CYSE 200T Assignments

Discussion Assignments

DISCUSSION BOARD: Protecting Availability
In this discussion board, you are the CISO for a publicly traded company. What
protections would you implement to ensure availability of your systems (and why)?

As CFO, “Availability” in the CIA triad means keeping the data
available when needed. To manage cybersecurity risks, I can utilize
the NIST framework to create profiles. Starting by understanding
organizational resources, evaluating the current framework. Build the
best possible fortress to protect company data.
Deploying and making sure that server security is up to date, if
physical security measures are taken properly, along with disaster
recovery measures–in case of emergency, server fails the availability
protocol is breached. Ensure strong password policy. Along with
authorization policy so that those who require access are
appropriately assigned access levels with authorization level. Making
sure that individuals can not access information which they are not
supposed to access to mitigate information breach or leak which
could potentially lead to server failure. Most importantly, conducting
employee awareness training is the fundamental part. Raising
awareness of phishing, Email spoofing, social engineering.
It is believed widely that if you see incompatibilities in “availability” is
a “canary in the coalmine”, as such I will be responsible for
safeguarding company data at the entry point of the company.

Opportunities for Workplace Deviance

How has cyber technology created opportunities for workplace deviance?

In a general concept, workplace deviance is characterized by:

-Aggressive behaviors: e.g. sexual harassments, hostile behaviors
-Unproductive behavior: e.g. taking time intentionally, neglect obligation
-Abuse of property: e.g. using company assets for personal gain, taking office supplies home
-Politics within the company: e.g. Spreading disinformation to devalue someone, etc.

Taking this general concept and applying to how cyber technology contribute to workplace deviance are:

-Because you have an assigned dedicated computer to yourself, you can directly send emails or send IM to harass someone.
-Using company PC and do shopping during working hours, using company provided pocket Wifi and use it home–taking advantage of anything provided from the company so you can work from home.
-Working from home means you can work in a public space. It can raise risks of exposing vulnerability.
-As researched in the reading “White-Collar Cybercrime written by Payne(2018)” from last week, taking advantage of your access level (RBAC) to company data, then you can sell it to someone to get promotion or to devalue someone or company.

Just a couple of examples; however technological advancement created a lot of opportunities for workplace deviance.

Write-Up Assignments

Write-Up Assignments 1
Using the Chai Article (Links to an external site.), along with additional research you will conduct on your own, describe the CIA Triad, and the differences between Authentication & Authorization, including an example.

Write-Up CIA Triad
CIA triad is also known as AIC triad. CIA is abbreviated for “Confidentiality”,
“Integrity” and “Availability.” It is a model designed for organizations to create security
policies and used as a basis for the development of security systems.
Confidentiality involves the efforts to make sure company’s information is secure
and private. For example, access to personal information of employees such as resumes,
addresses, phone numbers should be limited to HR or certain executives.
Integrity involves the efforts to maintain data being accessed, viewed or transported
from being altered wrongfully. For example, information in the email was intercepted by
malicious actor and altered meaning data has lost its integrity.
Availability involves the people can access the information when is needed and it is
done so by appropriate personnel. It is important to reflect the policy of confidentiality and
integrity.
Difference between authentication and authorization
Commonly, authentication is a process to verify the identity of user trying to access,
in other words login to the service. Authorization is a process to determine what the user is
granted to perform. According to the authentication level set in the application or
computer, each user can perform is what is authorized to do. Common example is when a
user tries to access some page in application or service then gets an error message. This is
because the user does not have access rights, meaning an unauthorized access.

Write-Up Assignments 2
In this write-up you will use the SCADA SystemsLinks to an external site. article, along with your own research, to explain the vulnerabilities associated with critical infrastructure systems, and the role SCADA applications play in mitigating these risks.

