IT/CYSE 200T

Class Assignments 

________________________________________________________________________________________________________________

Name: Kirk Smith
Date: 9/18/2022

Write -Up: The CIA Triad


This analysis defined the CIA triad (Confidentiality, Integrity, and Availability), discussed its individual components, and compared authorization vs authentication.


The CIA Triad Explained


The CIA Triad consists of Confidentiality, Integrity, and Availability (Chai, n.d.). In terms of what each of these words means, confidentiality is the set of rules that limits the access to the information, integrity is the assurance that the information is trustworthy/accurate, and availability is the guarantee that those that are authorized to access the information can do so reliably (Chai, n.d.).


Some of the components of confidentiality could include special training, data encryption, two factor authorization and biometric verification (Chai, n.d.). Some of the components of Integrity could include file permissions, user access controls, version control and cryptographic checksums. Some of the components of availability could include maintenance of hardware, maintenance of the environment of operating systems (free of software conflicts), firewalls and proxy servers (Chai, n.d.). Additionally, it should be noted that the Internet of Things privacy protects the information of individuals from exposure in an IoT environment (Chai, n.d.).


Best practices for the CIA triad are broken down into three subjects. In terms of confidentiality, data should be handled based on the organization’s required privacy, two factor should be used and access control/file permissions should be up to date. In terms of integrity, employees should be knowledgeable, backup/recovery software should be used, and finally version control/access control/data logs/checksums should be used. Finally, in terms of availability redundancy, failover and RAID should be utilized.


Authorization vs Authentication


Authentication is the requirement that someone who requests to use a resource must prove his/her identity. Authorization is a rule that determines what an account owner can do to a particular resource (file or directory) (Raymond Panko, 2019). An example of this might be when someone uses a fingerprint scanner on a laptop (authentication) they can access certain files on the laptop but can only access a certain set of them (authorization). Additionally, Authentication would involve things like access cards, biometrics, digital certificates, and/or two factor authentication.


Conclusion


The CIA triad is composed of Confidentiality, Integrity, and Availability. Confidentiality is the set of rules that limits the access to the information, integrity is the assurance that the information is trustworthy/accurate, and availability is the guarantee that those that are authorized to access the information can do so reliably (Chai, n.d.). Authentication is the requirement that someone who requests to use a resource must prove his/her identity and authorization is a rule that determines what an account owner is able to do to a particular resource. All these concepts are important and provide guidance to the practice of information security.


References

Chai, W. (n.d.). confidentiality, integrity and availability (CIA triad). Retrieved from TechTarget: https://www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA?jr=o n


Raymond Panko, J. P. (2019). Business Data Networks and Security Eleventh Edition. New York: Pearson.


Smith, R. E. (2021). Elementary Information Security Third Edition. Burlington: Jones & Bartlett Learning.

________________________________________________________________________________________________________________

Name: Kirk Smith
Date: 11/4/2022

Write -Up: SCADA Systems


This analysis discussed SCADA systems relationship with critical infrastructure, the vulnerabilities associated with SCADA systems as well as ways to mitigate those vulnerabilities.


Vulnerabilities Associated with Critical Infrastructure Systems


SCADA systems is an acronym that stands for Supervisory Control And Data Acquisition (SCADA Systems, n.d.). These systems are used for monitoring and controlling physical processes in infrastructure settings. Examples of this includes water distribution, traffic light control, electricity transmission and gas transportation (SCADA Systems, n.d.).


When examining the vulnerabilities associated with these systems the first is unauthorized access to software (SCADA Systems, n.d.). Examples of this include human access to the software, viruses, or others. Unauthorized access is defined as when a person gains logical or physical access without permission to a network, system, application, data, or other resource. (unauthorized access, n.d.).


The second vulnerability that can occur is packet access to network segments that host SCADA devices (SCADA Systems, n.d.). An individual sending packets to a SCADA device can control it and could wreak havoc in certain situations. A packet is defined as the logical unit of network communications produced by the transport layer (Packet, n.d.).


Role SCADA Applications Play in Mitigating Risks


The first way to mitigate these risks include developing specialized industrial VPNs that are based on TCP/IP (SCADA Systems, n.d.). A VPN is a restricted-use, logical (i.e., artificial or simulated) computer network that is constructed from the system resources of a relatively public, physical (i.e., real) network (such as the Internet), often by using encryption (located at hosts or gateways), and often by tunneling links of the virtual networks across the real network (virtual private network (VPN), n.d.).


The second way is to develop firewall solutions for SCADA networks that are based on TCP/IP (SCADA Systems, n.d.). Firewall is defined as an inter-network connection device that restricts data communication traffic between two connected networks (firewall, n.d.). A firewall may be either an application installed on a general-purpose computer or a dedicated platform (appliance), which forwards or rejects/drops packets on a network. Typically, firewalls are used to define zone borders. Firewalls generally have rules restricting which ports are open (firewall, n.d.).


