IT 200

Cybersecurity, Technology and Society

Free Writes from Spring 2023

The Human Factor in Cybersecurity:

  • Cybersecurity relies on two major components, technology, the computers used to protect an asset, servers to store data, software to run the programs, and the humans developing and managing all of the technology. The pair works together to allow cybersecurity to be running at its full potential in a company or an organization. As a Chief Information Security Officer, I will make sure that the budget the organization is willing to invest in cybersecurity is well balanced between human resources and technology. Balanced doesn’t mean it will be split in half between the two, but that it will be allocated in a certain way so that all components work at their full potential.
  • First, the human factor. It is a key aspect of cybersecurity, as the human is responsible for programming, developing, and operating the machines and programs to ensure security on a network. Many jobs in the cybersecurity field need to be done by a human, This includes, penetration testers, data recovery professionals, cryptographers, malware analysts, and many more. All of these jobs require a lot of training and certification, not only to learn the profession but also to stay up to date with technology. This is why allocating a sufficient budget to the human factor is important, as a well-trained team will always be better at the job than a team with no certification. Frequent training, re-certification, and full-scale exercise are all good ways to keep a cybersecurity team well trained but will cost a certain amount of money. The cost of hiring new employees and paying them a competitive salary is also an important factor.
  • After thinking about the human factor, we can focus on technology. Technology is extremely important in cybersecurity as it provides the tools and capabilities required to protect a network or a computer system. All the machines, materials, data centers, programs, and software are used together to ensure that a network is operational and secured. For example, a firewall ensures that no outside threat enters a network from the internet, an antivirus ensures the detection and removal of any virus or malware, and encryption allows data to be transferred without being intercepted by malicious users. All of these technologies cost a certain amount of money to develop, install, and take care of. It is necessary for a good security framework to keep the technologies up to date and running.
  • Both the human factor and technology are essential components of an effective cybersecurity framework and strategy. The cost of both components depends on several factors such as the size of the organization and the complexity of the network or system it is trying to protect. This is why a balance need to be found between the two factors to ensure that the full potential of the security is met. The right technology is needed, but so is the personal training to avoid risk and error.

SCADA System:

  • A SCADA system is a combination of hardware and software that allow an industrial process to run automatically. This kind of system is used to control industrial processes and infrastructure such as power plants, water treatment facilities, or oil pipelines. A SCADA system usually consists of sensors, a controller, and a human-machine interface. The system is using sensors to control different parameters like temperature or pressure and display the data to the human-machine interface, to allow the personnel to monitor these data. A SCADA system is very useful to improve efficiency and enhance security on industrial infrastructure. By being a computer-based system, SCADA-based systems are a potential target of cybercrime. While being protected physically, with barriers, guards, or security cameras, it is still accessible remotely via network access. This kind of system is vulnerable to many sorts of outside threats, such as virus infection, human unwanted access, or the lack of encryption. A virus or cyberattack could cripple an important system such as a power plant or water treatment system, which would have very severe effects on the population surrounding the area. The role of the engineer setting up a SCADA system is to prepare for any sort of disaster, physical or numerical. These security measures could include proper and frequent training, the inclusion of a strong firewall, or the implementation of security guards in a sensitive areas.

The CIA Triad:

  • The CIA triad stand for Confidentiality, Integrity, and Availability. This triad is a core component of and organization security procedure, all three elements are the most foundational and crucial cybersecurity needs. Confidentiality is used to prevent sensitive information from leaking or ending in places they shouldn’t be. It can be compared to privacy; the way information needs to be protected in order to stay private. Integrity is the way information are verified and accurate, it is here to make sure that data can be trusted. Availability is directly interacting with confidentiality, information needs to stay private and inaccessible to unauthorized personnel, but available to authorized one when they need it. The CIA triad is important for a company because it helps it having a comprehensive and clear way of evaluating their incident response plan. In the event of an active cyber threat, the company must be able to react fast and accurately, the triad is there to help them. Without the triad, during a cyber breach, a company wouldn’t be able to clearly identify and respond to the threat.
  • On aspect of the CIA triad is authentication and authorization. These two concepts look similar on the surface but show many differences when explored in depth. Authentication is used to verify a user identity. This can be done by checking a person detail such has a physical badge, password, or credential. Authentication is used to protect sensitive info only available to certain users. For example, a company could use a password on their computer as well as an authentication number in order to access their personal information within the company. Or in an everyday situation, it could be how we have a username and password to access a personal social media account. Authorization is used to allow access to a certain resource to the authorized user. This can be enforced by having security guards, or access control list, which only allow permitted user to access certain information. For example, a safety guard will only allow a network administrator to access the server room. Authentication and authorization are a key part of the CIA triad, has it ensure safety and security within an organization.