Jayce Clancey
CYSE 200T
Professor Duvall
11/10/24
BLUF: With a limited budget prioritizing these three key factors will highly reduce cyber
threats. Risk Assessment First, Prioritize Training, and Implement Secure Technology.
In a limited budget you want to do the best you can to keep the cybersecurity department
up and running. Not only just running, but efficient and protective. As a Chief
Information Security Officer this is how I will approach having a budgeted department.

1. Risk Assessment First
● I would start with this first to identify high value assets and the threats that
are most likely to happen, making sure that we are spending our money on
the most vulnerable systems.
2. Prioritize Training
● Human error is a big reason as to why cyber attacks happen. Due to this
reasoning I will put as much money as I can into training employees to
make it less likely that they perform an error.
3. Implement Secure Technology
● I would implement Firewalls, MFA, Email filtering, amd basic monitoring

In conclusion, having a balanced approach with this budget will provide a strong and safe
cyber department. This will better the chances of a cyber threat being contained or not
happening at all.

Jayce Clancey
October 27, 2024
CYSE 200T
BLUF: “Supervisory Control and Data Acquisition (SCADA) refers to Industrial Control
Systems used to control infrastructure processes, facility-based, processes, or industrial
processes” http://www.scadasystems.net
1. Cybersecurity Threats
● Unauthorized Access
Hackers may attempt to get into unauthorized access to control systems,
potentially corrupt systems, steal data, or cause harm.
2. Infrastructure getting old
● Many critical infrastructure systems are outdated and may be not fully
updated to handle present technology cyber threats. This can lead to the
systems failing and increased risk to cyber threats
3. Physical Attacks
● Critical infrastructure systems are also open to physical threats like
sabotage, terrorism, or natural disasters. These can damage the
infrastructure directly .
Conclusion: SCADA systems are important for a lot of very important things, but they are
very vulnerable to all types of attacks ranging from cyber attacks to physical attacks.
These can be maintained by upgrading and protecting systems.
Advantages and Disadvantages Of Scada: Explained.

My team and I, talked about why the SolarWinds attack mattered.

Team 1

Team members: David Daniel, Hannah Johnson, Jayce Clancey, and Tiani Reynolds

CYSE 200T

October 7, 2024

The SolarWinds Compromise and Its Significance

Location of information: https://www.techtarget.com/whatis/feature/SolarWinds-hack-explained-Everything-you-need-to-know

BLUF

      Hackers targeted SolarWinds placing a harmful code into the management software and Orion IT monitoring system. Both of these systems are used by thousands of people and companies around the world which lead to many companies being hacked as well as supply chains, causing even organizations within the government to experience the effects.

What was the Attack

      Solar winds compromise was a supply chain cyber operation conducted by Russian threat group ATP29. They used tactics such as password spraying, token theft, API abuse, spear phishing, and other supply chain attack strategies to compromise the data of more than 30,000 public and private organizations including local, state, and federal agencies that used the Orion Network management system to manage their IT resources. The hack exposed the inner workings of Orion users, allowing the hacker to gain access to the data and networks of their customers and partners. The hack lasted from August 2019 through January 2021, and was also known as the “SUNBURST” attack.

Why was this important?

     This was important because it was a wake-up call for the global cybersecurity community. It forced organizations to update their security practices and highlighted their weaknesses. It helped organizations locate what they need to update to make things more secure to ensure that an attack like this doesn’t happen again.

Conclusion

In conclusion, the SolarWinds compromise was a huge Russian supply chain attack which compromised 30,000 public and private organizations including local, state, and federal agencies. Even though this was a huge attack and organizations spent a lot of money to come back from this attack, these companies used this as a learning opportunity to improve their systems to minimize cyber risks in the future.