Below you will find the discussion board prompts and my responses to them for the class CYSE200T. Click on Discussion to view prompt and response!<\/p>\n\n\n\n
Based on the reading (Understanding CyberSec & Privacy Best Practices), explain why cybersecurity and privacy best practices are not just technical issues. Choose one example from your own experience, work environment, or a real-world scenario where people or processes played a role in improving or weakening security.
Cybersecurity and privacy best practices cannot be a technical issue alone; the reading showcases that cybersecurity intersects with people, processes, technology, and culture. Security, in all fields, shares a common weak point amongst one another, the human element. The reading identifies that culture is a primary facet that one must consider when choosing a framework compatible for an organization. At F.E. Warren, we’ve had a recent influx of homicides and suicides. In response, organizational leadership directed blame towards the group’s NCOs or middle management. This caused a collapse of support from the NCO corps, which led to failing standards, and ultimately ended up with even more incidents that put the base under a larger microscope. While improvements could have been made to the processes, there was nothing inherently wrong with them, but the decisions that were made led to non-compliance from people interacting with those processes due to them shifting the environment from one that maintained order, to one that operated on fear and anger. This has led to an uptick in security lapses, people have stopped reporting issues, started hiding mistakes, disengaging from the mission, and resenting the organization as a whole. As a result, they are having to tear down everything that led them to a “best nuclear surety inspection in 15 years” rating and starting from the ground up to rebuild the trust they lost and get people to reengage with a mission that was set forth by leadership they no longer believe in.<\/p>\n<\/details>\n\n\n\n
In this week’s Perusall reading, John McCarthy\u2019s 1955 Dartmouth Conference is cited as the birth of Artificial Intelligence (AI), with a goal to move computers beyond binary tasks toward “thinking machines”. The text argues that the current generation of AI, specifically Large Language Models (LLMs) like ChatGPT, will impact your career as significantly as the internet impacted previous generations.<\/p>\n\n\n\n
Task: Write a 250-word response addressing the following:<\/strong><\/p>\n\n\n\n The document compares the necessity of understanding AI tools to how a mechanic would use a wrench. This comparison captures a larger picture in the sense that mechanics also no longer rely solely on wrenches, but they fundamentally understand the basic functionality of what it is used for and any mechanic would be able to appropriately explain that to someone outside of their field. While AI might not work its way into every single facet of our jobs, you will likely still interact with it in some form. This will require future IT professionals to have a fundamental understanding of AI and its capabilities to be able to navigate it in their careers. Like a mechanic with a wrench, each IT professional may not use it every day, but they will know what it is, how to use it, and when to apply it should the need arise.<\/p>\n\n\n\n Data management makes up the core of AI integration. Poor management practices within the realms of modeling, maintenance, security, privacy and utilization will result in poor output from the AI. The best chef in the world can elevate subpar ingredients to a new level, but it won’t compare to starting with higher quality ingredients as their proverbial ceiling is much higher. Governance and compliance shift the picture toward ethics, legality, and information security. AI will save and record information for training and future use which can lead to leaks in infosec, opsec, and many other areas if members are not properly trained or the AI being utilized is not properly contained within the organizations network. <\/p>\n\n\n\n I do not believe that the integration of AI will change where IT fits within a modern organization. IT will continue to be a critical component of the foundation of an organization and will continue to utilize specialists to integrate within other departments. The smaller components of an IT section, however, will likely change. Specialist’s duties within other departments may be outsourced to AI to problem solve and they will be moved to focus on other areas.<\/p>\n<\/details>\n\n\n\n In this discussion board, you are the CISO for a publicly traded company. What protections would you implement to ensure availability of your systems (and why)?