How do engineers make cyber networks safer?

System security engineers make cyber networks safer by upholding the security triad. The triad consist of confidentiality, integrity, and accessibility (CIA). Our systems and networks are becoming increasingly complex and integrated into our day to day. A cyberattack could very much cost a life and expensive financial losses, so it is important that our systems and people protecting those systems are trustworthy. According to the NIST the goal of system security engineering is to ensure that stakeholder protection needs, and security concerns associated with the system are properly identified and addressed in all systems engineering tasks throughout the system life cycle. This includes the protection of intellectual property in the form of data, information, methods, techniques, and technology that are used to create the system or that are incorporated into the system (p. 2). Systems go through a lifecycle from inception, modification, evolution, and retirement to protect stakeholders by staying as up to date as possible with evolving cyberthreats, even though security systems are ten years behind emerging threats. Securing networks requires a Multidisciplinary approach to address threats. Security engineering borrows perspectives from the discipline of business to determine how much money should be dedicated to engineering through cost benefit analysis. The budget is then used to protect stakeholder interest through purchasing software, hardware, and hiring engineers to decrease the likelihood of breach. Even at my job I can visibly see aspects of system security engineering from the signage posted advising accessing personal accounts results in termination. There have been a series of newsletter emails sent regarding security tips and policy reminders for cybersecurity awareness month. These would be examples of passive protection tools use to protect internal and external stakeholders. What I found most interesting about system security engineering is that it is a collective effort of tools and individuals to ensure stakeholder protection by focusing on problem, solution, and trustworthiness.