Cybersecurity, Technology, and Society
Students in IT/CYSE 200T will explore how technology is related to cybersecurity from an interdisciplinary orientation. Attention is given to the way that technologically-driven cybersecurity issues are connected to cultural, political, legal, ethical, and business domains. The learning outcomes for this course are as follows:
- Describe how cyber technology creates opportunities for criminal behavior,
- Identify how cultural beliefs interact with technology to impact cybersecurity strategies,
- Understand and describe how the components, mechanisms, and functions of cyber systems produce security concerns,
- Discuss the impact that cyber technology has on individuals’ experiences with crime and victimization,
- Understand and describe ethical dilemmas, both intended and unintended, that cybersecurity efforts, produce for individuals, nations, societies, and the environment,
- Describe the costs and benefits of producing secure cyber technologies,
- Understand and describe the global nature of cybersecurity and the way that cybersecurity efforts have produced and inhibited global changes,
- Describe the role of cybersecurity in defining definitions of appropriate an inappropriate behavior,
- Describe how cybersecurity produces ideas of progress and modernism.
Course Material
The Human Factor – Training vs Technology
Introduction
In the ever-growing world of technology and cybersecurity there are always going to be risks and threats you can’t avoid, even if a company tries to, it’s not cost-effective. With how companies and their….
A few discussion post from this a class…
How should we approach the development of cyber-policy and infrastructure given the “short arm” of predictive knowledge?
In the world of cyber-security it is very hard to predict future or potential risks around newer technology. That is why companies must approach they cyber-policy and infrastructure in a way that keeps in mind they cannot get rid of all risks and vulnerabilities within their companies. Trying to predict the future when it comes to risks, is like trying to solve a problem that is not it there, its costly and could potentially be of no value, so little to no cybersecurity budget should be used in the development of these protections, that should be part of research and developments budget. Companies must create a plan to identify and prioritize these risks. The NIST Framework is perfect for itemizing cybersecurity risks and threats and allows companies to prioritize where to allocate funds for the most dangerous risks and to work from there. This is also very relatable to cheating in video games, its hard to predict how people will bypass anti-cheat or break the game.
From your readings of pages 1 – 21 of the NIST Cybersecurity Framework, what benefit can organizations gain from using this framework, and how would you use it at your future workplace?
I think the most beneficial aspect of the NIST Framework is how it gives companies a straightforward plan for the security they want and need, through the Target and Current Profiles. Once the company chooses a target profile and the current profile is evaluated they are left with the gap analysis, which is essentially a to-do list for the company. This gives the company a goal and an idea of what they need to do. I would use this Framework to the fullest. One thing I really liked in this document is the communication aspect and having guidelines with the Target Profile for smoother and quicker communication within the company and with its stakeholders. An example from the framework shows this, If another company is doing business with another, and there are potential risks, company 1 could use its current profile to show their requirement and cybersecurity needs. Another system I would implement would be the Tiers system, for the simplicity of understanding the vulnerabilities and evaluating current responses to threats.