Write-Ups
The Human Factor in Cybersecurity- April 22, 2024
In this write-up, we will introduce the meaning of CISO, its responsibilities, and how I, as a CISO, would balance the tradeoff of training and additional cybersecurity technologies. Taking measures such as employee training and implementing other technologies is a tremendously efficient way to assure the security of a company.
CISO
The Chief Information Security Officer (CISO) of a company has a very crucial role. In fact, the role of a CISO is to supervise an organization and ensure the security of all its data and information. Furthermore, just like in the ‘What is a CISO?’ article, the chief information security officer performs the role of executing, enforcing, and elaborating security policies. As a result, he can guarantee the protection of a company’s entire system.
What are the responsibilities of a Chief Information Security Officer?
As the ‘Understanding CISO Roles and Responsibilities: A Complete Guide? article says, a CISO has many responsibilities, and his role could be considered pivotal for the organization’s outcome. Without a CISO, a company would be dishoriented and would lose all its power since it would be considered easily attackable and vulnerable. Among the many responsibilities, a chief information security officer needs to be capable of directing and handling the security team of an organization, making vital business-related decisions, taking precautions against any form of cyber attack, and finally being able to communicate efficiently with the different divisions of a company. By doing so, all the eventual risks for a company can be reduced.
What would a CISO’s priorities with a limited budget be?
As stated in the ‘How CISOs Prioritize Cybersecurity Spend’ article, the estimated costs of cybersecurity breaches are unduly expensive. Therefore, CISOs need to be extremely careful when analyzing the potential risks and problems so that they can allocate their limited funds in a useful and functional way. Personally, as the CISO of an organization with limited funds, I would give prominence to employee training as well as investing in new cybersecurity technologies. A great method suggested by the CSO article to give prominence to the last mentioned is the FAIR (Factor Analysis of Information Risk) method. This framework allows the translation of cybersecurity events, such as risks, into fiscal terms, making it easier for chief information officers to prioritize risks and wisely choose the correct allocation of funds. Additionally, as a chief information security officer, I would invest in cybersecurity technologies by implementing all types of firewalls, data encryption methods, and monitoring systems that would allow me to promptly detect problems and resolve them. Also, I would carry out employee training courses. With these training courses, employees can learn many different skills, avoiding unvoluntary mistakes. In short, I would spend my limited funds on cyber technologies, monitoring incidents, and employee training. I am confident in the fact that all these measures can greatly contribute to promoting stable and vulnerable-free organization.
Conclusion
Finally, the role of a chief information security officer is indispensable for the success, the protection, and of the confidentiality, integrity, and availability of an organization.
SCADA Systems- March 25, 2024
In this article we discuss about the SCADA System, how its term came to light, what it consists of, what its vulnerabilities are, and how they can be diminished. The SCADA System is an excellent method because it allows industries to work in a quicker and easier way whilst ensuring problem resolution.
When did the term SCADA come to light?
According to the article “SCADA: Supervisory Control and Data Acquisition,” the term SCADA was first introduced in the 20th century because there was the necessity to control machinery so that workers wouldn’t have to control the equipment manually. For this reason, many manufacturing plants started using timers. By doing this, there was the possibility to control and supervise infrastructure processes without the need to dispatch staff members on-site and control the devices. With time, people realized that the idea of using timers was working very well, but these timers weren’t very accurate. Thus, there was a need to have a more well-planned and effective system. In fact, from the 1950s onwards, computers were used for industrial control purposes. Telemetry, a type of technology that allows to transmit and measure data from remote sources, which then gets analyzed to monitor and control a system, laid its foundations; and finally, in the 1970s, the SCADA System was introduced. This was of great help because it allowed the control of industrial processes.
What is SCADA?
In accordance with the ‘SCADA System’ article, the term SCADA is an acronym that stands for ‘Supervisory Control and Data Acquisition’. This system is an accumulation of software and hardware programs that are designed to control infrastructure processes, industrial processes, and facility-based processes. The controlling actions are made possible thanks to the RTUs, or Remote Terminal Units, and by a program called Programmable Logic Controllers (PLCs).
As a matter of fact, this program allows to control plants in a remote and local way, giving birth to control automated processes. The SCADA System is able to collect data, examine it, and process it in real time. When microprocessors like the Remote Terminal Units and Programmable Logic Controllers interact with the HMI (Human Machine Interface), and once the data is posted from processors to SCADA Systems, the human operators are able to take control. The HMI provides members of an industry with graphic information, and with a diagram, the personnel is able to view a representation of the plant in question. If the system has analyzed any problems, the operator can act remotely. In short, with this system, industries can control and monitor processes by recording, analyzing, and collecting data. This system is attached to sensors that monitor things like pumps, motors, and valves
(actuators). Then, the data can be reviewed, and based on the types of alarms given by the system, the human operator can decide whether to take decisions or not, and if yes, what actions can be taken. Because of its efficiency, many gas, oil, and water treatement industries utilize the SCADA System.
Vulnerabilities and how can they be diminished?
