{"id":141,"date":"2024-01-16T18:34:48","date_gmt":"2024-01-16T18:34:48","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/cyberimpact1\/?page_id=141"},"modified":"2024-04-11T17:52:57","modified_gmt":"2024-04-11T17:52:57","slug":"cyse-200t","status":"publish","type":"page","link":"https:\/\/sites.wp.odu.edu\/joshua-belk\/cyse-200t\/","title":{"rendered":"CYSE200T"},"content":{"rendered":"<div class=\"discussion-section message_wrapper hide-if-collapsed\">\n<div class=\"message user_content enhanced\" data-bind=\"message\">\n<h2>These are some of my favorite assignments from the course. Thanks to the amazing Professor Kirkpatrick \ud83d\ude42<\/h2>\n<h2 class=\"submission-details-header__heading h3\">DISCUSSION BOARD: Protecting Availability<\/h2>\n<p>The first thing I would do as a CISO for a company is to have multiple backup files and drives for all of our public and private data as we discussed today in class. Having a secure spot for the companies&#8217;s data is vital in protecting the company in case of a cyber threat or if we ever need to find old documents or data. The next thing I would do as the CISO of the company is have a contingency plan in case our companies or others that try to harm ours are at risk. For example, in the scenario the company is on the verge of bankruptcy, I would have a plan set where I, the employees, and third parties would be financially stable after the crisis. The last protection I would implement is hiring an elite cybersecurity team to protect our systems from potential threats or hackers. I would also have them directly report to me with any information the find inside and outside the companies&#8217;s walls.<\/p>\n<\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<h1><b>Write-Up: The CIA Triad &#8211; Joshua Belk<\/b><\/h1>\n<p><i><span style=\"font-weight: 400\">\u00a0 In this report, we discuss what the CIA Triad is, why it\u2019s important in the cybersecurity world, and the many differences between authentication versus authorization.\u00a0<\/span><\/i><\/p>\n<h1><b>What is the CIA Triad?<\/b><\/h1>\n<p><span style=\"font-weight: 400\">\u00a0 The CIA Triad is the supreme framework of the cybersecurity world, and the sole purpose of guiding, creating, innovating, and enforcing policies for the security of information held within an organization. Confidentiality, integrity, and availability are what the CIA strives for, and they ensure the security of organizations is protected. Confidentiality is set to limit information access from any threat or possible threat that may or will occur. This is necessary in an organization, as they don\u2019t want their private information to be leaked, stolen, or put in the wrong hands, hence why this information is confidential. Integrity is like consistency. Everything must be maintained in a company. Calculations and information must be accurate and precise. There is no room for error in the organization, as the fate of the company lies in its integrity. Data may also not be altered or interfered with by unauthorized users. Breachers, for example. Lastly, availability entails that information should be accessible to authorized users or parties only. Proper maintenance is required to maintain the infrastructure of the information system.\u00a0<\/span><\/p>\n<h2><b>Why is it so important to us?<\/b><\/h2>\n<p><span style=\"font-weight: 400\">\u00a0 This is so important to the cybersecurity world, that each letter in the CIA Triad represents the foundation of it. Confidentiality, integrity, and availability are widely considered to be the most important notions when it comes to information security, and the cyber world as a whole. These different principles help organizations understand how to protect themselves, provide better security, and refine policies. <\/span><span style=\"font-weight: 400\">For example, when businesses analyze their necessities and use different cases for future products, services, and innovations, the triad assists them by putting their focus on how and what value is provided in the three main principles of the triad.\u00a0<\/span><\/p>\n<h3><b>Authentication v. Authorization<\/b><\/h3>\n<p><span style=\"font-weight: 400\">\u00a0 Authentication and authorization are very similar, so it could be easy to get the two confused. However, this is important for not just companies, but for everyone to understand, utilize, and protect. First, let\u2019s define the terms. Authentication is the process of validating the identity of a user, system, or application. It approves whether the user attempting to access the information is permitted to do so. This is usually determined by the approval of a correct username, password, or other identifications. For example, when I log in to my ODU MIAS account, I must provide my user identification and password to access my information. On the other hand, authorization is the step after authentication, in which the system approves, or denies accessibility to a specific resource based on the authenticated permissions set in place. It determines what commands a certain user is allowed to access. A great example of authentication and authorization being used at the same time is logging into your online banking app. When you log into your bank, you\u2019re usually asked to enter your username and password for that account, as most services online do. After successfully logging in, the banking app authorizes you to do specific things, such as viewing your balances, transferring funds, and changing settings.\u00a0<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><b>Conclusion<\/b><\/h3>\n<p><span style=\"font-weight: 400\">\u00a0 In conclusion, we discussed why the CIA triad is such an important principle in cybersecurity and information security and the differences between authentication and authorization. <\/span><span style=\"font-weight: 400\">Confidentiality, integrity, and availability are the key foundations of security in organizations, people\u2019s information, and the world. These principles serve as guidelines for how security should properly be handled and help us innovate and protect our information.\u00a0<\/span><\/p>\n<p>&nbsp;<\/p>\n<h4><b>Citations &amp; References\u00a0<\/b><\/h4>\n<p><span style=\"font-weight: 400\">Chai, W. (2024, January 23). What is the CIA triad? definition, explanation, examples \u2013 techtarget.WhatIs.com. Retrieved September 15, 2022, fromhttps:\/\/www.techtarget.com\/whatis\/definition\/Confidentiality-integrity-and-availability-CIA?jr=on<\/span><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<h2 class=\"submission-details-header__heading h3\">Discussion Board: The NIST Cybersecurity Framework<\/h2>\n<div class=\"submission-details-header__info\">\n<div class=\"discussion-section message_wrapper hide-if-collapsed\">\n<div class=\"message user_content enhanced\" data-bind=\"message\">\n<p>Some benefits different organizations can gain from using this framework are risk management cybersecurity maturity, common language, and communication skills. My favorite of the three mentioned is risk management, as many companies are looking for this. Organizations love this because it allows them to better understand what&#8217;s at risk and make critical decisions to prioritize and efficiently use resources based on the risk. Another important benefit(which is something we talked about in class today) is communication skills, as that is arguably one of the most important skills you can have not only in the field but in life. Companies need people who are good at communicating and innovating new ideas and plans. This also ties in with leadership. Lastly, I would use these frameworks at my future workplace with different assignments, planning, and of course, with my communication skills.<\/p>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>These are some of my favorite assignments from the course. Thanks to the amazing Professor Kirkpatrick \ud83d\ude42 DISCUSSION BOARD: Protecting Availability The first thing I would do as a CISO for a company is to have multiple backup files and drives for all of our public and private data as we discussed today in class&#8230;. <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/joshua-belk\/cyse-200t\/\">Read More<\/a><\/div>\n","protected":false},"author":28441,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/joshua-belk\/wp-json\/wp\/v2\/pages\/141"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/joshua-belk\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/joshua-belk\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/joshua-belk\/wp-json\/wp\/v2\/users\/28441"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/joshua-belk\/wp-json\/wp\/v2\/comments?post=141"}],"version-history":[{"count":5,"href":"https:\/\/sites.wp.odu.edu\/joshua-belk\/wp-json\/wp\/v2\/pages\/141\/revisions"}],"predecessor-version":[{"id":344,"href":"https:\/\/sites.wp.odu.edu\/joshua-belk\/wp-json\/wp\/v2\/pages\/141\/revisions\/344"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/joshua-belk\/wp-json\/wp\/v2\/media?parent=141"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}