Cybersecurity Technology & Society

Students will explore how technology is related to cybersecurity from an interdisciplinary orientation.  Attention is given to how technologically driven cybersecurity issues are connected to cultural, political, legal, ethical, and business domains.  

Specifically, we will explore how the disciplines of business, technology, criminal justice, sociology, psychology, and philosophy contribute to cybersecurity.

After completing this course, students will be able to… 

1. Describe how cyber technology creates opportunities for criminal behavior.
2. Identify how cultural beliefs interact with technology to impact cybersecurity strategies. 
3. Understand and describe how cyber systems’ components, mechanisms, and functions produce security concerns. 
4. Discuss cyber technology’s impact on individuals’ experiences with crime and victimization.  
5. Understand and describe both intended and unintended ethical dilemmas that cybersecurity efforts produce for individuals, nations, societies, and the environment. 
6. Describe the costs and benefits of producing secure cyber technologies. 
7. Understand and describe the global nature of cybersecurity and the way that cybersecurity efforts have produced and inhibited global changes. 
8. Describe the role of cybersecurity in defining appropriate and inappropriate behavior. 
9. Describe how cybersecurity produces ideas of progress and modernism. 

Course Readings 

Open Access materials will be used for the course.  The books include

• Floridi, L. (2015). The Onlife Manifesto: Being Human in a Hyperconnected Era. Springer-Verlag GmbH. https://link.springer.com/book/10.1007%2F978-3-319-04093-6.
• Van Ommeren, E., Borrett M., & Kuivenhoven, M. (2014). Staying Ahead in the Cyber Security Game. Sogeti. https://www.ict-books.com/topics/cyber-security-pdf-info.

 

Examples of Assignments From This Class

1.

Gael Cardoso

CYSE 200T

September 18, 2024 

Write-Up – SCADA Systems

Supervisory Control and Data Acquisition Systems, or SCADA Systems, play a crucial role in monitoring and controlling infrastructures such as power grids, water treatment facilities, and transportation networks that are the backbone of modern society. While these critical infrastructure systems are often taken for granted, they enable essential services that keep cities and nations running. However, these systems are surprisingly vulnerable and exposed to weaknesses that can have major consequences if exploited. This paper will explore the vulnerabilities in critical infrastructure systems and the mitigating role of SCADA applications.

 

Vulnerabilities in Critical Infrastructure Systems 

Vulnerabilities in critical infrastructure systems include physical and cyber threats, such as physical damages caused by natural disasters, equipment failures, human error, or intentional acts of sabotage. While physical threats have relatively remained the same, cyber threats and vulnerabilities have exponentially increased as connectivity and digitalization have grown over the years. A few examples are unauthorized access, old outdated systems, networks that are interconnected, and ineffective security measures. With the growth of technology, many infrastructure systems rely on physical security or network isolation to more easily control traffic flow and access. However, this is insufficient and can be easily exploited if not secured. As well as security protocols for outdated systems that lack modern security features make them easy targets for attackers. Alongside that, the shift towards commonly used standard networks such as TCP/IP and Ethernet doesn’t help the weaknesses in security as technologies are well-understood and commonly targeted by malicious attackers. 

 

The Role SCADA Applications Play In Mitigating These Risks

The role that SCADA systems play is vital to the operation of critical infrastructures by providing the ability to monitor and control these systems. A few components of mitigating risks are Human Machine Interface (HMI), supervisory stations, Remote Terminal Units (RTUs), and communication infrastructures. Human Machine Interface allows human operators to interact with the system, providing real-time data visualization and control capabilities by acting as an apparatus to give the operator the processed data to allow them to control processes. Supervisory stations refer to the collection of data from local stations, which is processed and then displayed to the operator and sent to the field devices to serve as the core communicator of SCADA systems. Remote Terminal Units (RTUs) refer to the devices that connect the sensors to the SCADA systems to collect the data used at the SCADA master station which controls the whole system. With all these roles that this system plays, like monitoring system performance and the conditions of the environment, SCADA applications help detect anomalies in the system early for the operators to take immediate corrective action. For example, if the pipeline’s pressure were to be maxed out or exceed its required amount, the SCADA system would trigger alarms and alert operators that there is a problem that needs to be taken care of now. This real-time monitoring and responsiveness is vital for not only preventing accidents but also hindering them if they do occur. 

 

Conclusion

While these Supervisory Control and Data Acquisition Systems play an important role in infrastructures such as power grids, water treatment facilities, and transportation networks, they are still prone to vulnerabilities, as all technology is. However, with such critical infrastructures that pose significant risks to public safety and national security, SCADA systems must continuously enhance their security measures as cyber threats evolve. But with technological advances and collaborative efforts from cybersecurity specialists all around the world, we can strengthen the defenses against ever-growing threats and keep the backbone of modern societies safe and secure. 

