Cybersecurity, Technology, and Society

 

CIA Triad Write-Up

Mikey Lowmack

September 12, 2024

The Definition and Explanation of the CIA Triad and its Importance

The CIA Triad, a vital business model in cyber security, is built on three core principles: confidentiality, integrity, and availability. To avoid any confusion with the Central Intelligence Agency, it is also referred to as the AIC Triad. This distinction ensures clarity and precision in cybersecurity.

Practical application of each principle of the CIA Triad in the real world with cybersecurity scenarios.

Confidentiality

• The definition of confidentiality, the first pillar of the CIA Triad, is “prevent sensitive information from unauthorized access attempts” (Chai).
• For instance, data should be organized appropriately and encrypted properly (2FA). Also, file permissions for those authorized to file should be kept current. Additionally, using secure communication channels and implementing access controls are other ways to maintain confidentiality.

Integrity

• Integrity, the second pillar of the CIA Triad, is all about maintaining data consistency, accuracy, and trustworthiness. This principle is crucial because data should not be susceptible to unauthorized changes, especially in transit.
• For instance, when backing up data and recovering software, it is vital to minimize human errors.

Availability

• The definition of availability, the third pillar of the CIA Triad, is “information that should be consistently and readily accessible for authorized parties” (Chai). Availability is not just about making information accessible but also about the significant responsibility of maintaining systems, hardware, and technical infrastructure. It’s about ensuring the information is held and displayed to users when needed, a crucial aspect of cybersecurity.
• For instance, in the worst-case scenario of a disaster, such as a cyber-attack, the CIA Triad ensures that the system is resilient and can quickly recover. This could involve creating backup copies of data and storing them in secure, isolated locations with fire and waterproof safes. Another example could be using encryption to maintain data confidentiality during transmission.

Difference between Authentication and Authorization in the cybersecurity field.

Authentication vs Authorization

• Authentication is verifying a person, files, systems, and resources.
• Authorization verifies users’ identities and ensures what resources should be allowed and what passwords or sign-ins go with what sites.

Conclusion

The CIA Triad, which stands for confidentiality, integrity, and availability, is a significant part of the cybersecurity principles. It’s not the Central Intelligence Agency, also known as the CIA. There is also a difference between authentication and authorization. Authentication verifies who or what is allowed access, while authorization determines what or who is allowed access. Understanding and applying the CIA Triad is crucial in ensuring robust cybersecurity measures.

Work Cited

Chai, Wesley. What Is the CIA Triad? Definition, Explanation, Examples, 8 Sept. 2022, drive.google.com/file/d/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l/view.

SCADA Write-Up

Mikey Lowmack

October 20, 2024

The Vulnerabilities Associated with Infrastructure Systems and the Role of SCADA

The Supervisory Control and Data Acquisition system, also known as SCADA, is a crucial tool in controlling and managing infrastructure processes. These include water treatment, wind farms, gas pipelines, space stations, ships, and airports. The SCADA system operates by monitoring and controlling systems through components such as Human Machine Interfaces (HMIs), Remote Terminal Units (RTUs), Programmable Logic Controllers (PLCs), and communication infrastructure. The intricate web of interconnected automated processes, facilitated by SCADA, is a key factor in both creating and exposing vulnerabilities, due to the potential for a single breach to affect multiple systems.

The Vulnerabilities, issues, and threats associated with the infrastructure

1. Legacy software: The SCADA system uses outdated software that doesn’t implement the necessary security. This allows attackers to carry out varying forms and types of attacks against the system and its components.
2. Default configuration: According to Paganini, cyber attackers try to exploit systems still using the default settings, mainly if they use the default passwords, allowing attackers to compromise the device and other OT systems connected to that same network.
3. Malware: As Paganini states, attackers design malware that can compromise industrial control systems (ICS) and interfaces, disrupting operations and exposing connected devices to other threats.

The role of the SCADA

The SCADA system uses human operators’ data that the supervisory system gathers about the process connected to RTUs. This helps convert the sensor’s signals to digital and send them to the supervisory system. The communication infrastructure connects to both the RTUs and the supervisory system. This allows the SCADA system to monitor/control, alarm or notify, perform data redundancy and backups, advance security protocols, use training programs and support systems, and be integrated into modern technology to help mitigate risks.

Conclusion

In conclusion, SCADA is crucial for controlling and managing infrastructure processes. This includes water treatment, wind farms, gas pipelines, space stations, ships, and airports, in which the SCADA system operates by monitoring and controlling systems throughout its components. These components are Human Machine Interfaces (HMIs), Remote Terminal Units (RTUs), Programmable Logic Controllers (PLCs), and communication infrastructure. The intricate web of interconnected, automated processes facilitated by SCADA creates and exposes vulnerabilities, issues, and threats like malware and attacks on systems using default configurations.

 

 

Work Cited

Paganini, P. (2020, July 15). SCADA & Security of critical infrastructures [updated 2020]. Infosec. https://www.infosecinstitute.com/resources/scada-ics-security/scada-security-of-critical-infrastructures/#:~:text=Most%20common%20ICS%2FSCADA%20security%20issues%20and%20threats%201,…%208%20Command%20injection%20and%20parameters%20manipulation%20

Human Factor Write-Up

Mikey Lowmack

November 17, 2024

Balancing a limited for Cybersecurity Technology and Training

To balance a limited budget for cybersecurity technology and training facilities, the budget must be restricted/limited equally, making them 50/50 with their investments and funds. Also, the reasons for them being 50/50 and what should be invested in.

Reasoning for budget

• Cybersecurity technology deserves a significant 50% of the budget, as it provides the necessary tools to detect, respond to, and prevent attacks and threats.
• The technology used for cybersecurity is not just a tool; it’s a shield for companies and organizations. It provides the tools to detect, respond to, and prevent attacks and threats, ensuring that organizations and companies have the proper security measures.

Funds and Investments

1. Cybersecurity technology investments and funds
   1. Multi-Factor Authentication: This will be a beneficial investment or funding system because it requires multiple verification forms before granting access to sensitive/restricted data, files, and systems. An example of this is Duo mobile or Google Two authentication, which sends a notice to an individual phone asking if that’s them trying to sign in
   2. Advanced threat Detection Systems: This will be a beneficial investment or funded software for companies and organizations because it implements the necessary tools to detect, respond to, and prevent cyberattacks or threats.
2. Training investments and funds
   1. Role-specific training: These training classes will teach individuals uneducated in the field about cybersecurity by those in the field or by IT staff. This training will also keep them up to date about the latest security protocols or threat mitigation forms.
   2. Regular awareness programs: These programs educate employees about the newest phishing tactics used by cyber attackers, social engineering, and safe internet practices.

Conclusion

In conclusion, a balanced, limited budget for cybersecurity technology and training can be very beneficial for companies. The reasoning for each category is shown. Investing and funding these categories is essential for the company’s security and preventing attacks.