Introduction to Cybersecurity

This course provides an overview of the field of cybersecurity. It covers core cybersecurity topics including computer system architectures, critical infrastructures, cyber threats and vulnerabilities, cryptography, information assurance, network security, and risk assessment and management. Students are expected to become familiar with fundamental security concepts, technologies, and practices. This course provides a foundation for further study in cybersecurity.

The course objectives are:

• Identify and prioritize information assets;
• Identify and prioritize threats to information assets;
• Define an information security strategy and architecture;
• Plan for and respond to intruders in an information system;
• Describe legal and public relations implications of security and privacy issues; and
• Present a disaster recovery plan for recovery of information assets after an incident.

Course Material

Throughout this course, I gained a great understanding of Cybersecurity through readings, discussion boards, and write-ups. These components helped me understand critical cybersecurity concepts and allowed me to explore both the technical and human dimensions of cyber threats. However, there are three assignments in particular that stood out to me and will have an everlasting impact:  “Cyber Roles and Responsibilities” write-up, Hacking Humans Discussion, and the “Protecting Availability” scenario. 

The “Cyber Roles and Responsibilities” write-up helped me understand the different roles within the cybersecurity team, such as Security Analysts, CISOs, Information Security Architect, and many more. I learned how all the roles come together to work and protect digital assets. The role that stuck out to me the most was the Information Security Architect. I was fascinated by how this position integrates technical expertise with strategic planning to create safe network infrastructures, so I chose to focus my writing on that position to learn more about it. Below is my original write-up on  “Cyber Roles and Responsibilities”: 

• There are many important roles and responsibilities within the cybersecurity team, but for the sake of this assignment, I will focus on the Information Security Architect. The Information Security Architects consist of cybersecurity professionals who typically have a background in computer science or a related field and extensive knowledge of cybersecurity, network systems, and risk management. They work either in groups, organizations, or individually. When it comes to their responsibilities, they are responsible for ensuring the information security requirements necessary to protect the organization’s core missions and ensure that business processes are adequately addressed in all aspects of enterprise architecture. This includes reference models, segments, solution models, and the resulting systems supporting those missions and business processes. The information Security Architect’s role is essential to the cybersecurity team as they identify and eliminate potential threats by analyzing the security risk and developing defensive measures to prevent cyberattacks.  They also develop policies and procedures that protect sensitive information and ensure employees follow the best practices. Other responsibilities include designing firewalls, encryption methods, and secure networks to safeguard digital assets. Ensure the organization adheres to industry security standards such as ISO 27001, NIST, GDPR, and HIPAA. In addition, they also help contain the damage caused by cyber attacks, prevent them, and implement recovery solutions. Overall, the Information Security Architects team is crucial when it comes to protecting the organization’s data and IT infrastructure from cyber threats. Without them, the system’s confidentiality, integrity, and availability of information would be compromised, jeopardizing the entire system

For the “Hacking Humans” write-up, I was instructed to read the article “Hacking Humans: Protecting Our DNA From CyberCriminals” by Juliette Rizhallah and give my take on it. This article opened my eyes to the emerging risks associated with genetic data and how it is becoming a target for cybercriminals. I always thought of cybersecurity as something that strictly involved technology. It has never occurred to me that human DNA could become a cybersecurity vulnerability.  This assignment taught me that cybersecurity extends to personal, physical, and biological realms; therefore, cybersecurity must continue to adapt to protect against evolving threats.  Listed below is my original write-up assignment, “Hacking Humans.”

• The article, “Hacking Humans: Protecting Our DNA From CyberCriminals”, by Juliette Rizhallah has opened my eyes to the dangers of sharing DNA on the internet as it highlights the risks of digitizing DNA. DNA digitizing is when scientists take DNA’s four chemical sequences, Adenine, Thymine, Cytosine, and Guanine, and convert them into digital data, turning the code into a readable format for computers. This is typically done for medical research as it can help identify genetic disorders and develop personalized medicine. It is also used for other reasons such as forensics, conservation biology, ancestry, etc. As DNA testing and digitizing are becoming more popular, it’s important to know the risks. This includes identities being stolen by hackers and sold on the dark web to anyone with bad intentions. This can result in not only privacy invasion but also credit damage, financial loss, and even legal issues, as there are people who can use one’s DNA to frame a crime or conduct other heinous activities. Digitizing DNA is also irreversible. Once someone’s DNA has been hacked and stolen, it is out there for good and won’t be given back because, unlike social security, credit cards, or bank account numbers, one’s DNA is unchangeable. It cannot be changed or replaced.  As hackers’ tactics continue to evolve, the risk to genetic data increases; therefore, as consumers, we need to be aware of all it has to offer and understand that once it’s done, it’s stored and secure, which cannot be undone. Knowing this information can help others think twice about sharing their DNA online and prevent them from becoming victims of cybercriminal activity.  

The last assignment that I will mention is the discussion post “Protecting Vulnerability”. In this assignment, I had to pretend to be a CISO of a publicly traded company and develop a plan to protect and ensure the availability of the system. I thoroughly enjoyed this assignment as it allowed me to step into a leadership role and think critically about practical cybersecurity strategies. It has also helped me better understand the importance of availability and how it works. Listed below is my original write-up on “Protecting Vulnerability”.

• As a CISO for a publicly traded company, I would implement a multi-layered approach to ensure its availability, which would include cybersecurity defense, recovery planning, and redundancy. Having cybersecurity defenses such as zero-trust architecture, DDoS protection, and intrusion detection systems would protect the company from cyber threats that could jeopardize the system and the establishment. As for recovery planning, I would ensure that the company has regular system backups and disaster recovery testing, along with a well-defined incident response plan in place. This would allow the company to recover from unforeseen events like technical failure and cyber incidents. Finally, I would make sure that redundancy is incorporated into the system so that there are backup systems and components put in place to ensure that if one portion of the system fails, there would be minimal to no downtime, as other components of the system can take over.

As each of these assignments provided me with a deeper understanding of cybersecurity, they challenged me to think practically, strategically, and ethically. This shaped my ability to understand roles within the field, analyze threats, and use the skills I’ve learned in a real-life scenario. These skills will be beneficial in my future career as a crime scene investigator, as digital evidence is becoming more involved in criminal cases. By understanding how to protect data, identify cyber vulnerabilities, and acknowledge the human elements in cybersecurity, I will be able to handle investigations more carefully and comprehensively.