Roe v. Wade

Roe v. Wade was a Supreme Court Case filed by Norma McCorvey, a Texas resident. Roe v. Wade, a Supreme Court decision that provided support for women’s constitutional right to choose abortion, stands as a significant moment in the ongoing struggle for reproductive rights, challenging societal norms and reshaping the legal framework surrounding women’s rights. Before Roe v. Wade, women had no right to decide what to do with their bodies. Many women performed unsafe abortions which cost their lives. The Roe decision led to increased reproductive and health rights for women. 

There were many different abortion laws before the passing of Roe v. Wade. For the most part, states did not allow abortion before the case. In 1847, Doctors established the American Medical Association (AMA). The organization was composed of mostly male doctors who lacked reproductive health knowledge. They advocated against abortion and believed that doctors should have the power to decide whether or not to perform abortions on women. By 1910, Abortion was banned nationwide by states. They had some exceptions like saving a patient’s life. However, most of the doctors were men who were against abortion and did not have enough knowledge about the female reproductive system. However, in the 1930s, many women were given unsafe, illegal abortions, accounting for 2,700 deaths of women in 1930. Almost 18% of these deaths were shown to be maternal deaths (Planned Parenthood). 

The case began when a pregnant woman, Norma Corvey, known as “Jane Roe,” challenged the constitutionality of Texas abortion laws. Norma Corvey, an unmarried and pregnant woman living in Dallas County, Texas, went to a licensed physician to perform an abortion. Because her life did not seem “threatened” by the pregnancy, it was illegal for her to get an abortion in the state of Texas. Sbe began fighting for her reproductive rights. In Roe v. Wade, the argument revolved around a woman’s right to privacy to their bodies as protected under the Constitution. The argument was that the state laws violated her right of personal privacy: First, Fourth, Fifth, Ninth, and Fourteenth Amendments. The Fourteenth Amendment prohibits the federal government from taking someone’s right to​​ “life, liberty, or property, without due process of law” regardless of their race, gender, and religion, and the Fifth Amendment protects people’s privacy rights. The court concluded that Article 1196 was unconstitutional; they struck down the Texas abortion laws. The U.S. Reports for Roe v. Wade states, “Our conclusion that Art. 1196 is unconstitutional means, of course, that the Texas abortion statutes, as a unit, must fall.” However, the justices gave the state the right to place restrictions on abortion, giving the states the right to prohibit abortion, except if a life is in danger. In the dissenting opinion of Roe v. Wade, Justice Byron White and Justice William Rehnquist, expressed problems regarding the majority’s interpretation of the Constitution and the legal reasoning behind the decision. Rehnquist argued that the Fourteenth Amendment protects rights outside the Bill of Rights, but only “deprivation without due process of law.” He states that the Fourteenth Amendment should not take states’ powers away from making legislation regarding certain topics such as abortion, as the Fourteenth Amendment did not mention anything about the topic. He believed that the protection of privacy referred to search and seizures without a warrant.

After Roe v. Wade was passed, the fight for women’s reproductive rights did not stop. Many other laws and court cases happened. One court case was Planned Parenthood v. Danforth (1976). It was decided that there should be no law that requires women to have consent for abortion, which made it easier for women. Before the decision, women had to have consent from their husbands to have an abortion. The path taken to Roe v. Wade was not an easy one. Many deaths occurred because of the illegality of abortions. States created laws to make abortion illegal, making many women angry for taking away their rights to choose what to do with their bodies. 

Jane Roe (Norma McCorvey) was not legally allowed to have an abortion due to Texas state laws. The case was brought to the Supreme Court and the majority opinion was that Texas abortion laws were unconstitutional under the Fourteenth Amendment’s Equal Protection Clause and Privacy Rights. The Equal Protection Clause states that states are not allowed to deny anyone their civil rights, and abortion laws are discriminatory to women. Norma McCorvey, and Jane Roe, turned pro-life after fighting for the rights of women around the country. What was interesting is that she believed people suffer more when getting an abortion (U.S. Senate Committee on the Judiciary, 2005). Although Roe v. Wade was recently overturned by Dobbs v. Jackson Women’s Health Organization, it helped shape public discourse and activism for women’s rights. It gives women today the motivation to continue fighting for their reproductive rights. Some states protect women’s abortion rights with their state constitutions. After Roe v. Wade was overturned, many states restricted or banned abortion, taking away women’s rights after years of protection. 

The easiest part of the research process was finding secondary sources, and the hardest part was understanding the primary sources because they were official court documents. The skills I learned from this project were writing organization, making a presentation, learning how to obtain research information, and public speaking. The outline and brainstorming helped me organize my writing assignment and made the presentation process easier. Learning how to make an organized and proper presentation is helpful in my future career.  These skills will help me with public speaking and presenting in the future. I was successful in the project, and I was thankful for the sources I was given.