The final way is to mitigate these risks utilizing whitelisting which can be used to prevent unauthorized application changes (SCADA Systems, n.d.). Whitelisting is defined as an implementation of a default deny-all or allow by exception policy across an enterprise environment and a clear, concise,
and timely process for adding exceptions when required for mission accomplishments (whitelisting, n.d.).


Conclusion


SCADA systems are the devices that are involved in monitoring and controlling industrial systems that could be used in critical infrastructure. Examples of its use in critical infrastructure is the distribution of water, electricity, and gas. Two vulnerabilities that exist in SCADA systems is unauthorized access to software and unauthorized access to network packets. The ways that these vulnerabilities can be mitigated include the introduction of specialized VPNs, firewalls, and whitelisting. The security of SCADA systems and how they related to critical infrastructure will continue to be discussed and improved in the years to come.


References


firewall. (n.d.). Retrieved from NIST: https://csrc.nist.gov/glossary/term/firewall


Packet. (n.d.). Retrieved from NIST: https://csrc.nist.gov/glossary/term/packet


SCADA Systems. (n.d.). Retrieved from SCADA Systems: http://www.scadasystems.net/


unauthorized access. (n.d.). Retrieved from NIST: https://csrc.nist.gov/glossary/term/unauthorized_access


virtual private network (VPN). (n.d.). Retrieved from NIST: https://csrc.nist.gov/glossary/term/virtual_private_network


whitelisting. (n.d.). Retrieved from NIST: https://csrc.nist.gov/glossary/term/whitelisting

________________________________________________________________________________________________________________

Name: Kirk Smith
Date: 11/20/2022

Write -Up: The Human Factor in Cybersecurity


This analysis advocates for (and discusses) the utilization of established cybersecurity frameworks and employee training as components necessary for a fiscally responsible cybersecurity plan.


Utilize Cybersecurity Frameworks


 I would utilize cybersecurity frameworks which would help to produce cost-effective cybersecurity solutions (Odogwu, 5 Cost-Effective Ways to Implement Cybersecurity on a Budget, 2022). One framework that could be utilized would be the NIST Framework. The NIST is an acronym that stands for the National Institute of Standards and Technology and is an agency of the government that has expertise in cybersecurity risk management (Odogwu, What Is the NIST Cybersecurity Framework?, 2021). The NIST Framework helps business of all sizes and helps one figure out what steps need to be taken to make sure there are essential operations as well as service delivery (Odogwu, 5 Cost-Effective Ways to Implement Cybersecurity on a Budget, 2022).

The Framework is made up of three areas (core, implementation tiers and profiles) (Odogwu, What Is the NIST Cybersecurity Framework? , 2021). The core has five areas which are identify, protect, detect, respond, and recover. The tiers are made up of Tier 1: Partial, Tier 2: Risk-Informed, Tier 3: Repeatable and Tier 4: Adaptive (Odogwu, What Is the NIST Cybersecurity Framework? , 2021). The profiles assist in making a balance between resources, business needs and one’s ability to handle cybersecurity risks.


Training

Another aspect of a financially conscientious cybersecurity plan is its provision of solid cybersecurity training to employees (Odogwu, 5 Cost-Effective Ways to Implement Cybersecurity on a Budget, 2022). This training should be done on a continuous basis and may help to fight against ransomware attacks (Odogwu, 5 Cost-Effective Ways to Implement Cybersecurity on a Budget, 2022). Some examples of the elements of training that can occur are triple checking account numbers before sending payment, looking for irregular language in an email as well as assessing for external email addresses (Cybersecurity on a Budget: Protecting Nonprofits , 2022). If phishing attempts or other malicious behavior are recognized, then this will help an organization identify vulnerabilities before an attack potentially occurs (Cybersecurity on a Budget: Protecting Nonprofits , 2022). Training is a key element in a cybersecurity plan that is under budgetary constraints.


Conclusion


In conclusion, two components that are key to a fiscally responsible cybersecurity plan are a cybersecurity framework and training. A cybersecurity framework helps to see what the most important assets are and what measures should be taken to improve one’s cybersecurity (Odogwu, What Is the NIST Cybersecurity Framework? , 2021). In terms of training, having employees able to identify correct account numbers with financial transactions and assessing the validity of emails will improve security (Cybersecurity on a Budget: Protecting Nonprofits , 2022). Frameworks and training are two key elements that should be utilized in a fiscally responsible cybersecurity plan.


References

Cybersecurity on a Budget: Protecting Nonprofits . (2022, November 15). Retrieved from LAMB: https://www.lambis.com/cybersecurity-on-a-budget-protecting-nonprofits/


Odogwu, C. (2021, September 7). What Is the NIST Cybersecurity Framework? . Retrieved from MUO: https://www.makeuseof.com/nist-cybersecurity-framework/


Odogwu, C. (2022, August 12). 5 Cost-Effective Ways to Implement Cybersecurity on a Budget. Retrieved from MUO: https://www.makeuseof.com/implement-cybersecurity-low-cost/#:~:text=5%20CostEffective%20Ways%20to%20Implement%20Cybersecurity%20on%20a,Plan%20…%205%205.%2 0Adopt%20Cyber%20Insurance%20