IT/CYSE 200T

Cybersecurity, Technology, and Society

In the midst of this course, I have learned plenty of new information that will help me in my upcoming courses & career future. Things such as how cyber technologies impacts behavior, roles, progress, & society as we see it today. All these issues are connected to how we learn, live, & work in today’s society. 

The many quizzes, exams, & discussion board posts, have also been a huge contribution to helping me acknowledge  the ideas & roles of cybersecurity, & the reasoning behind many different takes. 

Course Material

Quiz Material Overview

  • The NIST Security Framework, introduced a lot of new information to me. Focusing on the five basic functions, helped me to really understand the concept of it all. I really enjoyed taking the quizzes, as well as the NIST Incident Handling Guide Quiz. I learned that the Organization, consists of the set standards & practices that particularly help manage cybersecurity risks. The profile, core, and tiers, tie everything together as it is organized.

Discussion Posts

  1. The first write-up completed stated, was the NIST Cybersecurity Framework.

In the terms of cybersecurity, a framework serves as an important system of guidelines, standards, & practices that help improve the digital world & handle risks that may occur within technology. A framework like NIST is important because it is a cost-efficient way of approaching cyber-risk & compliance. I believe frameworks provide a good way of integrating risk management that can potentially improve the way data breaches can impact organizations & institutions. 

5 core functions of the NIST Cybersecurity framework include, identifying, responding, detecting, protecting, & recovering, these all help implement a great an way to protect from cybersecurity events. The main core factor of NIST, is Identifying. It applies to figuring out what physical assets must be key & a basis to a good infrastructure. Identifying can apply to focusing on the right cyber policies, risk management, & requirements that must be set in order to maintain an organization. Realizing which assets that may be appealing to others can help in the long-term for orgs, companies, & etc. Protecting relates to training staff & teams in organizations to make sure everyone is up-to-date on the main security strategies, protecting technology with safeguards etc. maintenance or technology & security as well. Detecting means identifying what is the main cause/issue of predicaments & figuring out the total impact. Responding is the action of making sure a response coordinating team is making sure recovery of the organization is resolved from negative impacts. Figuring out what the cause & effect of impacts is the main issue. Recovery implements improvements & strategies from a cybersecurity incident. 

Works Cited 

The five functions. NIST. (2021, May 12). Retrieved September 10, 2022, from https://www.nist.gov/cyberframework/online-learning/five-functions

  1. Discussion Board – SCADA

SCADA systems are important control systems that have a great impact on data with critical & real time events. Infrastructure processes is the key feature of SCADA and help with risks within them. Water, oil, electric, & gas companies benefit greatly from the control of processes associated with them. These systems are needed for all different production facilities & etc., to help monitor & control objectives within them. It increases better productivity within tasks that humans may consider tedious & time-consuming, and also helps with human errors. They are typically needed to ensure & control small and large areas; this determines low & high budgets for programs.

SCADA can become vulnerable to cyberthreats, cyberattacks, & exploitations, which play huge critical roles in industries & can lead to many consequences and/or downfalls. With the advancement of technology, lack of monitoring, human error, & rise of hackers, SCADA can become very vulnerable. Hackers have a huge impact on these systems because, once unauthorized access is intact it can be hard to tackle without the correct safety protocols in place. Another reason for vulnerabilities can include the timeframe in which system protocols have been created. While these systems are being modernized to fit today’s measures, security can still become lagged due to the continuous modernization. Components such as RTUs and PLCs are key internal devices/controllers that help with the processes of automation. These can have hackers if security factors aren’t set properly. Hackers can carry out many attacks when issues such as user authentication & software isn’t implemented. 

Discussion Board – Information Security. Below are answers in regards to Chapter 6: System Security. 