Cybersecurity Budget

In this excerpt, the cybersecurity budget will balance employee training and technology investments. 

Introduction

The goal of a Chief Information Security Officer is to mitigate cybersecurity risks without exceeding the limited budget. Balancing employee training and technology investments requires judgment on which field needs the most money. As technology enhances the workplace, cybersecurity must also be the top priority, as unauthorized users may try to access data. Training employees and investing in cybersecurity are both important parts of mitigating risks in the workplace. 

Cybersecurity Technology

Investments in cybersecurity technology should be 60% of the budget. As important as training is, it will only do something if the system has updated cybersecurity infrastructure. Investing in advanced threat detection tools can help identify and approach threats faster. Multifactor authentication is also beneficial for the security of the company. It ensures that data is kept secure and no unauthorized personnel is able to access it. Antivirus softwares are also needed as it secures endpoints from threats. Most American companies use antivirus to protect themselves from threats. Firewalls should be implemented in systems to control the traffic that goes in and out of the network; it protects the system from potential threats. Additionally, data loss prevention tools should be implemented to ensure Integrity. Data should be backed up in case any loss occurs (Gurinaviciute, 2023). Cybersecurity technology should always be up-to-date to ensure hackers do not find vulnerabilities in the system.

Employee Training

Employee training is also important as it teaches employees how to mitigate risks in their own hands; 40% of the budget should go towards training their workers. According to Sweeney, “The 2023 Thales Global Security Study of nearly 3,000 companies – found that at 55%, human error is still the leading cause of data breaches…” With the proper training and awareness, data breaches can decrease in the workplace. Security awareness training should be implemented every few months for everyone to attend. Every employee should recognize phishing emails, social engineering, and suspicious links. Cyber attacks are constantly evolving; phishing emails get smarter each time. It is easy for employees to make mistakes and let hackers into the system. Employees should be aware and ready for any cyber threats that they encounter; they are the first line of defense when it comes to certain risks. Additionally, individuals must be aware of cyber threats, so they can report the issue to the IT department. The quicker it is reported, the faster they can solve the problem. Response time is important when it comes to breaches. Lastly, employees should create strong passwords to reduce the risks of unauthorized access. Weak passwords make it easy for hackers to enter the system. It is also important to set up multi-factor authentication. 

Conclusion

Figuring out where the budget goes to protect the company from cyber threats is a hard decision. The company should put 60% of the budget towards advancing cybersecurity technologies. Investing in cybersecurity technology allows the company to prevent, detect, and respond to any potential threats. Technology can fight off any threats without human intervention. However, human error is the leading cause of threats. As important as advanced technology is, the company should invest 40% of the budget towards training and educating employees about cyberthreats. Cyber threats are less likely to happen if employees are educated of the risks. Fighting against cyber threats will not only need advanced cybersecurity technology, but also the employees’ awareness of these potential threats. 

References

Gurinaviciute, J. (2023, August 1). Council Post: Cybersecurity Investment Trends In The U.S. Forbes. Retrieved November 17, 2024, from https://www.forbes.com/councils/forbestechcouncil/2023/08/01/cybersecurity-investment-trends-in-the-us/

Sweeney, A. (n.d.). Human Error Cybersecurity Risks & Tips. ReadyWorks. Retrieved November 17, 2024, from https://www.readyworks.com/blog/the-cybersecurity-risks-caused-by-human-error-and-how-to-avoid-them

SCADA Systems

This entry will describe how a Supervisory Control and Data Acquisition system works. I will explain the different components of the system, the generations of SCADA systems, and their advantages and disadvantages.


Introduction
SCADA stands for Supervisory Control and Data Acquisition, a system that controls different processes such as infrastructure, facility-based, or industrial processes. It collects and runs data from the sensors at a remote location to a central computer that manages and controls the data. SCADA is used in water management systems, mass transit systems, electric power, and many other technologies that people use daily. These are complex systems stationed in various sites that can be miles away from each other. Remote Terminal Units and Programmable Logic Controllers connect the systems; these are called field devices. On the other hand, Human Machine Interface (HMI) have the same purpose; however, they are controlled by operators. Human operators can view the data collected in the form of a graph then they can control the machines based on the information. It shows real-time data which workers decide quickly on the controls. The SCADA system is mostly technology-controlled, but human operators are still needed to ensure the smoothness of the system.


