IT/CYSE 200T

Cybersecurity, Technology, and Society

Students in IT/CYSE 200T will explore how technology is related to cybersecurity from an interdisciplinary orientation.  Attention is given to the way that technologically-driven cybersecurity issues are connected to cultural, political, legal, ethical, and business domains. The learning outcomes for this course are as follows:

  1. Describe how cyber technology creates opportunities for criminal behavior.
  2. Identify how cultural beliefs interact with technology to impact cybersecurity strategies,
  3. Understand and describe how the components, mechanisms, and functions of cyber systems produce security concerns,
  4. Discuss the impact that cyber technology has on individuals’ experiences with crime and victimization.
  5. Understand and describe ethical dilemmas, both intended and unintended, that cybersecurity efforts produce for individuals, nations, societies, and the environment.
  6. Describe the costs and benefits of producing secure cyber technologies.
  7. Understand and describe the global nature of cybersecurity and the way that cybersecurity efforts have produced and inhibited global changes,
  8. Describe the role of cybersecurity in defining definitions of appropriate and inappropriate behavior.
  9. Describe how cybersecurity produces ideas of progress and modernism.

Course Material

The CIA Triad

Based on this Philosophical lens, the CIA triad will provide basic guidelines for developing responsible and ethical policies. The CIA Triad consists of three key components: Confidentiality, Integrity, and Availability. Confidentiality ensures the safeguard of information, integrity ensures the accuracy and legitimacy of information, and availability ensures that information systems can be accessed when needed. Together, these three components create the core framework of cybersecurity. The framework ensures data is private, accurate, and accessible only to authorized users (Chai, 2022). Understanding the difference between Authentication and Authorization helps control who gets into a system and what they are capable of once inside (Stallings & Brown, 2018). To further address concerns about the development of cybersecurity policies in the future. It is important that our company thoroughly addresses all three aspects of the triad, but I would pay specific attention to confidentiality. I suggest this because that section is the most commonly compromised in organizations. This leads to the next section, which will discuss necessary amendments and additions to our policies.

References

Chai, W. (2022, June 28). What is the CIA Triad? Definition, Explanation, Examples. TechTarget. https://www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA

Stallings, W., & Brown, L. (2018). Computer Security: Principles and Practice (4th ed.). Pearson.

 

The Storage of Data by BioTech Companies

Based on Article 1 & Article 2

The intersection of biology and technology raises several ethical concerns. Primarily, with how biological data could be used once stored digitally. It is important to consider what someone with malicious intent may be able to accomplish with said data, and how we can prevent breaches from occurring. Consumers should be aware of the risks of submitting precious personal data to companies like 23AndMe, which are responsible for DNA analysis. As well as being aware, consumers should also be urged to hold biotech companies liable for keeping this stored, sensitive data secure. Along with protecting the data from hackers, these companies should have full transparency about how they will use and share the data themselves.

 

Implementation of The NIST Framework

Based on pages 1-21 of The NIST Framework

The NIST Cybersecurity Framework can benefit organizations in many ways. To start, the framework outlines how to effectively manage risk and recover from cyber threats. The framework highlights the importance of using a common language that non-IT staff can understand and communicate with. On top of this, building a foundation of trust to strengthen vendor and customer confidence through showing commitment is another way non-IT staff can better understand the role and importance of cybersecurity in the workplace. If I were to implement the NIST framework in my workplace, I would first compare the company’s current cybersecurity policies against the framework to understand where we perform well and where we need some improvement. I would then communicate with the appropriate employees using the prior mentioned common language, discussing what needs to be done and why it is important. After our goals have been communicated and agreed upon, I would facilitate security improvements and monitor success rates to ensure we are moving towards a more secure workplace. To ensure employees take advantage of and trust the changes implemented, it is important to listen and respond to concerns, especially privacy-related ones.