IT/CYSE 200T

Cybersecurity, Technology, and Society

Students in IT/CYSE 200T will explore how technology is related to cybersecurity from an interdisciplinary orientation.  Attention is given to the way that technologically-driven cybersecurity issues are connected to cultural, political, legal, ethical, and business domains. The learning outcomes for this course are as follows:

  1. Describe how cyber technology creates opportunities for criminal behavior,
  2. Identify how cultural beliefs interact with technology to impact cybersecurity strategies,
  3. Understand and describe how the components, mechanisms, and functions of cyber systems produce security concerns,
  4. Discuss the impact that cyber technology has on individuals’ experiences with crime and victimization,
  5. Understand and describe ethical dilemmas, both intended and unintended, that cybersecurity efforts, produce for individuals, nations, societies, and the environment,
  6. Describe the costs and benefits of producing secure cyber technologies,
  7. Understand and describe the global nature of cybersecurity and the way that cybersecurity efforts have produced and inhibited global changes,
  8. Describe the role of cybersecurity in defining definitions of appropriate an inappropriate behavior,
  9. Describe how cybersecurity produces ideas of progress and modernism.

Course Material

Students in this course have completed a number of activities including an reflection essay, weekly technology and cybersecurity journal,  and several quizzes and exams. Please include some of these artifacts on this page, particularly the reflection essay, explaining what you did and how these projects helped you engage with the outcomes listed above.

These are some assignments completed in this course

Assignment 1.

Bring Your Own Application (BYOA) Policy


Purpose:
This Bring Your Own Application (BYOA) Policy aims to safeguard TechSolutions Inc.’s
information security by regulating the use of employee-installed applications on corporate
devices or within the corporate network. As employees bring third-party applications into
the workspace to increase productivity, these applications can present significant security
risks if not managed properly. This policy ensures the secure use of such applications
while maintaining business efficiency.


Scope:
This policy applies to all employees, contractors, and temporary workers at TechSolutions
Inc. who access company networks, data, or systems, using personal or corporate
devices.


Policy:
1. Application Approval Process:
• All third-party applications must be reviewed and approved by the IT
department before they can be installed or used within TechSolutions Inc.’s
network.
• Employees must submit a request for application use through the corporate
service desk, detailing the purpose and functionality of the application.
• Unapproved or unsanctioned applications are strictly prohibited from being
installed on company devices or used to access company data.


2. Security Evaluation:
• The IT security team will conduct a risk assessment of any new applications
requested to ensure they do not pose significant vulnerabilities or data
security threats.
• Applications must comply with company security standards, including
encryption, data privacy, and network access controls.


3. Data Handling & Compliance:
• Applications that store, process, or transmit company data must ensure
compliance with data protection regulations (e.g., GDPR, CCPA).

• Applications must provide the capability to restrict and audit data sharing
between employees and external parties.


4. Application Updates:
• Approved applications must be regularly updated to the latest version to
prevent security vulnerabilities.
• Employees will be responsible for ensuring applications are patched in line
with the company’s security update schedule.


5. Revocation of Access:
• The IT department reserves the right to revoke access to or disable any third-
party application that poses a security risk or no longer meets the company’s
security requirements.
• Failure to adhere to this policy will result in the immediate removal of the
offending application and may result in disciplinary action.


6. Incident Reporting:
• If an employee suspects that a third-party application has led to a data
breach or security incident, they must immediately report it to the Incident
Response Team.
• The IT department will initiate an investigation and take appropriate steps to
contain and mitigate any risks.


Enforcement:
Violations of this policy will be subject to disciplinary actions, up to and including
termination of employment. TechSolutions Inc. reserves the right to monitor, audit, and
remove any applications that conflict with organizational security policies.


Effective Date:
This policy is effective as of 09/26/2024 and is subject to periodic review.


Policy Owner:
Chief Information Security Officer (CISO)
TechSolutions Inc.

Assignment 2.