Components of a SCADA System
Most of the control functions are conducted in remote terminal units or by programmable logic controllers. They physically control the equipment such as the water flow; they are responsible for opening or closing valves or turning a switch on and off. RTUs and PLCs are connected to the field devices that collect data from sensors and send them to the SCADA system. A ‘supervisory station’ is the software that is in charge of sending data to the Human Machine Interface. Once the HMI receives the data, they examine reports to see any problems with the system. Data is usually easy to understand, so they can respond swiftly to any problems encountered in the system. HMIs can either be cloud-based or have their own servers.


Generations of the SCADA Systems
SCADA Systems are growing, meaning they must be updated to adapt to new technology and improve their operation. The first SCADA System was monolithic. The systems were not interconnected with each other; there was no network connection. The Wide Area Networks were created to help the connection with the RTU. There was little to no security in the systems at the time, but as the demand for SCADA systems increased, vendors were forced to improve their system.
The second generation of SCADA was distributed. Local area network (LAN) technology was introduced in the system. The data between different stations was shared at the same time it was being collected. The cost and size of the stations became smaller; however, it came with more security issues for the SCADA systems. At this time, consumers were not aware of any security risks.
The newest SCADA system uses networking to communicate between the system and the master station. They introduced Internet Protocol to connect the entirety of the system through the Internet. With the internet being involved, the protocols can be accessed and risks increase. Security measures must be applied to ensure the safety of the system from any hackers.


Security Risks
Since SCADA systems are huge remote controls for important physical processes, they must always be secured and protected from harm. They are potential big targets of cyberterrorism/cyberwarfare attacks. Companies must be aware of the vulnerabilities of a system this big. The two major threats are unauthorized access and packet access to the network. According to Infosec, “The researchers revealed that 449 vulnerabilities were disclosed affecting ICS products from 59 vendors during 2H 2020.” Hackers can find their way into systems through vulnerabilities or weaknesses. These can potentially lead to data breaches and viruses. Unauthorized access to the software can affect the entire system and have large consequences. Secondly, there is little to no security on the packer control protocol. Users assume they are safe from unauthorized access because of their VPN; however, network switches and jacks can override the security of the software. These risks must be looked at to ensure the safety of their systems


To mitigate these risks, organizations can apply firewalls and intrusion detection systems. They should regularly assess and patch any vulnerabilities found in their systems. Additionally, SCADA vendors are beginning to develop specialized industrial VPNs and firewalls to increase the safety of SCADA systems. Security risks will always come with technology, but with enough protection, they can be fought against.

Advantages of SCADA Systems
Though SCADA Systems come with many risks and vulnerabilities, there are advantages to look at. SCADA Systems are known for collecting data instantaneously. Data visualization tools allow users to see information that meets their requirements. These tools include charts and graphs showing data, making it easy for users to analyze the data, and increasing response time to any risks or disruptions. Users are quickly notified of any red flags in their system. Additionally, SCADA systems collect immense amounts of data. They can store mass amounts of data to analyze trends and patterns, helping to improve the systems (Roberts, 2024). Putting aside the risks and vulnerabilities, SCADA systems help the country’s infrastructure run smoother and more efficiently.

References
(n.d.). SCADA Systems – SCADA Systems. Retrieved November 4, 2024, from https://www.scadasystems.net/
Paganini, P. (2021). Understanding ICS/SCADA Threats: Protecting Critical Infrastructure. Infosec. Retrieved November 3, 2024, from https://www.infosecinstitute.com/resources/scada-ics-security/ics-scada-threats-and-threat-actors/
Roberts, S. (2024, February 21). Advantages and Disadvantages Of Scada: Explained. The Knowledge Academy. Retrieved November 4, 2024, from https://www.theknowledgeacademy.com/blog/advantages-and-disadvantages-of-scada/

Placement for Cybersecurity in an Organization

This memo will argue, for reasons described below, that the cybersecurity department should fall under the Information Technology department. 

Finance Department

Though it could protect the Finance department from potential breaches, there might be a better placement for the cybersecurity program. Other than protecting against breaches, the cybersecurity program would not have much purpose in being under finance. Additionally, the department may need to gain the technical knowledge to handle the program. The main purpose of the Finance department is to regulate the company’s budget which does not align with the purpose of the cybersecurity program. 

Operations

The Operations department focuses on the well-being and efficiency of the company.  Operations is also prominent to other departments such as the supply chain and HR, which could use the help of a cybersecurity program. However, the program being under Operation might take away from the department’s focus on managing the structure of businesses. The department also may not have experience in working with cybersecurity which could cause future problems. The collaboration between the two departments would not be as strong because of Operation’s lack of cybersecurity and technological skills.

