Justin W Christopherson
Old Dominion University
CYSE: 200T
Professor Kirkpatrick
31 March 2024
Guardians of Cyberspace: The Human Element
The human aspect of cybersecurity is such a wide spectrum topic, but adding in the constraint of
an underfunded budget, makes it an easier pill to swallow. Taking on the role of Chief Information
Security Officer, the first task at hand would be to conduct a risk assessment to find out what data the
company holds valuable. The next logical step is to set up a program that proactively detects common
threats and then spells out how to respond to them. The final step in the process is to train all personnel
at the company in a way that the training will stick.
Risk Assessment
To conduct a risk assessment, the first thing that needs to be done is to Identify what on the
network the company holds near and dear. This can be anything from trade secrets, to trademarked
material. An emphasis also must be made when looking at anything that leaves the companies offices,
whether it be to a remote office or even across the water to other countries. The second step is to
Identify and Use Sources of Cyber Threat Intelligence. This way it can be found what vulnerabilities
commonly plague this type of company. The third step in the process is to Identify and Document
Internal and External Threats. This is where a vetting process can be setup to prevent insider threats.
Step four in the process is to identify Potential Mission Impacts. This involves figuring out what happens
if the network goes down. The fifth and final step in the process is to take all the combined data from
the previous steps and use them to assign risks.
Proactive Threat Detection and Response
The human aspect of proactive threat detection and response deals with continuously
monitoring who comes in and out of the office, as well as anyone who has access to the data. This is
done by monitoring the network for normal behavior and setting up the systems for notifications when
anything begins to operate outside normal parameters. When this happens, the operators can trace
where the anomaly was initiated. With the knowledge of where it began, operators can track down an
anomaly to a specific terminal and then find out which employee operates it. Another aspect that needs
to be taken into consideration is monitoring cybersecurity threat intelligence for the industry the
company is in and in general. This can be done through various means such as following industry
leaders. Once this is done the network needs to remain secure by means of constantly keeping virus and
malware definitions up to date. The network has been secured so the next logical step is to set up a plan
for reporting anything suspicious on the network. This can be done by establishing standard operating
procedures, that outline what to do and who to notify as soon as something happens.
Training Strategies
Once the network is secured, and constant monitoring has been established, the only thing left
to do is to establish an employee training program. This is by far one of the more challenging aspects
for a very technical Chief Information Officer, because while companies are willing to spend millions to
set up cybersecurity, they are not likely to spend millions on training non it related personnel. To
counteract this a CISO needs to set up a training program that does not use death by PowerPoint. This
can be achieved by using real world examples. An example would be to bring up a live attack tracker
that shows when and where attacks are happening around the world. After this it can be explained that
opening an email attachment can cause the company to end up on this tracker.
Conclusion
In the end the human aspect of cybersecurity is often overlooked and underfunded
which leads to data breaches. As Chief Information Security Officer the first thing to conduct would be a
thorough risk assessment to identify valuable company data and potential threats. Implementing
proactive threat detection measures and protocols ensures swift action against emerging risks, while
continuous monitoring maintains network integrity. Lastly, developing a training plan that actively
engages employees is essential in empowering personnel in recognizing and mitigating cyber threats. By
using these strategies, companies can strengthen their overall cybersecurity posture and mitigate risks
albeit budget constraints.
References
Cyber risk assessment. (n.d.). https://www.cisa.gov/sites/default/files/2024-
01/22_1201_safecom_guide_to_cybersecurity_risk_assessment_508.pdf