Despite being one of the most efficient control systems, SCADA could make some improvements. Most of the vulnerabilities are due to the lack of physical security, out-of-date devices, fleeble passwords, and weak authentication methods. However, the biggest problems are the consequences of the absence of security control protocols that allow unauthorized people to access and control everything. Another problem is due to unauthorized people or viruses that make changes and affect the entire system. The ‘SCADA System’article suggests that industries can overcome these vulnerabilities and avoid risks by implementing VPNs (Virtual Private Network) and firewalls. In addition, based on the ‘One Flaw Too Many: Vulnerabilities in SCADA Systems’ article, industries as well as using VPN and firewalls, should also implement strict policies for connecting devices to SCADA Systems, prevent the use of unknown and untrusted devices, and use endpoint protection.
Conclusion
Lastly, SCADA Systems are pivotal for monitoring and controlling industrial processes remotely and in real time. Nevertheless, significantly important actions must be taken in order to maintain an efficient, cyberattack-free system and in provide a strong and hermetic structure, which should be the top priority for an industry.
The CIA Triad- February 5, 2024
In this write-up, we talk about the CIA Triad, what it is, when it was created, what it stands for and the important role it has. The CIA Triad, is the key to keeping all organizations and clients safe from all the potential attacks of a system.
What is the CIA Triad?
According to the Chai article, the CIA Triad also known as the AIC, so there are no mis-understandings with the Central Intelligence Agency, is a model designed to protect all the information from data breaches and therefore, it is fundamental in order to keep all organizations safe.
What is stands for
The CIA Triad, is an abbreviation of Confidentiality, Integrity and Availability. With
confidentiality, it is intended that all data and personal information are kept private or
confidential. For example, a bank needs to take several different reforms to make sure that certain data doesn’t reach people or even employees that aren’t authorized. To do that, it is crucial that employees working in fields such as finance, are given specific roles inside the organization. Some employees, depending on their specialization, should be allowed to have access to confidential data others however, must be denied access. As a result, even though this doesn’t ensure 100% safety, it helps to decrease the amount of “damage” that can occur to organizations but also to clients of the organization at issue. Basically, it prevents unauthorized personnel and cybercriminals from accessing data. Integrity. With integrity, all data must be accurate, consistant and trustworthy during it’s longevity. To fulfill this step, it is essential to carry out periodic backups in the system. Updating data so that it keeps up with everything. Another thing which is also really important, is making sure that even though some documents can be read, they can’t be edited. Although it may seem basic, it is actually a huge step since thanks to this, we are able to keep data integrity. Lastly, Availability. Availability is another major step. With this step, we are able to
confidentiality, it is intended that all data and personal information are kept private or
confidential. For example, a bank needs to take several different reforms to make sure that certain data doesn’t reach people or even employees that aren’t authorized. To do that, it is crucial that employees working in fields such as finance, are given specific roles inside the organization. Some employees, depending on their specialization, should be allowed to have access to confidential data others however, must be denied access. As a result, even though this doesn’t ensure 100% safety, it helps to decrease the amount of “damage” that can occur to organizations but also to clients of the organization at issue. Basically, it prevents unauthorized personnel and cybercriminals from accessing data. Integrity. With integrity, all data must be accurate, consistant and trustworthy during it’s longevity. To fulfill this step, it is essential to carry out periodic backups in the system. Updating data so that it keeps up with everything. Another thing which is also really important, is making sure that even though some documents can be read, they can’t be edited. Although it may seem basic, it is actually a huge step since thanks to this, we are able to keep data integrity. Lastly, Availability. Availability is another major step. With this step, we are able to
understand whether data is available or accessible to all the authorized staff. To accomplish the availability of data, like the Chai article states, there needs to be a porper maintenence of all the technical infrastructures and systems which keep data and display it.
Who created it?
According to the CSO article, the CIA Triad doesn’t have a single creator. Ben Miller, who is a Vice President at Cybersecurity firm Dragos, thinks that confidentiality, one of the three concepts of the CIA Triad was made official in a US Air Force study in 1976. Followed by the other concept of the Triad, Integrity, which was layed out in a paper in 1987. This paper talked about the importance of having to focus on data accuracy. Availability, the last component, was mentioned in 1988 when the Morris Worm named after the creator (Robert Tappan Morris), infected many
computers with a very strong virus, becoming one of the first malaware in history to have caused such a wide diffusion in making computers inoperable. The Triad, was established in 1998. In addition, Donn Parker, a researcher for the security of information and fellow of the Association for Computing Machinery, in one of his books titled: ‘Fighting Computer Crime’, suggested to extend the Confidentiality, Intergity and Availability Triad into six. In his model made up of six components, he added on top of Confidentiality and Availability, Posession or Control, Authenticity and Utility.
computers with a very strong virus, becoming one of the first malaware in history to have caused such a wide diffusion in making computers inoperable. The Triad, was established in 1998. In addition, Donn Parker, a researcher for the security of information and fellow of the Association for Computing Machinery, in one of his books titled: ‘Fighting Computer Crime’, suggested to extend the Confidentiality, Intergity and Availability Triad into six. In his model made up of six components, he added on top of Confidentiality and Availability, Posession or Control, Authenticity and Utility.
Today
According to another article (Splunk article), specialists in the cyber field think that the CIA Triad won’t stop all the security problems whilst others say that the Triad needs to have more components. On the contrary, Walter Haydock, a professional staff member for the House Committee on Homeland Security who was also a Marine Corps Ground Intelligence Officer, disagrrees. Reagrdless of the never-ending progression in technologyand threats, the CIA Triad still shows it’s effectiveness.
Conclusion
To conclude, the CIA Triad is a great model designed to protect personal information of clients and organizations and is to this day, very efficent.