These
technologies offer protection from a variety of threats, such as malware and phishing attacks. It’s
crucial to evaluate the organization’s particular needs and identify the technology categories that
are most necessary.
While working with a limited budget, it is essential to prioritize expenditures based on the
particular risks and needs of the company. The organization’s weakest areas and the areas where
investments would have the most impacts can be found through a risk assessment. The cost and
profit of each investment must also be considered. For instance, spending money on a system
that provides a high degree of safety but is difficult for personnel to use might not be the best use
of resources. The same can be said about spending money on training that is either too wide or
not enough specific to the risks the company faces.
There’s a lot of factors to consider when allocating a budget. To determine the areas where the
organization is most vulnerable, conduct a risk assessment. This will make it easier to decide
which areas demand the greatest focus and money. A risk assessment should be done to identify
the areas where the organization is most vulnerable. Making decisions about what needs the most
attention and resources will be made simpler as a result. Spend money on cybersecurity tools that
suit the organization’s unique requirements. Make sure the technologies are efficient and simple
to use while also taking into account the cost-benefit of each investment. Establish a strategy for
handling security-related issues. Planning ahead and getting trained for incident response can
help to lessen the effects of a breach and the expense of recovery.
In order to manage this trade-off effectively, a CISO must create a balance between
increased cybersecurity technology and training. While choosing expenditures within a
constrained budget, it is important to evaluate the specific risks and requirements of the
company. A risk assessment can help identify the areas that require the greatest attention and
financing, and investments should be evaluated based on their cost-benefit ratio. It is imperative
that staff members receive training on cybersecurity best practices, and cybersecurity
technologies should be appropriate for the firm’s particular needs. Prioritizing expenses can
maximize the effect of the CISOs’ limited resources on the organization’s cybersecurity posture.

The “Short Arm” of Predictive Knowledge (Module 7, Reading 1)

Short-arm forecasts may be used to properly plan for how cyber-policy and infrastructure will change in the future. By examining historical data, they comprise projecting likely human behavior and anticipating expected results based on current influencing factors. Short-arm predictions can reveal information about the likelihood of various events even while precise future projections are unachievable. It’s important to remember that short-arm forecasts might not always come true and shouldn’t be relied upon too much.

Write-Up – SCADA Systems Mar 26, 2023

SCADA Systems

Introduction
Systems vital to critical infrastructure, such as those used in the energy, oil and gas,
water, and electricity sectors, are susceptible to being attacked over the internet. SCADA
(supervisory control and data acquisition) refers to the systems used to monitor and control entire
sites. These sites can be anything from a single industrial plant to complex plants spread out
across the country. In terms of its application and use, monitoring and managing the physical
processes employed in contemporary civilization, such as water distribution, traffic lights,
electrical transmissions, gas transportation, oil pipelines, and other systems, may also be
accomplished with the assistance of SCADA systems (SCADA Systems, 2018).
Risk and vulnerabilities associated with SCADA
SCADA systems combine hardware and software that allow for the automation of
industrial processes. It is accomplished by capturing real-time data from sensors attached to
various equipment such as motors, pumps, and valves. SCADA systems are essential to the
modern industrial world. There is a common misconception that SCADA networks do not
provide a significant security risk since they are physically protected. Another common
misconception is that since SCADA networks are not linked to the internet, they are inherently
more secure than other networks. However, a survey conducted by Forrester found that between
the second half of 2018 and the first half of 2019, 56 percent of firms that use SCADA/ICS
reported a breach in their systems (Paganini, 2021). Attackers target industrial control systems
(ICS), human-machine interfaces (HMI), and workstations to deliver malicious code and take
advantage of vulnerabilities affecting ICS. They can also launch distributed denial of service
attacks (DDoS) against vulnerable, unpatched systems that are accessible online and have
inadequate security.
Mitigation of Risks
SCADA systems provide real-time monitoring and control of industrial operations, which
makes it possible for these systems to assist in reducing the hazards associated with critical
infrastructure systems. SCADA systems link sensors that monitor equipment like motors, pumps,
and valves to an onsite or distant computer to collect real-time data from operational technology
(OT). OT refers to data that is collected in real-time. Because of this, enterprises can now swiftly
identify and react to cyber threats. In addition, SCADA systems can capture and save events for
the purpose of future reference or the development of reports. Hardware components of SCADA
systems, such as Remote Terminal Units (RTUs) and Programmable Logic Controllers (PLCs),
operate as local collecting sites for gathering sensor information and often activate actions of the
linked piece of equipment through the use of logic that has been pre-programmed. SCADA
systems may also be protected against unauthorized access by using precautions, including
network segmentation, access control, and regular software updates.
Conclusion
In conclusion, SCADA systems contribute to reducing risks by making it possible to
automate industrial processes and collect real-time data from sensors. It gives operators the
ability to recognize problems rapidly and take corrective action. Yet, SCADA systems are also
appealing to threat actors; thus, it is essential to put security precautions in place to reduce the
likelihood of adverse outcomes. Security is of the utmost importance because the destruction of
the systems would have severely negative effects. There are two key dangers to be concerned
about. The first threat is illegal to access to the program, which may take the form of human
intervention or modifications that have been purposefully generated. Other threats, as expressed
herein, included virus infections and other issues impacting the control host system. The second
potential risk is associated with the packet access to network segments home to SCADA
equipment.