<\/p>\n\n\n\n Availability is generally defined as providing the fundamental services to meet the end needs of the customer. As the CISO, my primary customer would be the company, and as such I would have to ensure that the systems we operate on are serviceable and sustainable for our personnel so that they can provide services to the company’s consumers. During an incident, availability is the first priority because we need to have system visibility, operational capability, and C3 (command, control, and communications). These areas are pivotal to incident response and maintaining the structure of the system that we would need to utilize to respond effectively. To protect these areas, I would implement a way to see what’s happening within the system through logs and monitoring and ensuring communications channels are maintained by establishing alternate communications pathways to maintain C3. Next in line would be containment of the incident or attack through the utilization of compartmentalization of the network, restricting access through zero trust architecture, and isolation of the incident without loss of critical infrastructure. The function of containment would be to limit the damage an attacker could potentially do without losing our communications and operational capability to respond. Losing any one component of our capability would cripple the organization’s ability to respond and potentially give the attacker more freedom to continue their work. Once the attack is contained and\/or stopped, the next step would be to ensure the system is stable by restoring primary or internal communication tools, reestablishing access for our users, and bringing core services back online. Once the internal foundation of our system is stable and the attack is contained, we can then safely restore customer services. In the end, we would need a way to ensure long term stability, and we can accomplish this through system backups, data restoration, and also conducting an after-action review of the incident to understand the cause. Backups help to restore corrupted or lost data, and an after-action report would help to tie up the loose ends of the incident and pave the way forward for future protections or current policy rewrites.<\/p>\n<\/details>\n\n\n\n From your readings of the NIST Cybersecurity Framework, what benefit can organizations gain from using this framework, and how would you use it at your future workplace?<\/p>\n\n\n\n Organizations can benefit from using the NIST CSF by using it as a starting point to set their own standards and putting their outcomes into the framework to fabricate a stabilized cybersecurity program. The NIST provides an exorbitant amount of information for executives to “fill in the blanks” and round out a security program from small businesses to gigantic organizations since the framework is sort of built around scalability. At a future workplace, I could use the NIST framework to iterate upon an existing program or be a part of creating a new one. The framework itself also utilizes a kind of no-nonsense approach to security that is mirrored in my own physical security domain, so boiling it down to the 6 functions would aid in a routine loop of being able to assess any current or future security program and assist anyone at any level in identifying shortcomings or blind spots in the program. The main area I would target would be training and awareness as those tend to be the areas that provide the most friction in security programs across any domain.<\/p>\n<\/details>\n\n\n\n The article “Malicious code written into DNA infects the computer that reads it” describes a “world first” where researchers successfully infected a computer using a malicious program encoded into a physical strand of DNA. While the researchers acknowledge that this specific attack vector is currently difficult to execute, they emphasize that it serves as a symbolic milestone for the overlap between the digital and biological worlds.<\/p>\n\n\n\n Task: Write a 250-word response addressing the following:<\/strong><\/p>\n\n\n\n Researchers at the University of Washington demonstrated a “world first” exploit where they injected a malicious code into a digital system through a physical DNA strand. The researchers themselves concluded that the attack is impractical due to its complexity but highlighted that it is a possibility and symbolizes a merging of biology and digital security risks. One of the vulnerabilities they identified had to do with the validation and sanitization of the data pulled from the sequenced DNA. They also used outdated or unsecure libraries which makes sense because they would likely prioritize functionality over security in their function which leads into their third vulnerability that they did not treat the data as potentially malicious. The isolation strategies they identified and recommended were virtual machines, containers, restricted execution environments, segmentation of analysis pipelines, and treating biological data as an untrusted input. The virtual machines would provide full isolation from the system and contain the compromise within itself if the malicious data triggered something, not allowing it to spread to the host systems or network. Containers are similar but