Reporting to the CEO

The idea of the cybersecurity program reporting to the CEO is not terrible. On one hand, reporting to the CEO would make communication between departments quicker. They could quickly apply security measures throughout the other departments. Working directly with the CEO also will help make the company more proactive with problems in the digital world. However, with the cybersecurity program reporting directly to the CEO, they would have less communication and connection with the other technical departments such as IT. For a cybersecurity program to work efficiently, it must collaborate well with the different departments and the resources needed to guarantee the effectiveness of the security. 

Information Technology

The best department for the cybersecurity program to fall into would be the Information Technology department. With the two teams working together, they could easily complete tasks to ensure the company’s protection against threats. They both have advanced technological skills and use the same resources. Additionally, instead of using money on new technology, the company can use the money to improve the cybersecurity program and buy more advanced security technology. The company would also have a choice of lowering the budget for the program. The IT department is usually informed of cybersecurity attacks; if the cybersecurity program works with IT, it will easily communicate and respond to threats quicker. 

However, people could argue that they have two different objectives in the cyber world. IT focuses on making sure the company’s technology is running smoothly and responding to problems quickly while cybersecurity focuses on improving the system’s security. IT tends to work quickly and smoothly; security protocols may slow the IT department down with security updates and patches. On the other hand, the two different departments can balance the workload while also enhancing each other’s abilities. Disruptions, such as security updates, may be scheduled and other departments can be warned ahead of time.

Conclusion

Out of the four departments discussed, Information Technology would be the best department for the cybersecurity program to work with. They are knowledgeable in the same field, helping the connection and teamwork between departments. IT and cybersecurity will work together to battle security and overall technological issues to ensure the company runs smoothly. 

CIA Triad: Confidentiality, Integrity, and Availability

This journal entry will explain the fundamental principles of the CIA Triad, diving into the different components and their purpose.
Introduction
The CIA Triad, often confused with the Central Intelligence Agency (CIA), is an organization’s base model of information security. It revolves around three principal components: Confidentiality, Integrity, and Availability.
Confidentiality
Confidentiality secures private information and is only accessible to authorized persons—the public needs to trust businesses with their information. Secured data is classified depending on the importance of the information and how much harm it would cause for the information to be breached. An aspect of confidentiality is using strong passwords. The more complicated the password is, the harder it is for unauthorized individuals to gain access to information (Hashemi-Pour, 2023). A vulnerability to confidentiality is phishing attacks; hackers send emails to deceive individuals into giving out sensitive information about themselves. Confidentiality makes it certain that only authorized individuals are allowed access their data.
Integrity
Integrity ensures that information stays accurate and consistent throughout the time it is in the organization’s hands. When data is moved, steps are taken to guard against unauthorized individuals. An SQL injection (SQLi) is a common vulnerability crucial to integrity; it allows the attacker to possibly delete and change data (University of Tulsa, 2024). Integrity, however, has its vulnerabilities such as malware and ransomware that could change or delete the user’s data. For the entire lifetime of the data, it should be secured and restricted from being changed or deleted (University of Tulsa, 2024).
Availability
Availability refers to the accessibility of information for authorized parties. The hardware must be properly maintained, and the systems must always be running. It ensures that the hardware and systems that store the sensitive information are properly managed. Some availability vulnerabilities include software bugs or misconfigurations, ransomware, or hardware failures (University of Tulsa, 2024). Glitches in the software could cause systems to be down, affecting the data availability to authorized users. Though this is not a human-caused problem, the cybersecurity or IT team would have to quickly find a solution to fix the bug. It is important to keep systems updated to prevent glitches. Additionally, damages to the servers can restrict users from accessing data. Natural disasters such as floods and fires could have an impact on the infrastructure; it must ensure that backup copies are stored to avoid data loss (Hashemi-Pour, 2023). Availability ensures that authorized users are able to access information whenever they please.
Authentication vs. Authorization
Authentication asks whether individuals are who they claim to be, while authorization asks what they are allowed to access. Authentication verifies the user’s identity, confirming that the individual trying to access the data is who they log in to be. Two-factor authentication is one way to authenticate the user attempting to access the data. Some sites send out text messages with codes to ensure the phone number in the system match. Authorization either grants or denies access to authenticated individuals. Once a user is authenticated, it must determine what they are allowed to access in the system. Authorization gives the user access and permission to certain parts of the system.
Conclusion
The CIA Triad guides information security through the three principles: Confidentiality, Integrity, and Availability. Confidentiality ensures that personal data is only accessed by authorized individuals. Integrity protects private data from unauthorized changes or deletion. Lastly, Availability makes sure that the information is easily accessed when needed by authorized individuals.