Nathan Edwards
CYSE 200T
Professor Aldabagh
Analytical Paper: April 17th 2023
Analytical Paper
Having a limited budget as chief information security officer, I would have to balance a tradeoff of training and additional cybersecurity technology to ensure safety and help prevent cyber-attacks. Finding a balance between training and additional cybersecurity technology is very important because if not, it causes many risks to the security. Before allocating my funds as chief information security officer, I would first identify the company’s assets. Next, using the CIA triad, I would train my employees on confidentiality, integrity, and availability. Lastly, after training my employees on the CIA triad, I would use the rest of my funds on additional cybersecurity technology.
When training employees, I would make sure that in the training they are getting, it emphasizes confidentiality. Confidentiality helps allow for authorized people to get familiarized with risk factors and helping them guard against them (Chai, 2022). This training can also emphasize the importance of passwords in preventing security breaks as well as two factor authentication. This training will allow employees to then create stronger passwords including possibly two factor authentication. Secondly, I would train employees on integrity. Integrity includes file permissions and user access controls (Chai, 2022). Lastly, in the training of the CIA triad, I would describe availability. Availability in the form of the CIA triad is defined as what ensures maintaining hardware, including repairs when systems perform unfunctionally (Chai, 2022). This training will allow workers to understand the importance of things possibly going wrong however, this training will help workers with what to do in those situations.
What is then left with my funds, I would then look at additional cybersecurity technology. What I would use these funds on are things that help with data loss prevention and intrusion prevention systems. I would spend the rest of my funds on data loss prevention to ensure that all data cannot be lost and if it is, can be gained back through these systems. Secondly, I would spend the funds on intrusion prevention systems. These intrusion prevention systems will help prevent intruders in gaining access to our systems and what to do if an intruder does get into the system.
CIA Triad
Furthermore, the CIA Triad is defined as a model that guides policies for information security within an organization (Chai, 2022). The CIA Triad consist of three main parts which are confidentiality, integrity, and availability. Confidentiality in the CIA Triad is defined as privacy. Confidentiality help prevent sensitive information from unauthorized access attempts (Chai, 2022). How confidentiality is used today is involving special training to help train stronger passwords and preventing users from changing data (Chai, 2022). This involves two-factor authentication or other options like biometric verification, security tokens, or key fobs (Chai, 2022). This allows for safety among cybersecurity threats by creating precautions and establishing privacy. The second part of the CIA Triad is known as integrity. Integrity is defined as consistency, accuracy, and trustworthiness of data across its entirety (Chai, 2022). This is an important part of the CIA Triad because it allows for steps to be taken so that data is never altered by unauthorized individuals (Chai, 2022). The CIA Triad allows for integrity by having different permissions and user access controls (Chai, 2022). These controls then allow for the prevention of changes/deletions of data or any other changes that may have occurred from non-human-related crashes (Chai, 2022). The last part of the CIA Triad is known as availability. Availability is defined as making sure information is accessible for authorized bodies (Chai, 2022). It is important to make sure all software and system upgrades are up to date. The difference between authentication and authorization is that authentication just verifies the identity of the user, while authorization verifies the rights that the user has (OneLogin).
Critical infrastructure systems, such as, pipelines, irrigation systems, pump stations, sewage distribution, transportation systems, etc, face many vulnerabilities to cybercrime. For example, one vulnerability that these infrastructure systems face is weak security systems. These systems may have weak physical protection, all information on one port, devices that are hard to upgrade, weak passwords, or even just a few firewall options (SCADA Systems). Other vulnerabilities that these systems face is little to no protection against denial-of-service attacks, protocols that are too simple, and RTUs and PLCs being hard to upgrade (SCADA Systems). A RTU stands for a remote terminal unit in which it is connected to the physical equipment (SCADA Systems). RTUs then convert electrical signals that come from the equipment into digital values like pressure, flow, voltage, on/off, open/closed, etc. (SCADA Systems). PLCs stand for programmable logic controllers in which act the same as RTUs (SCADA Systems).
SCADA Systems
SCADA stands for Supervisory control and data acquisition and tries to prevent and mitigate these vulnerabilities from critical infrastructure systems. Elements of Supervisory Control and Data Acquisition consist of sensors and actuators, remote terminal units (RTUs), programmable logic controllers (PLCs), telecommunications, and SCADA clients and servers (SCADA Systems). The type of sensors and actuators that SCADA vary from a variety of ranges. For example, there are light, temperature, distance, wind, and water sensors (SCADA Systems). SCADA is also linked to the human machine interface (HMI). The HMI is an apparatus that gives processed data to the human operator as the human operator uses the HMI (SCADA Systems). SCADA also uses different types of actuators and alarms such as valves, pumps, and motors (SCADA Systems). PLCs are used to control manufacturing processes and communication compatibilities (SCADA Systems). The SCADA server consists of data logging, analyzing data, decision making, looks at the RTU for information, and stores information in case of a breach or disaster (SCADA Systems).
These elements of sensors and actuators, remote terminal units, programmable logic controllers, telecommunications, and SCADA clients/servers allow for the prevention and mitigation of cybercrime towards our critical infrastructure systems. However, as stated in the article there are two major threats to SCADA. One of these two major threats to SCADA is the unauthorized access to software, whether it be human access, viruses, etc. (SCADA Systems). The second major threat to SCADA is related to packet access to network on actual packet control protocol (SCADA Systems). However, with the threat of unauthorized access to software, this is why it is very important to establish confidentiality, integrity, and availability to help ensure the possibility of unauthorized access to a software.
In conclusion, the CIA Triad and SCADA systems are two important systems that almost help each other and go hand in hand. The CIA Triad and SCADA systems are two systems that are used for cyber-security to ensure the safety over technology as well as prevent cyber-attacks. Using the CIA triad, it allows for confidentiality, integrity, and availability throughout a company that helps prevent cyber security attacks and ensures security. SCADA systems allows for the supervisory control and data acquisition that mitigates vulnerabilities from our critical infrastructure systems. As a company one would have limited funds to address cyber security and finding a balance between the CIA Triad and SCADA systems allows for the security and prevention of cyber-attacks.
References:
hai, W. (2022, June 28). What is the CIA triad? definition, explanation, examples – techtarget. WhatIs.com. from https://www.techtarget.com/whatis/definition/Confidentiality-integrityand-availability-CIA
SCADA systems. SCADA Systems. (n.d.). Retrieved March 26, 2023, from http://www.scadasystems.net/