essentially limit the scope in a smaller radius by restricting what the software can interact with or access. Restricted execution environments provide exactly what they sound like in that they limit the permissions which restricts what a malicious code could execute and only allows exploits minimal control. Pipeline segmentation blocks off the workflow into stages where a compromise in one tool or one step wouldnt be allowed to “flood the pipeline.” Treating biological samples as an untrusted input goes along the lines of any good security program where you allow access only after authentication. Treating them in this manner though raises some concerns within the ethics and security areas. Since bio samples are viewed purely as research materials, this demonstration shifts the view where DNA, a very personal piece of genetic data, can now be a potential attack vector. Organizations need to implement the recommendations since once the DNA is sequenced it becomes executable data, but they walk a fine line with treating it as dangerous because it could stigmatize the samples and potentially limit researchability in the future. Organizations should continue to advance scientific research while also improving the security by implementing the recommendation provided by researchers. It is the same balancing act that any security program has, the military for example, is constantly changing and reviewing policy to ensure we meet minimum security requirements for the priority resources we protect (personnel and property) while also maintaining an acceptable level of inhibiting personnel from doing their job. Security is inconvenient by nature but the alternative damage that can be done with its absence is less preferable than its inconvenient presence.<\/p>\n<\/details>\n\n\n\n Based on your readings related to the BioCybersecurity section of this course, identify possible ethical considerations of CRISPR Gene Editing and explain your position.<\/p>\n\n\n\n CRISPR gene editing should be pursued and developed but only within a system that contains strong security, strict protections, and oversight. The main considerations I see are cyber vulnerabilities for digital systems and potential misuse due to a lack of regulation and an increase in availability. The issue of cyber vulnerabilities stems from how modern biology has become increasingly digitized, whether it be for research or commercial purposes, and also its value in being the ultimate form of PII. It has been highlighted that digital DNA storage lacks a sophisticated cybersecurity systems to protect the valuable data that they work with for research making the issue, not only a lab issue, but a security one as well. Cyber-attacks could alter DNA or leak sensitive data so the importance of protecting this data should likely land it in the category of a critical infrastructure seeing as how a leak could lead to exploitation, surveillance, identity theft or more. There is also the issue of a lack of regulation which could allow for more misuse or accidental harm. Biological gene editing should not be freely accessible to those without training or oversight and should have strengthened security systems to foster innovation and balance it with safety.<\/p>\n<\/details>\n\n\n\n In the reading “Criminal Justice and Cybersecurity,” Ida Oesteraas explains that digital platforms have not necessarily created “new” crimes, but have provided modern iterations of traditional offenses like fraud, piracy, and terrorism by leveraging the unique attributes of cyberspace\u2014anonymity, global reach, and rapid dissemination. Meanwhile, the research by Payne and Hadzhidimova explores why, despite these technological shifts, criminal justice scholarship and mainstream journals have been slow to fully integrate cybersecurity into their research.<\/p>\n\n\n\n Task:<\/strong> Write a 250-word response addressing the following:<\/p>\n\n\n\n The unique attributes of cyberspace hinder traditional law enforcement in a number of areas. Traditional law enforcement lacks funding, training, experience, and the tools to properly investigate modern cybercrime. Many detectives lack a background or training in digital forensics, and the crimes tend to be underreported leading to a lack of funding from legislative bodies and a lack of experience in how to handle these cases, often times resulting in mismanagement or them just not being taken seriously. An example of a traditional crime that has become difficult to prosecute that I have personally experienced is stalking\/harassment becoming cyberstalking. Many agencies will not have the resources mentioned above to appropriately handle cyberstalking mainly due to the burden of proof being so high and the evidence and collection being sloppy or mismanaged.