Cybersecurity, Technology, and Society

Students will explore how technology is related to cybersecurity from an interdisciplinary
orientation. Attention is given to the way that technologically-driven cybersecurity issues are
connected to cultural, political, legal, ethical, and business domains.

The course objectives are:

• 1. Describe how cyber technology creates opportunities for criminal behavior.
  2. Identify how cultural beliefs interact with technology to impact cybersecurity strategies.
  3. Understand and describe how the components, mechanisms, and functions of cyber systems produce
  security concerns.
  4. Discuss the impact that cyber technology has on individuals’ experiences with crime and
  victimization.
  5. Understand and describe ethical dilemmas, both intended and unintended, that cybersecurity efforts
  produce for individuals, nations, societies, and the environment.
  6. Describe the costs and benefits of producing secure cyber technologies.
  7. Understand and describe the global nature of cybersecurity and the way that cybersecurity efforts
  have produced and inhibited global changes.
  8. Describe the role of cybersecurity in defining definitions of appropriate and inappropriate behavior.
  9. Describe how cybersecurity produces ideas of progress and modernism

Course Material

1. Discussion board pertaining to NIST Framework: The NIST Cybersecurity Framework functions to provide a common language that can be used to understand, express, and manage cybersecurity risk. The five main functions of the framework are to: identify, protect, detect, respond and recover. With the determination of the different tiers a company would choose to implement, an organization can be prepared to protect their data, promote safe practices, defend against cyber attacks and even learn from past cyber activities. Depending on the size of an organization, implementing the NIST framework at a higher tier can provide the tools necessary to accurately assess risk and respond. The adaptation of policies and procedures to be followed by other employees is a good way to encourage an organization wide effort.
2. Write UP: CIA Triad –
   “What is the CIA Triad? Definition, Explanation, Examples” Review
   This article discusses the CIA Triad; otherwise, known as the Confidentiality, Integrity,
   and availability triad, a template to direct practices and policies for information security within organizations (Chai, 2022). The article gives definitions for the CIA terms, explanations of its importance, examples, challenges that CIA may face, best practices for utilizing the CIA, and brief retelling of its history.
   Confidentiality
   Confidentiality deals with an organization’s ability to keep sensitive information limited to the appropriate and authorized party. There are multiple practices that authorized personnel and organizations can take to maintain confidentiality of sensitive information. Authorized people may receive specialized training to better understand risk factors and guard against them. This training can include password-related practices, social engineering methods, uses of account and routing numbers for online banking. Data encryption, 2-factor authentication, and biometric verification are also common practices for maintaining confidentiality. If the information is highly
   sensitive, the authorized personnel may limit the information to an air-gapped computer, disconnected storage device, or hard-copy format. Organizations should handle their data based on their required privacy and keep their control lists and file permissions updated.
   Integrity
   Integrity speaks on the credibility, accuracy, and consistency of data during its lifecycle. Data should not be altered during transit or by unauthorized persons. Organizations can maintain the integrity of their data by ensuring that their workers are educated about compliance requirements and utilizing recovery software, version, access, and security control, data logs, and checksums (Chai, 2022). These work to combat the challenges that may come about due to human error or non-human events, such as server crashes or electromagnetic pulses (EMPs).
   Availability
   Availability touches on the consistency and ease at which authorized personnel can
   access their information. To ensure that information is readily available to authorized personnel, organizations need to continuously maintain/upgrade their hardware and operating system (OS), which can be monitored with network and server monitoring systems. In the worst case scenario, in which data is at risk of being lost, organizations should have a redundant array of
   independent disks (RAID) and a data recovery and business continuity (BC) plan (Chai, 2022).
   Conclusion
   It is important to not view each part of the triad as individually exclusive entities but as
   parts of a cohesive model that works to best maintain the privacy, quality,and readiness of data/information for its users. From 1976 onwards, the concepts of confidentiality (1976), integrity (1987), and availability (1988) were slowly introduced and began to take form (Chai, 2022). By 1998, these individual concepts were viewed to belong within a coexisting model.

   References
   Chai, Wesley. “What Is the CIA Triad? Definition, Explanation, Examples – Techtarget.”
   WhatIs.com, TechTarget, 28 June 2022,
   https://www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA?j=on.

   3. Discussion Board – Ethical Considerations on Gene Editing: There are definitely a few ethical considerations when talking about BioCybersecurity. DNA being contained in a digital database is dangerous as it is susceptible to being hacked, illegally acquired, and utilized in blackmail or for other criminal reasons. If DNA stays the same over time and can be used to identify culprits in cold cases, it could possibly be used in the reverse way. The articles also make a good point that it should be safeguarded more securely than social security information. The possibility that DNA could be used to hack computers is also a very present yet futuristic reality that we have to be prepared to face.