 

References:

SCADA Systems. (n.d.). Supervisory Control and Data Acquisition – SCADA. Retrieved from http://www.scadasystems.net

Cybersecurity and Infrastructure Security Agency. (n.d.). Critical Infrastructure Security. Retrieved from https://www.cisa.gov/critical-infrastructure-security 

 

2.

Gael Cardoso

CYSE 200T

September 18, 2024 

The CIA Triad

Confidentiality, integrity, and availability are the three pillars of information security. More commonly known as the CIA Triad; a framework of policies, regulations, and standards designed to find vulnerabilities and create solutions in organizations’ security systems. 

(What Is the CIA Triad and Why Is It Important? | Fortinet, n.d.)

These three ideas are crucial in protecting a business’s data, especially as the threat of cyber attacks grows every day as technology gets more advanced. 

 

Confidentiality ensures that information is accessible only to authorized users with permission. It protects against the obstructions of privacy and works to ensure private data stays secure. That means confidential or secret information must be controlled to prevent unwanted or unauthorized people from accessing the information. 

 

Integrity is the safeguarding of information from tampering to maintain the accuracy and reliability of the information. 

(What Is the CIA Triad and Why Is It Important? | Fortinet, n.d.)

If data was manipulated, tarnished, or deleted, the trustworthiness of that information would be compromised. That is why making sure the data is protected and secured is of the utmost importance. 

 

Availability is simply the timely and reliable access to information. Suppose the data was not available to the authorized personnel in the organization or the customers they serve. What would be the use of ensuring the data is kept confidential and the integrity is maintained?

(What Is the CIA Triad and Why Is It Important? | Fortinet, n.d.)

This means that the systems and networks must be constantly updated and checked for functionality to guarantee the usability of the information. 

 

Two more concepts that are closely related but often used interchangeably. Authorization is the process of granting a person access to privileged or secured information (Fruhlinger, n.d.). Determining who has the right to access the data, for example, giving a trusted individual permission to download a file on a secured server. Authentication is the verification that a person already has access or permission to hold or look at the secured information (Fruhlinger, n.d.). For example, a phone has face or thumbprint recognition to make sure only the owner has access to the private data. 

 

With technology advancing as fast as it is, information security professionals must continue to grow their expertise to combat the expanding and strengthening destructive malware and ransomware that threaten organizations. But as these malicious attacks become more intelligent so do the solutions. At the end of the day, the CIA Triad is just a framework to find vulnerabilities and create solutions. It is up to the information security personnel to continue to grow and adapt to new strategies, use more innovative techniques, and create a proactive approach to the security of information.

References 

What is the CIA Triad and Why is it important? | Fortinet. (n.d.). Fortinet. https://www.fortinet.com/resources/cyberglossary/cia-triad#:~:text=The%20three%20letters%20in%20%22CIA,and%20methods%20for%20creating%20solutions 

Fruhlinger, J. (n.d.). What is the CIA triad? A principled framework for defining infosec policies. CSO Online. https://www.csoonline.com/article/568917/the-cia-triad-definition-components-and-examples.html 

3.

Gael Cardoso

CYSE 200T

September 23, 2024 

AI Assignment: What to do with Cybersecurity??

AI will be used to figure out which location the new cybersecurity department should be located within the company. 

 

Input to ChatGPT:
I am an employee of a big technology company that deals with a lot of cybersecurity information. Due to the influx of information and data we are getting from our customers, we have to create a cyber security department to deal with the increase of data traffic to ensure all the data is protected meticulously. We are still determining where this new department should be located in the organization. Some say it should be under the information technology department, while others say it should be under Finance. Still others think it should be under Operations. There are even those who think it should report directly to the CEO. Create a 2 – 4 page analysis of the pros and cons of locating our new Cybersecurity department in these areas of the organization.  

 

ChatGPT Output: 

Analysis of Cybersecurity Department Location within the Organization

Introduction

As your technology company expands and receives an influx of cybersecurity-related data from customers, establishing a dedicated Cybersecurity department is essential. The location of this new department within the organizational structure can significantly impact its effectiveness, collaboration, and strategic alignment. This analysis explores the pros and cons of situating the Cybersecurity department under the Information Technology (IT) department, Finance, Operations, or reporting directly to the CEO.

1. Cybersecurity Under the Information Technology Department

Pros

• Expertise and Resources: The IT department possesses the necessary technical expertise and resources. Cybersecurity is inherently tied to IT infrastructure, making it logical for the two to collaborate closely.
• Integrated Strategies: A centralized approach can foster integrated strategies for system security, risk management, and incident response, as both teams can share information seamlessly.
• Established Frameworks: IT departments usually have established processes and frameworks for handling technology-related issues, which can be adapted for cybersecurity protocols.

