{"id":133,"date":"2023-02-04T20:00:30","date_gmt":"2023-02-04T20:00:30","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/cyberimpact1\/?page_id=133"},"modified":"2025-08-10T02:32:05","modified_gmt":"2025-08-10T02:32:05","slug":"it-cyse-200t-2-2-2","status":"publish","type":"page","link":"https:\/\/sites.wp.odu.edu\/capa003\/it-cyse-200t-2-2-2\/","title":{"rendered":"IT\/CYSE 200T"},"content":{"rendered":"

Cybersecurity, Technology, and Society<\/h1>\n
\n
\n
\n
\n

Course Material<\/strong><\/h1>\n

Write-Up Assignments<\/span><\/strong><\/div>\n
<\/div>\n
The CIA Triad<\/span><\/strong>
In this paper, I will research the \u201cCIA Triad\u201d and what it means in the field of<\/span>
Information Technology. The goal is to be able to understand and explain each term and how it<\/span>
plays a role in cybersecurity. While doing this, I will also become familiar with the difference<\/span>
between authentication and authorization.<\/span>
What is the CIA Triad<\/span>
In the context of information technology, the term CIA stands for Confidentiality,<\/span>
Integrity and Availability (Chai, 1). The function of the CIA Trias is to create a foundation for IT<\/span>
agencies to successfully protect a company’s systems. The term Confidentiality in the Triad is the<\/span>
action of keeping things private from outside sources (Chai, 1). This prevents the system from<\/span>
being a victim of attacks. The term Integrity in the Triad is the action of effectively keeping<\/span>
the information in your systems between internal sources (Chai, 1). This assures that company<\/span>
workers are trustworthy and reliable. The term Availability in the Triad is to ensure internal<\/span>
sources of your company have access to information systems (Chai, 2). This can include making<\/span>
sure the hardware and software of your systems are intact and working properly.<\/span><\/div>\n

Authentication vs. Authorization<\/span><\/strong><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n
\n
\n
\n
\n
Authentication is the process of making sure the individual who is trying to access<\/span>
sensitive information is who they claim to be (Weatherston, 2). Some types of authentication are<\/span>
Single Factor Authentication, 2-Factor Authentication, and Multi-Factor Authentication<\/span>
(Weatherston, 5). They all have the same purpose of verifying that the user is who they are.<\/span>
However, the difference is in the amount of security that goes into it. Single Factor<\/span>
Authentication is the least secure, and Multi-Factor Authentication is the most secure. An<\/span>
example of Authentication is the fingerprint you use to unlock your mobile device.<\/span>
Authorization is the process of making sure you are certified to access the information or<\/span>
technology (Weatherston, 22). In the company, there are tiers of positions and roles that are<\/span>
assigned a certain amount of information. Some positions are meant to know more than others,<\/span>
which is why Authorization is used to make sure internal sources are only able to have<\/span>
access to the information they are supposed to have access to. While Authentication is more<\/span>
hardware-based, Authorization is mostly software-based. For example, after an individual<\/span>
verifies themselves with Authentication, usually the same system has implemented Authorization<\/span>
to look over the individual\u2019s credentials to ensure that they are qualified enough to access<\/span>
information (Weatherston, 26).<\/span><\/div>\n

References<\/span><\/strong>
Chai, W. (2022, June 28).<\/span> What is the CIA Triad? Definition, Explanation, Examples.<\/span>
TechTarget. <\/span>https:\/\/www.techtarget.com\/whatis\/definition\/Confidentiality-integrity-and-availability-C<\/span>
IA<\/span><\/div>\n

Weatherston, G. (2022, September 29).<\/span> Authentication vs Authorization \u2013 What’s the Difference?<\/span>
FreeCodeCamp. <\/span>https:\/\/www.freecodecamp.org\/news\/whats-the-difference-between-authentication-and-au<\/span>thorisation\/<\/span><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n
\n
\n
\n
\n
\n
<\/div>\n<\/div>\n<\/div>\n<\/div>\n
<\/div>\n<\/div>\n<\/div>\n

