Discussion Board: The NIST Cybersecurity Framework
There are multiple benefits organizations can gain from using the NIST cybersecurity framework, the first one would be risk management. Within the framework, the risk of any cyber risk is accounted for and ways to prevent this is labeled within the 5 core functions which address dynamic risk. this can benefit organizations because they are aware of the level of risk and how to prevent it. Next, would how it can hold the organizations accountable, as within the framework under the categories and subcategories it will show the members of the organization activities they can do to fulfill the desired outcome in terms of each category and how to accomplish it, this forces workers to have a goal of online safety and protecting of there information which could result in less cyber attacks or loss of information within an organization.
I would use this in my future workplace as a way to prevent as many cyber attacks on the organization as possible. As the readings covered the tiers of the framework, I would implement the fourth tier known as adaptive. This includes an integrated risk management policy and external participation which would include constantly informing the community within the organization on how to prevent risk. I feel this would limit the amount of cyber attacks on the company which would be a massive benefit
DISCUSSION BOARD: Protecting Availability
If I was the CISO for a publicly traded company some protections I would implement to ensure the availability of my systems would be 2fa alongside backups. First I would use 2FA systems as they provide another way of protection for my employee’s accounts. An example of this can be seen within our school ODU, as every time you sign into the system you will get a notification from your device alongside the option to allow access into the system this means hackers would need more than just your password they would also need access to another device which could get hard to get, I would use this as it could mean less hacks alongside another layer of security. therefore allowing our systems to be available more. Next, I would use backups of our systems to allow the availability of systems. as if due to natural disasters such as hurricanes or tornadoes could lead to a loss of data and, therefore, less availability, this is why I would make sure we have backups as if a natural disaster were to hit, we would have backups of data lessening the time of our systems being down and more avaibility.
Opportunities for Workplace Deviance
workplace deviance can be defined as deliberate harm to an organization, cyber technology has made it easier to achieve due to either intentionally or unintentionally leaking information through incompetence or being hacked or falling for scams. this is easier as technology improves and creates more ways for information to be leaked on purpose or not but also allows for more ways to prevent this