Cyber technology has definitely created opportunities for workplace deviance, and new opportunities will happen as technology continues to grow. Workplace deviance is any malicious attempt to sabotage an organization by causing problems in the workplace (HRZone, 2013). Some new opportunities can include cyberbullying, cybercrime, cyberloafing, and in some cases, white-collar crime. Bullying coworkers through email…
Protecting Availability
Availability is about making sure that the information or data in a system is always accessible to authorized users at any time or place. For the system in my publicly-traded company, there are a few protections that could be implemented to ensure availability of the systems. One of the first things to implement is a good…
NIST CyberSec Framework Benefits
First, the system submitted this before I was done writing. There are many benefits to an organization for using the NIST Cybersecurity Framework. Any organization that implements the NIST CyberSec Framework benefits by being able to avoid redundancies in cybersecurity matters, collaboration with other organizations, sharing of best practices and latest cybersecurity fixes/patches, better use of a budget, etc. I don’t…
CyberSec Professional Credentials
Aspiring information security professionals have a multitude of options available to acquire professional credentials. A few ways that people can obtain credentials can include taking college courses, taking certification exams, enrolling in a cybersecurity boot camp, etc. One of the most important things that an aspiring information security professional needs is a security clearance, which…
U.S. Compliance Laws – HIPAA
HIPAA or the Health Insurance Portability and Accountability Act is a law created in 1996 to protect private health information that can be created, received, maintained, or transmitted (Secretary & (OCR), 2013). In order to protect a person’s electronic private health information (ePHI), certain safeguards are put into place. These safeguards are the administrative, physical,…
ISS – NIST CyberSec Framework
The NIST Cybersecurity Framework is a great resource for businesses to use in order to address and manage cybersecurity risks in a cost-effective way. Government agencies, businesses, and organizations do not need to utilizie the NIST framework and can still mitigate risks (NIST, 2020). There are many different cybersecurity frameworks availabie to use. Some of these cybersecurity…
Malicious Code & Activity – Mitigation Methods
Malware has ravaged the internet since the 1970s. Attackers are always coming up with new malware to use for attacks on just about anything. In this article, it talks about multiple cyber attacks that have targeted healthcare-related companies, hospitals, and healthcare organizations around the world. These attacks were ransomware attacks and most likely have threatened…
Networks & Telecommunications – IPv6
As one could infer, IPv6 is an improved version of the IPv4 protocol. IP or Internet Protocol is a protocol that is used to identify devices across the internet so they can be located (Fruhlinger, 2020). IPv6 is more advanced than IPv4 because of the following reasons: It has more efficient routing without fragmenting packets Eliminates the usage…
Cryptography – PKI
Public-Key Infrastructure or PKI is a framework that enables the encryption of public keys and includes their affiliated crypto-mechanisms (appviewX, 2020). It is a very impressive and detailed framework, yet it is very expensive for groups to use. The U.S. federal government is able to use it extensively because they have the funds to use on…
R.R.R – Asset & Vulnerability Likelihood Value
In order to determine what the best value that should be assessed when evaluating the worth of an information asset depends on the organization. Both replacement costs and lost income while repairing or replacing are critical aspects of an organization. Determining what value an organization focuses on depends on the organization itself and the situation. If the replacement…