The following is the description for the course Cybersecurity, Technology and Society as taken from the course syllabus:<\/p>\n\n\n\n
Students will explore how technology is related to cybersecurity from an interdisciplinary orientation.\u00a0 Attention is given to the way that technologically-driven cybersecurity issues are connected to cultural, political, legal, ethical, and business domains.<\/p>\n\n\n\n
This class was valuable in understanding the socioeconomic and political motivators behind cybersecurity. <\/p>\n\n\n\n
The following are examples of the papers and discussions contained within the coursework for the class as evidence to the learning outcomes I have achieved.<\/p>\n\n\n\n
A Brief Explanation of the CIA Triad | Adrian Bequette<\/strong> <\/p>\n\n\n\n <\/p>\n\n\n\n Vulnerabilities of Critical Infrastructure and the Benefits of SCADA References <\/p>\n\n\n\n <\/p>\n\n\n\n Discussion: Ethical Considerations of CRISPR Gene Editing<\/strong><\/p>\n\n\n\n I think there is a very fitting quote out there that relates to this topic from Jurassic park; “we were so busy wondering if we could, we never stopped to ask if we should”. And that pretty much sums up my ideas about gene editing. I think that it is marvelous that we have hit a point in science that something like this is possible, but it still makes me wonder if we should take these matters into our own hands. I think there are a lot of pros and cons to this, but ethically i can see how this is some very murky water that needs to be taken very seriously, and with a lot of caution. <\/p>\n","protected":false},"excerpt":{"rendered":" The following is the description for the course Cybersecurity, Technology and Society as taken from the course syllabus: Students will explore how technology is related to cybersecurity from an interdisciplinary orientation.\u00a0 Attention is given to the way that technologically-driven cybersecurity… Continue Reading →<\/a><\/p>\n","protected":false},"author":28370,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"template-fullwidth.php","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/bequette\/wp-json\/wp\/v2\/pages\/14"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/bequette\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/bequette\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/bequette\/wp-json\/wp\/v2\/users\/28370"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/bequette\/wp-json\/wp\/v2\/comments?post=14"}],"version-history":[{"count":4,"href":"https:\/\/sites.wp.odu.edu\/bequette\/wp-json\/wp\/v2\/pages\/14\/revisions"}],"predecessor-version":[{"id":140,"href":"https:\/\/sites.wp.odu.edu\/bequette\/wp-json\/wp\/v2\/pages\/14\/revisions\/140"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/bequette\/wp-json\/wp\/v2\/media?parent=14"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
CIA Triad Definitions
The CIA Triad comprises of three factors, for CIA in this instance is an acronym for
Confidentiality, Integrity, and Availability. Each of these three factors make up the outline of
rules and structure that should be implemented within a security architecture.
Confidentiality
Confidentiality is the assurance that sensitive and private informa\u019fon remains private, or
confidential. Confidentiality makes up one third of security, and its goal is the protection of
information and data from unauthorized persons. There are many different classifications of the
level of confidentiality of information, and the higher the level of sensitive nature the data has,
the stronger the controls to ensure it remains confidential are put in place.
Integrity
Integrity involves the security of information while it is in transition or across transportation.
Data or information must remain unaltered while in transit between sources and recipients.
Integrity also involved the key factor of non-repudiation, which is involved in signing
documentation or information. And example of non-repudiation and by the transitive property
integrity, is digitally signing a document to so that there is proof that you were the one to
validate the information contained within.
Availability
Availability is the final factor that ensures that data is always available. And example of good
availability is load balancing and data redundancy, so that in the event a publicly facing web
server goes down, there is redundancy with backups so that the informa\u019fon contained will still
be available to those trying to access it.
Conclusion
Contained within these three key factors of the CIA Triad are the makings of a security
framework that all entities must maintain. Following the three factors will ensure reputability
and security.<\/p>\n\n\n\n
Implementation<\/strong><\/p>\n\n\n\n
Critical infrastructure systems are vastly important, and therefore are prime
targets for attacks. They include the systems used to manage power, water, internal
temperature regulation, communication systems and more. Fick gives the definition that
\u201ccritical infrastructure is the physical and virtual assets, systems, and networks that are
essential to society\u201d, and that their destruction can result in the loss of economic
stability, national security, and public health (p.1).
Implementation of standardized and centralized control for these processes is
where SCADA shows its value. Centralized control of these processes, utilizing various
different hardware and software means, allows for proper management of these
systems. SCADA at its core allows for remote operation, monitoring and control of
critical systems. Without SCADA, these systems are not networked and thus do not
have the proper monitoring they require. If an outage of power or occurs, using
centralized management means those systems are replaced or repaired quicker. In
most cases, SCADA can alert administrators to failure before it occurs, and as such
saves money and in some cases lives.
However, this does in turn create its own problems, where now there are more
centralized points of failure. As noted in the article by SCADA Systems, there now
exists 2 main threats to this centralization. The first is unauthorized access, and the
second is network connectivity. Neither of these issues have a non-zero percent chance
of happening. And in the event someone gains access to these systems, while they are
not connected to the internet, physical access means control for a threat actor. The second issue, network connectivity cannot be avoided but can be mitigated via alternate
connections.
While SCADA does bring its own issues into the mix, the ability to centrally
manage and maintain critical infrastructure systems highly outweighs their risks. When
referring to systems that can potentially cost lives, SCADA is the only option.
<\/p>\n\n\n\n
Allie Fick, S. R. (2023, January 12). Critical infrastructure is more vulnerable than ever-
your industry could be a prime target. Lacework.
https:\/\/www.lacework.com\/blog\/critical-infrastructure-is-more-vulnerable-than-
ever-your-industry-could-be-a-prime-target\/
SCADA systems. SCADA Systems. (n.d.). https:\/\/www.scadasystems.net\/<\/p>\n\n\n\n