The Human Factor in Cybersecurity<\/b><\/p>\n

If my company had financial issues with supporting my cyber team, I would use the following tactics to properly allocate my resources and money while also supporting my team. First, I would need to conduct a thorough analysis of my organization\u2019s current cybersecurity posture to determine which areas need the most attention. By evaluating the current state of cybersecurity in my organization, I can determine if my employees have good integrity and are reliable, and see if investing in training programs may be more beneficial than purchasing new equipment, technology, etc.\u00a0<\/span><\/p>\n

It is also important to identify the more significant threats to my organization. If my company deals with a lot of sensitive information, threatening this could cause corruption in my company. Therefore, if my company deals with data, I prioritize my funds on data encryption technology.\u00a0 These training programs will help employees stay relevant to the latest cybersecurity practices.<\/span><\/p>\n

If I am the CISO of a big company, it is important to look into long-term benefits and impacts. I would focus my funds solely on technology. It is important to provide good-quality training programs for my employees. This could even be more cost-efficient than investing in better technology. And as a CISO, allocating costs and funds and saving as much money takes top priority.<\/span><\/p>\n

SCADA System\u00a0<\/b><\/p>\n

Critical infrastructures can often fall victim to virus attacks. Depending on the form of critical infrastructure, the breach of the information can cause some serious economic damage and even cost someone\u2019s life. Some of the vulnerabilities that are associated with Critical infrastructures are virus infections, as mentioned before, vulnerabilities to cyber-terrorism and attacks, and unauthorized access to the software used for these critical infrastructures.\u00a0<\/span><\/p>\n

SCADA can help improve critical infrastructures by making sure its systems are secured and well-managed. The systems of critical infrastructures are often not made to protect themselves from vulnerabilities because the designs are outdated most of the time. By implementing some form of encryption or authentication, SCADA can provide a better security system for these infrastructures.<\/span><\/p>\n

These implementations can also help people who seek to breach critical infrastructures to perform some kind of cyber-terrorism attack. The authentication that would be required to access the controls of these critical infrastructures will mitigate the risk of hackers and cyber-terrorists<\/span><\/p>\n

In conclusion, SCADA provides critical infrastructures with the necessary rearrangements in security measures that could prevent the breach of information that controls their functions.<\/span><\/p>\n

Bibliography\u00a0<\/b><\/p>\n

DPS Telecom. “How SCADA Systems Work: An Overview of SCADA Technology and Security.” DPSTele.com https:\/\/www.dpstele.com\/scada\/how-systems-work.php\u00a0<\/span><\/p>\n

Infosec Institute. \u201cSCADA Security of Critical Infrastructures.\u201d Infosec Resources, Infosec Institute, 16 July 2021, https:\/\/resources.infosecinstitute.com\/topic\/scada-security-of-critical-infrastructures\/\u00a0<\/span><\/p>\n

“SCADA Systems \u2013 Everything you wanted to know about SCADA Systems.” SCADA Systems, n.d., http:\/\/www.scadasystems.net\/ <\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Cybersecurity, Technology, and Society Course Material Write-Up Assignments The CIA TriadIn this paper, I will research the \u201cCIA Triad\u201d and what it means in the field ofInformation Technology. The goal is to be able to understand and explain each term… Continue Reading →<\/a><\/p>\n","protected":false},"author":21404,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":"","wds_primary_avhec_catgroup":0},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/capa003\/wp-json\/wp\/v2\/pages\/133"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/capa003\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/capa003\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/capa003\/wp-json\/wp\/v2\/users\/21404"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/capa003\/wp-json\/wp\/v2\/comments?post=133"}],"version-history":[{"count":4,"href":"https:\/\/sites.wp.odu.edu\/capa003\/wp-json\/wp\/v2\/pages\/133\/revisions"}],"predecessor-version":[{"id":402,"href":"https:\/\/sites.wp.odu.edu\/capa003\/wp-json\/wp\/v2\/pages\/133\/revisions\/402"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/capa003\/wp-json\/wp\/v2\/media?parent=133"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}