Cyber technology has created opportunities for workplace deviance by allowing ways for outside sources to access information. In this event, a person in a company could potentially shut down any type of lockdown security in hopes of not being tracked, but this then leads to the tampering of data or information leak to a hacker or an outside independent. Additionally, those that work in the cyber technology field can use their skills that they have been taught and can cause security breaches to occur. This does not always happen, but there is always this possibility.

Cybersecurity through the human view is a type of behavioral science. Cybersecurity is helpful in discovering “new risks and vulnerabilities by looking at the wider ecosystem of issues beyond data and technology” (Skilton 1). Cybersecurity falls under behavioral science because it focuses not just on the new risks and vulnerabilities, but additionally how we perceive them. Our perception of things may lead us to misleading information that might be the actual threat. In the reading, I learned that out of the nine areas in the psycho-technological matrix of cybersecurity threats, there are only three not involving human psychology. Moreover, human psychology is a big tool used in cyber attacks by cybercriminals. In a different article, Jeff Capone discusses the impact of human behavior on security. He read an advertisement that said, “Security starts with people.” His blog had four specific topics: 1) The world is too dangerous, 2) Manual methods can’t keep up, 3) Too much sharing is hard to manage, 4) Some data breaches are intentional. It is quite unpredictable to know when the next security breach will occur. In the event that secure data should be passed on accident, this causes problems when working in an office space using a cloud. As opposed to the other source, Capone is saying that as humans we often choose to take the easy way out, we cut corners, but all in all, we also make mistakes. But on the subject of cybersecurity, we cannot choose to cut corners or take the easy way out, because we are working to maintain and protect confidential information. If I were to realize that my company has a limited budget, I would choose to spend more money on training than on additional technology. I say this because we must train our employees so that they do not make unethical decisions or mistakes. Additional technology would be a nice plus, but may not be needed.

The CIA triad which is confidentiality, integrity, and availability were made in hopes of making guidelines for information security for organizations. Firstly, there is confidentiality, it is quite important because it only gives access to users and processes to access and even modify and data or information. Secondly is integrity, this is when data is maintained and no one can modify this information, whether it be by accident or in a malicious way. Lastly, availability, this stage is when authorized users are able to gain access to the data whenever necessary. It has been discovered that there was no single person that created the triad. It solely just became to be from an article of wisdom. The concept was established in the year 1988 by Donn Parker. A quick example in today’s world of cybersecurity of the CIA triad being put to use would be iCloud. This is an example of the triad because of the following reasons. Confidentiality, only authorized users (those logged into their specific iCloud account) are able to log in. Integrity, this cloud platform ensures the safety and protection of data uploaded to the cloud. And availability, this platform is made available to its users at any time of the day.

As a CISO (Chief Information Security Officer), my job is to ensure security across the board of my organization. One of my most important duties needed for the job is to set up protections and to create a well working security system. This would be best used for the organization’s network and other devices used in our office(s). The main focuses of the job are developing security systems, maintaining these security systems, and overseeing/overlooking any potential breaches in security. In doing so, I am making sure that the organization is at its best and not susceptible to any types of malware attacks. From my perspective, always having someone that is able to respond to malware attacks/incidents, the security of the organization is always able to be kept safe.