Designing the Public Sphere: Information Technologies and the Politics of Mediation- April 22, 2024
In his writing, Verbeek gives us an overview of all the advances in technology and how these are drastically changing our lives and giving space to phenomena like augmented reality (AR). The widespread use of new ICT (information and communication technologies) is demanding new regulations. Even things like hospital beds are technology-driven, transforming any place into a smart setting. According to Verbeek, individuals must shape themselves according to new technologies so that they can mediate with them, interact with them, and foster a good relationship. In fact, a North American philosopher called Don Ihde suggests that individuals can take different shapes that contribute to the formation of a serene environment where humans and technology walk hand-in-hand. Moreover, instead of investigating the impact technology has on humanity and society, we should investigate how technologies mediate human actions. Additionally, markets, businesses, and groups should be regulated differently. As a matter of fact, companies should not only accept these new technologies, but they should also find ways to understand how these ICTs mediate human interactions. Companies should be able to understand how technologies influence humans and society and implement technologies that have a positive impact on society. In short, Verbeek defines technology as a “negotiator” able to impact human behavior as well as political aspects. I personally believe that what Verbeek says in his writing is correct. Considering the moral aspects of technology is pivotal. Nowadays, separating technology from social and moral principles is difficult. For this reason, these aspects shouldn’t be considered independently.
The “Short-Arm” of Predictive Knwoledge- April 15, 2024
In my opinion, Hans Jonas’s Tech and Responsibility Reflections article was quite interesting because it addresses more philosophically driven topics like nature, our relationship with it, and technology, as well as the effects it has on our lives. Firstly, what do we mean by “short arm of predictive knowledge”? When we refer to the short arm of predictive knowledge, we are referring to the restrictions that might come to light when trying to predict the end result of something. This, when it comes to the cyber world, is very common because, with the advances in technology and its rapid progression, being able to predict something correctly is challenging. Fortunately or unfortunately, depending on how we choose to view it, technology has always been a step ahead of us. That said, however, despite the short arm of predictive knowledge, we can still try to identify potential risks and trends. By doing this, we can try to forecast problems and choose the correct methods to overcome them. As a result, in order to approach the development of cyber policies and infrastructure, I would prioritize cybersecurity measures, invest in training, and conduct regular policy updates. This way, we can stay up-to-date, or try to, with the advances in technology and avoid threats and potential risks. Also, when talking about the short arm of predictive knowledge, frameworks like the NIST framework can come in very handy. The NIST Framework, also known as the National Institute of Standards and Technology, is a set of guidelines that are able to mitigate cybersecurity risks. On top of that, this framework would work really well because it would allow constant improvement when it comes to risk management and flexibility. In short, predicting something in this technologically driven world isn’t very easy. However, we can still try to avoid certain threats by using different methods that can contribute to the avoidance of risks.
Workplace Deviance- April 1, 2024
Workplace deviance refers to all those poor actions carried out by employees of a corporation that have a major impact on the image and reputation of the company. Cyber technology hasn’t helped safeguard an organization. In fact, it has done the exact opposite. Cyber technology has given employees the possibility to act unlawfully by giving them a chance to steal sensitive information and spread it everywhere in a matter of seconds. Some workplace deviance include inappropriate use of business assets, violations of privacy, and the circulation of rumors. Also, many employees, especially the ones who have bigger roles and have more permissions or who are simply more informed due to their high position inside a company, can access various sensitive information, and therefore, they can compromise the data. In addition, according to the article “White-Collar Cybercrime: White-Collar Crime, Cybercrime, or Both?” there is a big difference between white-collar crime and cybercrime. White-collar crime is a term that refers to all those non-violent crimes committed by employees from inside an organization and includes acts of corruption, insider trading, and fraud. Cybercrime, on the other hand, refers to all those crimes that occur with the involvement of computers, such as hacking, phishing, data breaches, etc. To conclude, both cybercrime and white-collar crime are very serious matters and should be treated as such, especially nowadays with cyber technology. The continuous growth of cyber technologies is allowing workplace deviance, making crimes like theft, violations of norms, and deliberate damage to keep on occurring. I think that organizations should act as soon as possible by applying more strict policies and having better control over staff.
Ethical Considerations of CRISPR Gene Editing- February 26, 2024
The readings we’ve covered this week talk about the BioCybersecurity field. The multidisciplinary team at the University of Washington made a new discovery. It is possible to hack a computer and infect it using DNA strands. Lee Organick, Peter Ney and Karl Koscher took a biomolecule called deoxyribonucleic acid, commonly known as DNA, and modified it with a program used to infect software. Their aim was to find a way to contaminate a computer by coming up with a series of zeros and ones (a code that looks at the files made of binary codes that examine the conformation of a software) capable of jeopardizing software. Once they were able to find the series of zeros and ones, they translated it into a biomolecule (DNA). What they did was swap the nitrogeous bases, such as adenine, thymine, chytosine and guanine, and give each of them numbers. In fact, A would be 00, T would be 11, C would be 01, and G would be 10. As a result, the DNA is converted to 00011011, and when this series of numbers is introduced into the system, they take full control of a computer.