Write-Up – SCADA Systems
To explain and better understand the vulnerabilities associated with critical infrastructure
systems, and the role SCADA applications play in mitigating these risks, I used SCADA
Systems¹ and One Flaw too Many: Vulnerabilities in SCADA Systems².
SCADA is an automation system for monitoring and managing industrial processes and devices.
The system consists of multiple contact points that work as data collection sensor monitors
within the network. Each technology can create vulnerabilities.
● HMI can be accessed remotely anywhere by using mobile devices
● There are many technology solutions provided to enhance HMI system. PaaS, Saas
applications such as DeltaV SaaS SCADA³3
● Vulnerabilities are reported Through the communication protocol of PLC or RTU which
acts as a microprocessor and collects data from industrial equipment.
The most vulnerable part of the SCADA system is the control interface–Human Machine
Interface. HMI is where human operators can visually manage and monitor information, sensors,
make critical decisions related to the condition of system, and troubleshoot.
Therefore, to mitigate the potential risk, it is important to
● Evaluate and ensure that each technology solution do not bring potential vulnerabilities.
● Enforcing MFA, not accessing from public wifi –HMI can be accessed remotely anywhere
by using mobile devices
● Access level management (RBAC)
● Security awareness training
SCADA vendors such as, SIEMENS provide routers to address communication vulnerabilities
with industrial VPN, and firewall solutions⁴.4 Because SCADA solution is provided by multiple
vendors, companies or the government might select the lowest cost solution. However,
considering the risk that can potentially be caused to the infrastructure system. Companies
should carefully select the solution and enforce security training to further prevent potential
threats.

Write-Up Assignments 3
During this week’s reading, you’ve been exposed to different points of view regarding human contribution to cyber threats. Now, put on your Chief Information Security Officer hat. Realizing that you have a limited budget (the amount is unimportant), how would you balance the tradeoff of training and additional cybersecurity technology? That is, how would you allocate your limited funds? Explain your reasoning.
Write-Up Human Factor
It is important to focus on the return on investments and maximizing the security return.
Since the human factor is the weakest link to cyber threats–commonly believed that 85% is
accounted for regardless the size of the organization. Cybersecurity training to address human
error is a high-return investment.
Although often cited in multiple sources from the return on investment point of view, is that the
result of security awareness training is unmeasurable. However, enabling employees to
recognize threats contributes to prevention. According to Infosec⁵, Cost to remediate from
security incidents after proper security training is approximately 10% lower. Reduction in
incidents leads to productivity gain and financial gain, as I learned from Linkedin article⁶.
That said, a balanced cost distribution is essential. Within the allocated budget,
estimating the cost of preventive measures for roughly 65% on technology investments to 35%
on awareness training. After conducting the risk assessment to determine what is required to
fortify security measures. Then, I would like to explore what type of technology update will be
beneficial to reduce human error further.

https://www.scadasystems.net/ ↩︎
https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/one-flaw-too-many-vulnerabilities-in-scada-systems ↩︎
https://www.emerson.com/en-us/automation/control-and-safety-systems/zedi-saas-scada ↩︎
https://www.siemens.com/global/en/products/automation/industrial-communication/network-security/scala ↩︎
https://www.infosecinstitute.com/resources/security-awareness/the-roi-of-security-awareness-training-2/#j
ump5:~:text=for%20your%20organization.-,Step%201%3A%20measure%20your%20security%20costs,-
To%20measure%20the ↩︎
https://www.linkedin.com/pulse/roi-cybersecurity-training-why-invest-security-education ↩︎

https://www.scadasystems.net/ ↩︎

https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/one-flaw-too-many-vulnerabilities-in-scada-systems ↩︎

https://www.emerson.com/en-us/automation/control-and-safety-systems/zedi-saas-scada ↩︎

https://www.siemens.com/global/en/products/automation/industrial-communication/network-security/scala ↩︎

https://www.infosecinstitute.com/resources/security-awareness/the-roi-of-security-awareness-training-2/#j
ump5:~:text=for%20your%20organization.-,Step%201%3A%20measure%20your%20security%20costs,-
To%20measure%20the ↩︎

https://www.linkedin.com/pulse/roi-cybersecurity-training-why-invest-security-education ↩︎