Students in\u00a0IT\/CYSE 200T\u00a0will explore how technology is related to cybersecurity from an interdisciplinary orientation.\u00a0 Attention is given to the way that technologically-driven cybersecurity issues are connected to cultural, political, legal, ethical, and business domains. The learning outcomes for this course are as follows:<\/p>\n
Gabriel Jacobson<\/p>\n
CIA Triad Beyond the CIA triad, there are two very important but distinct security processes. One of them is Authentication. This is different from authorization because this verifies the identity of a user or system before allowing access. This is commonly done through passwords but more modernly, biometrics or multi-factor authentication. The second process is Authorization which determines what a person who was authenticated is allowed to do. Authorization pushes permissions, which makes the users who were permitted only use what they are allowed to use. A great example to tell the difference between the two if you had a bank\u2019s online system requires a customer to log in with a username and password, this is a form of authentication. Once you log in, the system allows the customer to view their account balance but restricts them Overall, Understanding these concepts help organizations implement robust security SCADA<\/strong><\/p>\n BLUF:<\/strong>\u00a0SCADA helps manage infrastructure but also brings along risks that can be mitigated to The Human Factor in Cybersecurity<\/strong><\/p>\n BLUF:<\/strong>\u00a0Balancing employee training, cybersecurity tools, and regular security The last of the 10%-20% of the budget should go towards security audits and incident CITES: Cybersecurity, Technology, and Society Students in\u00a0IT\/CYSE 200T\u00a0will explore how technology is related to cybersecurity from an interdisciplinary orientation.\u00a0 Attention is given to the way that technologically-driven cybersecurity issues are connected to cultural, political, legal, ethical, and business domains. The learning outcomes for this course are as follows: Describe how cyber technology creates opportunities for criminal… <\/p>\n
\n<\/strong>In cybersecurity, the CIA Triad represents 3 major principles of information security are
\nConfidentiality, Integrity, and Availability (Chai, 2022). For starters, confidentiality ensures that any kind of information is accessible only to people who are authorized. This works through encryption, access controls, and authentication tools. Also, Integrity just guarantees that data remains untouched by people without access and is still accurate. Techniques like hashing, digital signatures and more help maintain the data\u2019s integrity (Chai, 2022). Lastly, in the CIA, availability helps ensure that information and systems are accessible when actually needed. This involves disaster recovery planning, redundancy, and protection against cyber threats, particularly DDoS attacks, and in total prevents downtime (Chai 2022).<\/p>\n
\nfrom accessing administrative settings, and this is authorization.<\/p>\n
\nmeasures to protect data and maintain efficiency.
\nCITES:
\nChai, W. (2022, June 28). What is the CIA Triad? Definition, Explanation, Examples. TechTarget.
\nhttps:\/\/www.techtarget.com\/whatis\/definition\/Confidentiality-integrity-and-availability-CIA<\/p>\n
\nsecure systems security.
\nVulnerabilities in Critical Infrastructure and how SCADA helps reduce risks
\n<\/strong>There are Critical infrastructure, such as power grids, water treatment plants, and oil pipelines,
\nrelies on SCADA systems for efficient operation. SCADA stands for Supervisory control and
\ndata acquisition. So, as these systems become more connected to IT networks, they face more
\nrisks.
\nThe Vulnerabilities
\n<\/strong>SCADA systems used to be isolate but newer versions use standard protocols like
\nTCP\/IP and ethernet, making them more vulnerable to cyberattacks. Older systems
\nwere actually safer because they had closed environments. One risk is unauthorized
\naccess because with weak authentication methods and an open network it makes it
\neasier for it to be accessed by penetrators. An example I learned is the attack on
\nUkraine power grid that caused blackouts. Another concern is malware, SCADA
\nsystems have been targeted with malware before which makes that a concern.
\nHow SCADA helps reduce risks
\n<\/strong>SCADA systems has built in security measures to help protect infrastructure. Using
\nmulti-factor authentication and role-based access control prevents unauthorized user from accessing any important systems. Another important measure is encrypted
\ncommunications. Modern SCADA protocols use encryption to secure data. The
\ndetection and prevention systems they use also help monitor the network in real time
\ndetecting and blocking potential cyber threats, and to ensure continuous operation,
\nSCADA systems even use backup and redundancy measures. So if one server fails,
\nbackup servers and other mechanisms are put into action so that there would be no
\ndowntime.
\nConclusion
\n<\/strong>The SCADA systems play a vital role in managing infrastructure but also has a few
\nissues like anything else. Though, there can be strong security measures much like
\nencryption, authentication measures, and real time monitoring, helps protect these
\nsystems. The SCADA article really highlights the need for modern security strategies,
\nwhile cybersecurity experts emphasize the importance of constant improvements.
\nSecuring all these systems is essential for maintaining safe and reliable foundation.
\nCITES:
\nSCADA Systems Article from scadasystems.net Zetter, K. (2016). Countdown to Zero Day: Stuxnet and the Launch of the World\u2019s First<\/p>\n
\nchecks is the best way to protect an organization from cyber threats without breaking
\nthe budget.
\nInvesting in Employee Training
\n<\/strong>With a limited budget, I would try to balance the spending between employee
\ntraining and cybersecurity technology to try to increase security protection and keeping
\ncosts under control. Human error is always going to be existing and is a major cause of
\ncyber threats, moving about 40% of the budget to security awareness training.
\nEducating employees on things like phishing, password management, and safe
\npractices will reduce the probability of having any breaches. Regular training sessions
\nand real world scenarios will help make these issues more recognizable and avoid most
\nthreats.
\nUpgrading the Technology
\n<\/strong>At the same time, there should be roughly another 40%-50% of the budget going toward
\nstrengthening cybersecurity tech, including firewalls, endpoint protection and automated
\nthreat detection. Implement things like multi-factor authentication and a zero-trust
\nsecurity policy would limit unauthorized access and add that extra layer of protection.<\/p>\n
\nresponse planning to actively identify vulnerabilities and ensure a quick, effective
\nresponse to threats and attacks. (Smith & Johnson, 2023)
\nConclusion
\n<\/strong>By combining these techniques like training, advanced tools, and regular assessments,
\nthe organization can definitely reduce risks while staying in budget. A layered approach
\nensures both human and technical vulnerabilities are addressed and handled which will
\ncreate a more secure environment. Investing wisely in these areas helps prevent costly
\nbreaches and keeps regular business operations running smoothly.<\/p>\n
\n<\/strong>Smith, Adam, and Robert Johnson. \u201cMaximizing Security with Technology: Best
\nPractices for CIOs.\u201d Information Security Review, vol. 18, no. 2, 2023
\nMiller, John. \u201cCybersecurity Awareness Training: A Critical Defense Against Human
\nError.\u201d CyberSecurity Journal, vol. 15, no. 3, 2022<\/p>\n","protected":false},"excerpt":{"rendered":"