SCADA systems write-up

SCADA systems, which stands for Supervisory Control and Data Acquisition, are super
important for running things like water treatment plants, gas pipelines, and power grids.
Basically, these systems allow operators to monitor and control all the different parts that
make up essential infrastructure, which keeps things working smoothly in our everyday
lives. But with all the benefits come some real risks. As SCADA systems have become
more connected to networks, they’ve become more vulnerable to cyberattacks. If a hacker
gained access to a SCADA system, they could mess with crucial services, like electricity or
water, which could cause serious problems for a lot of people.


A lot of these security issues come from the fact that many SCADA systems were designed
a while ago, before cybersecurity was as big of a priority as it is now. Some of these older
systems use outdated, proprietary communication protocols that don’t have strong
security, which makes them easier targets for hackers. There’s also a common
misconception that SCADA systems are safe just because they’re separate from the
internet. But the reality is, there are plenty of ways that attackers could still gain access,
especially through local network connections or weak points in the system.
Despite these risks, SCADA systems actually play a huge role in reducing threats by
allowing operators to keep an eye on everything in one central place. These systems gather
data from all over from sensors and other monitoring devices called Remote Terminal
Units (RTUs) and Programmable Logic Controllers (PLCs) and store it in databases that
operators can check on through what’s called the Human-Machine Interface (HMI).
Through the HMI, operators can view real-time information about the system’s status and
receive alerts if anything goes wrong. For instance, if a pump isn’t working right, the SCADA
system will notify the operator so they can fix it quickly. This setup helps operators catch
problems early before they get out of control.


To make sure SCADA systems are protected, many include backup components, so the
system can keep running even if one part fails. For example, if a main server goes offline, a
backup can automatically take over, allowing operators to keep monitoring important
processes without any downtime. Modern SCADA systems also use communication
protocols like IEC 61850 and DNP3, which are standardized to improve security and make
it easier for SCADA systems to work with other equipment. By moving away from older,
proprietary protocols to these standardized ones, SCADA systems are generally more
secure and compatible.


Even with these protections, there are still some challenges. Older protocols like Modbus
RTU don’t come with built-in security features, so operators have to be extra careful with
things like passwords and network configurations. Because SCADA systems today are
more connected through wide-area networks (WAN) and use protocols like TCP/IP, it’s easier for attackers to find weak points if the system isn’t carefully secured. This is why
using firewalls and VPNs is really important. Insider threats are also a risk since anyone
with access to SCADA controls could accidentally or intentionally cause disruptions.
In the end, SCADA systems are incredibly important for keeping critical infrastructure safe
and functional. They give operators the ability to control things remotely, monitor
processes in real-time, and get alerts when something isn’t right. Even though there are
vulnerabilities, SCADA systems can be highly secure if they’re kept up-to-date and
properly managed. As cyber threats continue to evolve, it’s essential that SCADA systems
are protected to avoid any disruptions to the critical services we all rely on.

Assignment 3.

The human factor in cybersecurity write-up

If I were the Chief Information Security Officer (CISO) and had to work with a limited budget to protect the company from cyber threats, I’d need to find a smart balance between training employees and investing in cybersecurity technology. First, I’d spend around 40% of the budget on training and awareness programs. This is because human error is one of the biggest reasons for data breaches, like when people fall for phishing scams or don’t follow security rules. If employees are trained to spot threats and know how to react, it could prevent a lot of problems before they even start. Plus, ongoing training would help build a culture where everyone is more careful and aware of security risks.

Next, I’d allocate about 50% of the budget to upgrading and maintaining strong cybersecurity technology. This would include things like firewalls, endpoint security software, and tools that use AI to help detect and respond to threats faster. Advanced tech can block attacks that employees might not notice, like malware or zero-day vulnerabilities. It’s important to have tools that can protect the company on all fronts, especially if there are gaps in human oversight.

Finally, I’d use the last 10% for incident response and monitoring. This would help make sure that if a breach does happen, the company can act quickly to reduce the damage. Having a plan for responding to incidents and possibly using managed security services would be a smart way to extend our response capabilities without needing to hire a lot of extra staff.

Overall, balancing these areas is important. Training helps prevent mistakes by teaching employees what to watch out for, while technology steps in to handle the more complex attacks. Together, this strategy would protect the company as much as possible with the resources available, making sure both people and tech play their parts in keeping us safe from cyber threats.