  1. Briefly define each of the three members of the information security triad. The three members of the IST include, Confidentiality, Integrity, and Availability. Confidentiality is the ability to restrict access to individuals who can already see the information. Integrity is the aspect of information being accessed & not altered with. Availability means information can be accessed & modified by anyone. 
  2. What does the term authentication mean? Authentication is the process of making sure individuals verify their identity to a program and/or process.
  3. What is multi-factor authentication? MFA is necessary in order to maintain strict policies when verifying & identifying users. Individuals must successfully provide one or more authentication pieces in order to get into accounts & etc.  
  4. What is role-based access control? This is an action that can restrict individuals in an organization from system access. (If they are not authorized users).
  5. What is the purpose of encryption, and fundamentally how does it work? Encryption is the process of enhancing security with important files & documents. Data is encoded so that only authorized parties can understand the information. 
  6. What is pretexting and how does it represent a threat in the Cybersecurity landscape? Pretexting is when cyber criminals steal information from others & typically ask victims for certain information, stating that it is needed to confirm the victim’s identity.
  7. What’s the point in backups & what are the components of a good backup plan? Backups are important because failure can lead to ever lasting negative circumstances. Disaster recovery can help businesses, orgs, & communities quickly come together to fix issues that may have damaged the community. 
  8. What is a firewall? A firewall is a network security device that monitors traffic to or from your network. It allows or blocks traffic based on a defined set of security rules.
  9. Discuss various types of Firewalls. Packet filtering firewall & Proxy firewalls. 
  10. What does the term physical security mean and how does it apply to Cybersecurity? Physical security keeps your employees, facilities, and assets safe from real-world threats.
  • With the amount of access that employees from cyber security jobs receive, it can easily slip into the hands, deviance can take place in an instance. Authorized information should belong to only a select amount of individuals and/or trusted groups who can handle it. Important information could be stolen and mishandled by whomever if placed in the wrong hands. People who have ill intentions can intentionally destroy and ruin organizations due to leaked information, that is why it is important that sensitive information be handled correctly. Companies, businesses, etc. should have a positive source of communication within each other to minimize & regulate deviant behavior. Things such as hacking while spreading false information, changing passwords, & editing/changing confidential records does more bad than “good”.

Discussion Board – Cyberthreats

In today’s time, cyberthreats are a high risk in technological advances & can do great damage to companies and organizations when information has been hacked and exploited. One of the most important forms of malicious activities that hackers attempt is Denial of Service (DoS). Denial of service is a form of malicious attack that seeks to make networks and resources unavailable to others. It can be performed by sending numerous counts of targeted requests, to the point where machinery cannot process the information. Typically, a single computer is used to launch these different types of attacks. There are different types of DoS including, application-layer flood, distributed denial of service, & unintended denial of service. Application-layer flood is an attack where an attacker can send spoofed IP addresses and flood services with requests in attempt to try and “slow down” or “crash” the application and/or service. Distributed denial of service is the same process as regular DoS but instead, it is performed on more than one individual rather than one client. Unintended denial of service is basically exactly what it means, “unintended”. If information on sites were to become popular, then those sites would typically crash and cause a flood of traffic, causing unintentional DoS.

Works cited

https://developer.okta.com/books/api-security/dos/what/#_2-distributed-denial-of-service-attacks-ddos

Discussion Board – Cyber/Stalking & Harrassment

I believe the changes in technology have grown so much that when it comes to Cyber Stalking and Cyber Harassment, many do not take it as serious as they should. Not only that, but stalkers & abusers will always find new ways to taunt their victims. With various new forms of communication through technology that leaves room for a ton of inappropriate behaviors. These new implementations of technology change the values & beliefs of society and change the way people view reality. Some ideals that may have been appropriate beforehand, typically would not be if technology has grown in a way that makes it easier to hurt, manipulate, bully, or exploit others. 

Journal Entries

  1. Why are you interested in Cybersecurity technology? 

I am interested in cybersecurity technology because of my own interest in the IT & technical fields. I’ve always been into the ideas, aspects, ideologies, & developments of cybersecurity and took the initiative to get involved in it. When learning about cybersecurity technology, I always feel like I am learning something new. That is important to me because I am never doing unnecessary work, it is constantly evolving. 

  • Describe four ethical issues that arise when storing electronic information about individuals. Four ethical issues that may be at risk of information storage includes:
  • The usage of AI applications! These systems are useful in many cases but can be the downfall of private personal information being altered with. Bias, restriction of freedoms, lack of privacy, & health tracking are all risks of AI.
  • Inappropriate usage of data
  • Selling Individuals personal information to third parties.
  • Companies hiding breaches from customers or not protecting sites.
  • Compare cybersecurity risks in the U.S. and another country. 

I would compare the U.S. to China. 

U.S Cybersecurity Risks: The U.S. is pretty okay overall when it comes to cyber security, but I do believe China does over power. We lead in cyber offense, cyber norms, & cyber intelligence.   

China Cybersecurity Risks: China has a powerful hold on cybersecurity due to its cyber surveillance power. Additionally their cyber power in commerce & defense is #1. 

  • Use the letters of the word CYBERSECURITY to list legal ways to make money in cybersecurity.

C reating applications.

Y our own cyber company.

B uying cybersecurity stocks.

E xploring your own cyber skill sets & diversifying them. 

R eport hacks in companies.

S ecurity auditing. 

E ncouraging promotion of obtaining certifications.

C onsultant.

U sing skills in a cyber career.

R emote working as security specialist.

I nstructional classes for individuals.

T each cybersecurity in institutions.

Y ou can join bug hunting communities.

  • How has cyber technology created opportunities for workplace deviance? 
  • Individuals may have certain access to information that others do not and can maliciously create attacks against the workplace.
  • Not following workplace expectations by sharing private information.
  • Exposing organizations, companies, government by sabotaging information. 
  • What are the costs and benefits of developing cybersecurity programs in business?

The costs of developing cyber programs can be very expense at times. It is mandatory for organizations & companies to use security in any circumstance but can also hurt them. 

  • How can you tell if your computer is safe? Most computers have the option to save user id’s and passwords within every website, these will typically inform you when you should update a weak & hacked password. It is also important that browser plug-ins are updated. If it isn’t it can leave computers vulnerable to attacks or viruses. Performing anti-malware scans through protection will also show if your computer is safe.
  • Describe three ways that computers have made the world safer and less safe. Computers have made the world safer because it makes it easier to track others safety when crime has occurred. These could be things such as abduction & kidnapping. Also makes it easier for us to get information going on in society or knowledgeable research. It is a great resource to connect with others, network, support businesses, & etc. Additionally, there is also disadvantages that do not politely impact society. They can lead to loss of privacy due to hackers, phishing, malicious attacks, & etc. Also, even though computers are useful for learning, they can lead to learning barriers or negatively influence individuals. Computers can also have a negative effect on our work habits. Focusing & overusing too much technology doesn’t allow you to focus on important tasks. 
  • How do engineers make cyber networks safer? Engineers make cyber networks & are always looking for improvements within them They are usually a backbone to cyber networks. They identity different vulnerabilities in softwares or systems. They also help defend against hackers, ransomware, threats, & other types of cyber crimes.
  1. What is the overlap between criminal justice and cybercrime? How does this overlap relate to the other disciplines discussed in this class? In criminal justice & cybercrime, there is many different types of overlapping human factors that relate to both. When individuals have caused crime within cyber technology, criminal justice is where those criminals are held accountable for their actions. Also, careers in criminal justice can relate to cybersecurity & overlap, for example one career that involves both is Digital Forensics.  
  1. How does cyber technology impact interactions between offenders and victims? 

Technology has impacted offenders and victims in so many different ways. In today’s time, the advancement of technology has grown so much that cybercrimes are at an all time high. Cyber criminals are able to steal information & many times victims do not notice until someone has to tell them or until days after. This can happen due to incorrectly using apps & sites, by not protecting passwords, or simply just having technology. Offenders constantly hack, breach & target softwares/applications.  How should we approach the development of cyber-policy and -infrastructure given the “short arm” of predictive knowledge? This “short arm”can refer to the conduct of situations. I believe cyber policy sets the basic standards for technical advances such as social media. If we are consistently improving different policies, then individuals will be way safer when using resources. When it comes to cyber infrastructure, there must be updated & safe systems for individuals. Whether that relates to health and/or safety it is vital for the country.   

Leave a Reply

Your email address will not be published. Required fields are marked *