Discussion Board Posts

Posted by joani001 on

   

Discussion Board # 1 – Framework

A framework is a set of standards, guidelines, and best practices that an organization can use to best manage risks and their organizational needs.  The five core activities of NIST’s Cybersecurity framework are: Identify, Protect, Detect, Respond, and Recover.  Identify pertains to the identification of core systems in order to form a strategy on how to prioritize and protect its processes.  Protect pertains to the implementation of the strategy developed.  Detect pertains to the monitoring of any sort of threats in order to mitigate potential damages and such.  Respond pertains to the response to the threat itself (communication, damage mitigation, analysis).  And lastly, Recover pertains to the business’ continuity strategy should disaster strike.

Discussion Board # 2 – Cyber Threats

Phishing is a technique used to gain someone’s information, more specifically, sensitive information.  This includes information such as one’s social security number, bank account information, etc.  One’s information is gained through the use of deception. For example, let’s say you’re scrolling through your emails and you notice an email from the company Netflix.  You go through this email and realize that your Netflix account will be shut down within the next 24 hours if you don’t update your bank account information.  Below is a link to the site that will allow you to update said information.  Only, there’s one problem.  You don’t have a Netflix account. Fortunately, there are many things that can be done to prevent yourself from falling for these tricks.  Referring back to the previous example, one sign someone could look out for is grammar errors.  Typically, phishing emails will have MANY errors.  Another sign is the email address itself.  If it looks funky, it’s probably a phishing email.  Some other common ways to figure out if it is a phishing email include an unusual company logo, a request with a sense of urgency, etc. Should you fall for these tricks, the consequences can be very damaging.  Consequences include but are not limited to identity fraud, monetary losses, ransomware (malware that denies you access to your computer until you pay a ransom), compromised systems, damage to reputation (if the attack is directed at a larger entity such as a small business, non-profit organization, Fortune 100 company), etc.  

Source: Use Electric Grid Security and Resilience)Links to an external site.

Discussion Board #3 – Cybersecurity Impact on Small Business

Developing a cybersecurity program for small businesses can be tricky, especially considering that they have limited funds that could be used in developing other aspects of the business such as the product and/or service that they provide for customers.  However, without a cyber program, those other aspects would be useless as the small business would suffer from the consequences of cyber attacks.  When developing a cyber security program for a small business, I would focus on educating employees on the different kinds of cyber attacks they may face and how to avoid them.  More specifically, I would train them on how to avoid phishing scams.  I would put my focus on this as small businesses are most vulnerable to these kinds of attacks, particularly, email attacks that resemble financial institutions making an urgent request for vital information.  If they fall victim to these kinds of attacks, small businesses can lose up to twenty thousand dollars per attack. I would also focus on cyber education because people are the weakest link.  You can have the greatest security system in the world.  But, if you don’t properly train people on how to best utilize that security system, then the security system isn’t nearly as effective in preventing cyber attacks.  With regards to this, one aspect I would focus on is the organization of information.  Everybody should only have access to the information that they need to do their jobs.  That way, the risk of sensitive information getting leaked is minimized.  

Discussion Board #4 – Identity Management

FIDO is a set of authentication specification protocols developed by the FIDO Alliance.  The FIDO Alliance (otherwise known as the Fast Identity Online Alliance) is a non-profit organization that was founded back in February 2012 by multiple different companies such as PayPal, Lenovo, Nok Nok, Labs, etc., that addresses the plethora of problems related to password-based authentication.  They do this by providing other alternative authentication methods that are easier for people to use and maintain.  These methods include the use of biometrics (voice, camera, etc.), multi-factor authentication, etc. One of the main concerns they have with password-based authentication is its susceptibility to attacks such as brute force, phishing, etc.  Its susceptibility to these kinds of attacks increases the risk of a loss of data, compromising user security. Another concern they have pertains to user-friendliness/convenience.  Using a password-based authentication system requires a user to change and remember their passwords multiple times over a given period of time.  For each system, it is recommended that users make a different password, making it harder for them to remember which password is for what system.  Oftentimes, users don’t even do this.  They won’t change their passwords and recycle the same one over multiple systems, thus increasing the likelihood of a breach in security. Besides its aim to better the user experience and provide a much more simpler and efficient way of protecting information, FIDO strives for interoperability of its standards/practices.  They want their methods to be easily adoptable by anything and anyone.  