<\/p>\n\n\n\n Technology has advanced too quickly for legislation and academia to catch up. This is due to a few factors, but in my opinion, mainly comes down to underreporting, police mismanagement of cases (which also leads to lower reported numbers), and lack of trust in authority\/institutions to take the issues seriously. If institutions do not see the numbers, they tend to lean into them less which means the career paths will remain separated until more attention is brought to the area.<\/p>\n\n\n\n Cybercrime, technology, and social change would likely bridge the gap well since cybercrime focuses on human behavior in digital environments and the digital forensics and investigation portion, how it integrates with technology, and then focuses on the social impact of it.<\/p>\n\n\n\n In my opinion, both should happen, specialized units should be created, and every traditional role should have basic training in digital evidence collection and preservation. This is typically how law enforcement is structured, standard patrol units are the first responders and handle day to day crime thats enforceable at their level, but when a crime is outside of their scope they are trained to preserve evidence for a specialized unit to take point on the investigation and further evidence collection.<\/p>\n<\/details>\n\n\n\n How should markets, businesses, groups, and individuals be regulated or limited differently in the face of diminishing state power and the intelligification (Verbeek, p217) and networking of the material world?<\/p>\n\n\n\n Verbeek argues that we should regulate the mediation of technology and not the technology itself to ensure that intelligified environments support us rather than detract. We need to focus on the “how” a technology mediates the human experience as opposed to the devices or products themselves. Similar to how most drugs are regulated based on their effects on the body and how they alter the human experience, technology should be governed based on the way they alter our experiences by way of norms, identity, behavior, and perceptions. Markets and business need to be limited when their tech produces strong mediations through visibility and accountability, and groups need regulation on the mediation that amplifies their influence. Individuals need protection more so from strong mediation since they are the most vulnerable to the influence of the three prior factions, but responsible use should be encouraged through changing norms and mediation education or literacy, essentially knowing the effects of what they are using.<\/p>\n<\/details>\n\n\n\n From this week’s Jonas Reading: How should we approach the development of cyber-policy and infrastructure given the \u201cshort arm\u201d of predictive knowledge?<\/p>\n\n\n\n Jonas states that modern technology creates consequences so far into the future that we couldn’t possibly predict how the future will be affected. We no longer affect just those around us but our collective decisions will affect generations after us. Cyber policy and infrastructure design should take a more proactive approach on potential cascading effects rather than assuming best case scenarios or future stability. Its similar to how modern security attempts to predict what may happen or vulnerabilities in a defense system, but we have to be prepared for scenarios that occur outside of the box and have contingencies in place to recover and respond appropriately. But, more so to Jonas’ point, this same security system should be built assuming that we couldn’t imagine the attack vector.<\/p>\n<\/details>\n\n\n\n Below you will find the discussion board prompts and my responses to them for the class CYSE200T. Click on Discussion to view prompt and response!<\/p>\n","protected":false},"author":31992,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/hunterbailey\/wp-json\/wp\/v2\/pages\/332"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/hunterbailey\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/hunterbailey\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/hunterbailey\/wp-json\/wp\/v2\/users\/31992"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/hunterbailey\/wp-json\/wp\/v2\/comments?post=332"}],"version-history":[{"count":4,"href":"https:\/\/sites.wp.odu.edu\/hunterbailey\/wp-json\/wp\/v2\/pages\/332\/revisions"}],"predecessor-version":[{"id":341,"href":"https:\/\/sites.wp.odu.edu\/hunterbailey\/wp-json\/wp\/v2\/pages\/332\/revisions\/341"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/hunterbailey\/wp-json\/wp\/v2\/media?parent=332"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
\n\n\n\nDiscussion Board: Protecting Availability<\/summary>\n
\n\n\n\nDiscussion Board: The NIST Cybersecurity Framework<\/summary>\n
\n\n\n\nDiscussion Board: Malicious Code<\/summary>\n
\n
\n\n\n\nDiscussion Board: Ethical Considerations of CRISPR Gene Editing<\/summary>\n
\n\n\n\nDiscussion Board: Cybersecurity and Criminal Justice<\/summary>\n
\n
\n\n\n\nDiscussion Board: From Verbeek’s writing Designing the Public Sphere: Information Technologies and the Politics of Mediation<\/summary>\n
\n\n\n\nDiscussion Board: The “Short Arm” of Predictive Knowledge<\/summary>\n
\n","protected":false},"excerpt":{"rendered":"