The question now is quite obvious. How can we protect our DNA from Cybercriminals? Although the use of DNA could be a great tool for the development in the medical and scientifical world and help find new cures, it is also a great tool to help hackers violate and attack computers. Therefore, in this day and age, DNA is very powerful because it is not only used in the medical world but in the cyber one too. From my point of view, it is completely insane to think that something so cardinal for our lives can be used for other purposes, like the cyber world. Moreover, from an ethical point of view, I don’t really find it’s purpose to be very correct. It seems as if today we have fewer and fewer personal and sensitive information to ourselves. How can we know if our DNA is being used? Who is giving consent to use it? Where are the boundaries between what should actually be ethically correct, and most of all, where is the confidentiality? Something important, like DNA, shouldn’t be used for things like cybercrime. That being said, however, the concept is completely different if we talk about the medical world. If it can help scientists and doctors combat new cures, then so be it.
Protecting Availability- February 12, 2024
CISO, stands for: Chief Information Security Officer. In fact, the main role of a CISO is to manage risks and to ensure the security of information and technological systems of a company. Therefore, the responsibilities a Security Officer has are fundamental for a company.
Personally, if I were a CISO for a publicly traded company, I would use many security systems. Firstly, before implementing online security systems, I would make sure that the building itself has physical security. That can be achieved by implementing alarm systems, cameras and good door systems (only people with access can enter). On top of that, I would also secure the perimeter of the building with security guards and more cameras and I would offer all employees specific trainings so that they’ll know how to act in different situations. In addition, after having implemented “physical” security, I would immediately implement cybersecurity programs such as: The CIA Triad, Firewall systems, data encryption and two-factor authentification.
Once I have implemented both the Cyber and Physical security of the company, I can safetly say that availability is protected because thanks to all these cyber and physical security systems, I have the possibility to have everything under control.
Cyber security systems like the CIA Triad for example, help CISO’s to protect all the information of the company from data breaches. Firewalls like the word itself suggests, act like a wall against cyber attacks and it protects the computer from malicious traffic by filitering all types of networks. Data encryption is another very important step because it allows you to turn confidential information into many different codes and symbols. With encyrption, the information that once could have been read by anyone, now needs to be read by someone who has a specific access to unencyrpt the information. Then we have two-factor authentification. The two-factor authentification, helps ensure a better security because it requires two different identification processes before you have access to something.
In addition, the Physical security systems are very important because they act as an armour against all those external risks. The alarm and camera systems are essential because they immediately inform you if something wrong is happening and thanks to the cameras, everything remains visible so that authorities can identify the people responisble. Although the job of a security guard is underestimated, it shouldn’t be. In worst case scenarios, the cameras, alarm and door systems might not work properly whilst security guards can always be ready to act if necessary.
The NIST Cybersecurity Framework- January 22, 2024
According to the NIST Cybersecurity Framework article, there are many benefits a company can gain by using this Framework.
The NIST or National Institute of Standards and Technology was developed in 2014 and since then, many companies are implementing it in order to avoid the risk of cyberattacks.
The framework, in order to improve the security of a company and therefore avoid cybercrime has five different functions that need to be followed.
The first function is Identifying. This helps organizations to have a clearer idea about which processes need to be protected.
The second function is Protecting. Protection, is fundamental to keep an organization safe.
The third function is detecting. With this function, we are able to detect a potential cyberattack beforehand and keep it from happening.
The fourth function is Responding. Once we’ve identified the attack, we need to respond by limiting the damage and informing everyone that has to do with the company about the problem.
Lastly, the fifth and last function is Recovering. This function has the task to restore any capabilities or services that were impaired due to a cybersecurity event. The aim of this last function is to avoid the attack from happening again.
Basically, the NIST framework has many benefits because it is a tool that helps any business, big or small to protect against any potential threats. That being said, the goal the framework wants to achieve is to improve the cybersecurity efforts and develop a common language for understanding, describing and managing cybersecurity risks. By doing that, it makes everything ten times easier for a company and the employees to defend themselves and reduce the risks an organization can come across.
In my opinion, everyone should use the framework because it is a very helpful tool. At my future workplace, I will definitely use the framework to protect myself and the company because nowadays, potential risks are an everyday occurrence and the NIST framework is the key to ensuring safety.
Going on a Job Hunt- January 15, 2024
Although all of the cybersecurity jobs listed seem very interesting, two of them intrigued me particularly.
1) Artificial Intelligence Security Specialist- use AI to combat cybercrime.
An artificial Intelligence Security Specialist, like the title says, combats cybercrime using AI.
First of all, in order to become an AI Specialist you need to have a lot of critical thinking skills, control, experience when analyzing data, be able to come up with new AI Systems and improving them. In short, a specialist needs to have the capacity of being constantly innovative.
That being said, how can cybercrime be tackled?
A specialist needs to come up with systems that are capable of “impersonating” human intelligence and be able to protect all types of technological information and data from all of the possible threats. Lastly, to be considered an expert in this field you have to: analyze threats, create security systems and constantly monitor the web to prevent cybercrimes.
2) Cryptographer- develop systems to encrypt sensitive information.
A cryptographers job is to defend a piece of information and to make sure that all the details and things about a specific document are safe and can only be seen/ understood by a determined person.
How can a cryptographer do that? To achieve that, a cryptographer needs to be very familiar with all the maths problems and formulas and needs to be capable of solving and writing codes. The word Cryptography itself is self explanatory. In fact, Crypto comes from “Kryptos” which in Greek means Hidden and graphy, comes from the Latin “Graphic” which means writing. As a matter of fact, ‘Hidden Writing’ is the main focus of in Cryptography. The goal a Cryptographer wants to reach is to hide information using specific codes and therefore, make the data he wants to hide full of symbols. This, in the eyes of someone trying to hack the system becomes meaningless.
Here are some of the sites I relied on: