CYSE200
CYSE200 is an introductory course that explains how cybersecurity connects with technology and society. It focuses on the human, ethical, legal, and social issues behind cyber threats rather than technical coding. While discussing how technology shapes crime, privacy, policy, and daily life through readings, discussions, and writing assignments, building a broad understanding of cybersecurity’s impact on people, organizations, and modern society.
For this assignment, you are assigned to be a chief officer of a company with a new budget. While making this budget you need to think about human factor of cybersecurity and how it would play into ypur new budget
BLUF
Being chief officer of a company that was given a new budget for cybersecurity for a hospital (for this situation) and have decided to make some changes with human and technology involvement for data cybersecurity. Making a larger change to 65% technology based and a 35% human factor within the cybersecurity part of the hospital.
Explanation
Technology has heavily advanced in recent years and has created new ways to manage data, like managing the data remotely. Systems like the SCADA (Supervisory control and data acquisition) which allows remote industrial processes to be managed from the computer screen system by a human. Management of this data requires the person in charge to be on watch constantly and know how to manage these systems properly. [1] With human vulnerabilities there can be issues within data security and management, in order to replace this I would have less human resources and prioritize the technology aspect of managing and protecting the data within.
Process
The first step I would implement is to give the people in charge of managing these systems proper training and required training with the data management system in use. An example of this would be Emerson, which is a global technology, software and engineering powerhouse driving innovation that makes the world healthier, safer, smarter and more sustainable.[2] Which offers online, in person, and hybrid courses for proper training for types of software and hardware, as well as being providers for both. Implementing this for employees prior to being assigned to a machine, this would help lower vulnerability and potentially increase productivity. While hiring enough employees to manage, and directing a 35% amount of the budget to meet these needs the company should see success on the human aspect of cyber security.
Software/Hardware
On the software aspect of the hospital, where a majority of the budget will be spent on, I would implement PLCs (Programmable Logic Controllers) and a control software which uses SCADA control. The choice of hardware would be using Rockwell Automation, which runs on a ControlLogix PLC [3] and running a SCADA Control Software through Emerson DeltaV. [4] Using both of these systems would be quite expensive for the company, hence the reason for a majority of the budget for the hospital.
Conclusion
In conclusion putting a slight priority on software and hardware to have more advanced systems, however with advancements on systems comes an upgrade to employees working these systems. The 40% of the budget goes towards proper training for the systems to ensure less vulnerabilities for the hospital.
References
1-ETKHO. “SCADA System in Hospitals: What Is It and How Does It Work?” ETKHO, 27 Oct. 2020, www.etkho.com/en/scada-system-in-hospitals-what-is-it-and-how-does-it-work/
. Accessed 16 Nov. 2025.
2-Emerson. SCADA Systems Training. Emerson Automation Solutions, https://www.emerson.com/en-us/automation/services-consulting/education-services/scada-systems-training Accessed 16 Nov. 2025.
3-Rockwell Automation. “ControlLogix.” Rockwell Automation, www.rockwellautomation.com/en-us/products/hardware/allen-bradley/programmable-controllers/controllogix.html . Accessed 16 Nov. 2025.
4- Emerson. DeltaV Distributed Control System. Emerson Process Management, www3.emersonprocess.com/deltav/version13/index-iframe.html. Accessed 16 Nov. 2025.
This assignment was about the SCADA system and how it affects the workplace in today’s society. As well as the basics of the system.
BLUF
Supervisory control and data acquisition (SCADA) serves as the backbone of several critical infrastructures, including water supply systems, oil pipelines, and transportation systems, however, with such power comes larger risks to these systems.
Introduction
SCADA systems were implemented into common systems around the world and are partially controlled by a human to help process data. However, since these systems handle larger responsibilities there comes larger risks which include, money loss, humans death, loss of data, and more. The SCADA systems are responsible for managing all the data that runs through these systems, while having the ability to change and modify data. If a third party or internal threat breaks into these systems through various methods, things can be changed and cause harm.
Explanation
Many cases of SCADA systems having vulnerabilities come from attacks of third party software and internal attacks of the data these systems hold. The first ever recorded attack to a SCADA system was in 1982, when at a Serbian Pipeline exploded. “A malicious user injected a Trojan horse into the SCADA system to modify the operations of valves and pumps. The malicious code made the gas pressure exceed the acceptable level” (Sitnikova, 2014) This explosion did not kill anyone it still created many problems for the surrounding areas. Another example would be in 2010, the Stuxnet worm, which originated from an infected removable drive and hid while propagating, damaged the entire Iranian nuclear system. (Falliereetal, 2011) A SCADA system’s vulnerability can be attacked if not properly monitored, even with these attacks there is still responsibility for the humans who are in charge of monitoring these systems. Properly monitoring these systems and making sure nothing goes out of order is a key part of their job.
Conclusion
In conclusion, SCADA systems, which are the backbone of many critical infrastructures around the world have many vulnerabilities to them. With many attacks coming from third parties and not being closely monitored by the human in change of processing the data, these attacks can create issues. From a shutdown of a system, to a literal explosion, SCADA systems have many vulnerabilities with the high amount of power they hold.
References
Ismail, Suhaila, Elena Sitnikova, and Jill Slay. “Towards Developing SCADA Systems Security Measures for Critical Infrastructures against Cyber-Terrorist Attacks.” SpringerLink, January 1, 1970. https://link.springer.com/chapter/10.1007/978-3-642-55415-5_20?utm_source=getftr&utm_medium=getftr&utm_campaign=getftr_pilot&getft_integrator=sciencedirect_contenthosting.
Fillatreatal, Lionel. “Security of SCADA Systems against Cyber–Physical Attacks | IEEE Journals & Magazine | IEEE Xplore.” Security of SCADA systems against cyber–physical attacks, 2017. https://ieeexplore.ieee.org/abstract/document/7954148/.
This write up is about the CIA triad, which is a psychological triangle that has to do with balance of Confidentiality, Integrity, and Availability within society.
The CIA triad
The CIA triad is an important model created by the air force in 1987 but was recognized fully in 1988 and is used “to guide policies for information security within an organization.” (Chai, 1) As described in the two articles given to us the CIA triad follows three basic models when it comes to managing an organization, these consist of confidentiality, integrity, availability.
Parts of the triad
To start off with the first part we have confidentiality, which in simple terms means privacy. Confidentiality is needed to protect people’s information while keeping things private for the users of the data, this also means limiting access to who can view or tamper with the data. This is one of the main responsibilities in the cyber world. Next up we have integrity, the model of integrity for the CIA triad is identified as “helping maintain the trustworthiness of data by having it in the correct state and immune to any improper modifications.” (Unknown, 44) Similar to confidentiality, integrity is needed for the workplace to run smoothly. Integrity is important when handling important data, it is said that “Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people” (Chai, 2) having integrity can help keep a smooth and honest flow of information for a company. Lastly, there is availability which plays just as important of a role as the rest of the triad. Availability mainly focuses on data being available to those who have authority to control it and for the person whose data is being stored. All of these parts of the triad are very different but all equally important when it comes to managing people’s data.
Authentication & Authorization
Authorization is the process of determining and granting access rights to an authenticated user or system while authentication gives users permission to access a resource that has security behind it. Most people would think that these two things are the same, however they aren’t. They do however go hand and hand when securing data and preventing third parties or outside sources into secure data.
Conclusion
After going over the CIA triad and authentication vs authorization I have learned a new model that people use in the cyber workforce to keep their company secure and safe. As well as learning the difference between authentication and authorization. All of these aspects play a role in the cyber world that keeps data secure.