Discussion Board #5 – Cryptography

Cryptography is very important in maintaining authenticity and integrity.  However, in order to understand how cryptography can help with maintaining authenticity and integrity, it is first important to understand what these terms mean. Cryptography is the process of protecting sensitive information by encrypting it/making it unreadable to unauthorized parties (typically through the use of a key).  Authenticity in the sense of cybersecurity means that the data originated from the source it purports to be from.  Integrity, on the other hand, means that the data hasn’t been compromised/modified by an unauthorized user. In the sense of authenticity, cryptography helps maintain this through the use of digital signatures generated by an encryption method.  For example, they use asymmetric encryption.  The person sending the data uses a private key to encrypt it.  The data can then only be opened by the sender’s public key, which the receiver will have if they are the ones meant to receive the data.  This process allows the data’s authenticity to be verified because one, the receiver has the public key to open the data, and two, that key wouldn’t have worked had it been the wrong private key. In the sense of integrity, cryptography helps maintain this by using hash functions, which create a unique has for user data.  Should any change be made to the data, the hash itself will change.  By comparing the hash of the data when it was first received to the current hash value, one can verify the data’s integrity.

Discussion Board #6 – SCADA

The SCADA (Supervisory Control and Data Acquisition) system is used to remotely control and monitor industrial equipment and processes.  The system does this by collecting information and transferring it to some sort of computer facility where it gets displayed.  The SCADA system is important because it allows for the automation of certain tasks that are far too complex and cumbersome for people to manage (for example, sometimes there is too much data for one to fully process and comprehend when SCADA can be used to calculate all of that automatically), thus reducing the costs of human labor.  Automation allows things to be done in a much more quick and efficient manner.  It makes things easier to manage.  It is also very important because it makes processes a lot more safe. The system has many vulnerabilities associated with it.  A big reason for this is because it is open-sourced.  Because it is open-sourced, everyone has access to it.  Some people who have access will have malicious intents, some more than others.  Some of these vulnerabilities are also a consequence of SCADA’s outdated systems.  There are still many systems with outdated technologies that have weak security because people hold off on updating things out of fear of disrupting operations.  Because they don’t get updated regularly, SCADA’s risk for cyberattacks greatly increases.  Not only are systems at risk digitally, but it is also at risk physically.  Unauthorized access can cause damage to industrial equipment that leads to many safety hazards and disruptions on system operations.  

Discussion Board #7 – Cyber Stalking/Cyber Harassment

I don’t believe that the definitions of appropriate and inappropriate behavior have changed due to technological changes.  If anything, it has remained the same because technological advances have enabled these behaviors to run more rampant without consequence.  Let’s look at social media, for example.  When making a social media account, they don’t have to use accurate information (name, date of birth, gender, etc.).  They can use completely different information than they usually provide in an official application.  If I wanted to create a fake identity, let’s say a 24-year-old named Britney (which I’m not), I could do so without people knowing.  I could also impersonate an existing person.  I could impersonate the president of the United States, or I could impersonate my next-door neighbor, Bill.  Given the recent rise of AI, people can further manipulate their online identities.  The possibilities are endless.  Another way the use of technology has allowed cyber stalking/cybercrime to run much more rampant is that it allows said perpetrators to hide where they are from much more quickly.  For all the victim could know, the perpetrator could be as far as halfway across the world or as close as their next-door neighbor.  Because of this, it makes it harder to identify and track the perpetrator.  The rise of technology as a new medium for cyber stalking/cyber harassment has also made it more difficult for legislators to create a universal definition of what it constitutes, as there are arguments on whether to build upon the existing legislature on regular stalking/harassment or create an entirely new set of laws.

Leave a Reply

Your email address will not be published. Required fields are marked *