Cons

• Potential Overlap: There may be an overlap in responsibilities that could lead to confusion about who handles specific tasks, diluting accountability.
• Underestimation of Importance: Cybersecurity might be seen as a subset of IT rather than a critical function, potentially leading to inadequate resource allocation and strategic focus.
• Reactive Approach: IT departments may prioritize operational efficiency over security, resulting in a reactive rather than proactive approach to cybersecurity threats.

2. Cybersecurity Under Finance

Pros

• Risk Management Focus: Placing Cybersecurity under Finance emphasizes the importance of risk management and compliance, especially concerning financial data protection and regulatory requirements.
• Resource Allocation: Finance can ensure appropriate budgeting and resource allocation for cybersecurity initiatives, helping to prioritize investments in security measures.
• Strategic Alignment: A financial perspective can help align cybersecurity strategies with broader business objectives, focusing on cost-benefit analyses and ROI.

Cons

• Lack of Technical Expertise: Finance teams may lack the technical expertise necessary to fully understand and address cybersecurity challenges, leading to ineffective oversight.
• Potential Isolation: Cybersecurity could become siloed from IT, hindering collaboration and information sharing, which are vital for timely threat response.
• Reactive Nature: Financial departments often adopt a conservative approach, which may delay necessary proactive measures to combat emerging threats.

3. Cybersecurity Under Operations

Pros

• Holistic Approach: Operations deals with the day-to-day running of the organization, which can benefit from integrating cybersecurity as part of overall operational risk management.
• Process Integration: Cybersecurity can be embedded in operational processes, ensuring that security measures are considered in every aspect of the organization’s functions.
• Cross-Department Collaboration: Operations often require collaboration across multiple departments, which can facilitate a more comprehensive approach to cybersecurity across the organization.

Cons

• Lack of Specialized Focus: Operations may prioritize efficiency over security, leading to insufficient attention to cybersecurity needs.
• Limited Expertise: Similar to Finance, Operations may not have the technical knowledge required to address complex cybersecurity issues effectively.
• Potential Conflicts: There might be conflicts in priorities, as operational efficiency goals could clash with security protocols, leading to compromises on security measures.

4. Cybersecurity Reporting Directly to the CEO

Pros

• Strategic Importance: Reporting directly to the CEO highlights the strategic importance of cybersecurity and ensures it receives adequate attention at the highest levels of the organization.
• Empowered Decision-Making: A direct reporting line allows the Cybersecurity department to make swift decisions without bureaucratic delays, which is crucial in a rapidly evolving threat landscape.
• Cross-Departmental Influence: This positioning enables the Cybersecurity department to influence and collaborate with all departments, ensuring comprehensive security practices throughout the organization.

Cons

• Resource Challenges: Without a dedicated framework and support structure, a standalone Cybersecurity department may struggle with resource allocation and prioritization.
• Potential Overload: The CEO’s attention may be divided among multiple priorities, leading to insufficient focus on cybersecurity issues.
• Risk of Isolation: The Cybersecurity department may become isolated from key technical and operational resources within IT and Operations, limiting its effectiveness.

Conclusion

The decision on where to locate the new Cybersecurity department should consider the organization’s specific needs, culture, and existing structure. Each option has its pros and cons, and the best choice will depend on the company’s priorities regarding security, operational efficiency, and resource allocation.

Ultimately, placing Cybersecurity under the IT department might provide the most synergy in terms of technical expertise and operational integration. However, the potential for direct reporting to the CEO could elevate the importance of cybersecurity across the organization, emphasizing its critical role in protecting both customer data and the company’s overall integrity.

A hybrid approach, where Cybersecurity maintains strong ties with IT while having a strategic reporting line to the CEO, could balance technical expertise with executive oversight, ensuring robust cybersecurity measures that align with business objectives.

 

Questions 

1. The paragraph in the first highlighted section mentions the IT department having technical expertise and resources that the other departments don’t have. What expertise and resources is it referring to? 

       2. In the second highlighted section my question is: How does the IT department prioritize operational   efficiency over security?

 

Memo to the CEO

Good Afternoon, to whom it may concern (CEO). Today I would like to recommend that the Cybersecurity department should be located in the Information Technology department, while also maintaining a close and direct line of communication to the CEO. I have made this decision because the Cybersecurity department would have to work in close relations with the IT department for many cases in the future but also because it allows for the most synergy between all departments as the necessary expertise and resources are located in that department already.  As well as the seamless sharing of information that could be shared between departments to create centralized approaches to security risks and incident response. Yes, while there may be potential overlap in responsibilities as both departments are similar and potentially an underestimation of importance for the cybersecurity department. That is why I would suggest giving the department a direct line of communication to the CEO.  This could emphasize its necessary and critical role across the whole organization as it protects both the company’s data but also the customers to allow for the protection of the organization’s integrity as a whole. 

Conclusion 

While each option has its pros and cons, I have decided on putting the cybersecurity department under the IT department. The best option, whether it be under the Department of Finance, operations, information technology, or directly under the CEO, is ultimately decided by the priorities, wants, and structure of the existing company.