Discussion Board: The NIST Cybersecurity Framework: From your readings of pages 1 – 21 of the NIST Cybersecurity Framework Links to an external site., what benefit can organizations gain from using this framework, and how would you use it at your future workplace?
The Framework is aimed at reducing and better managing cybersecurity risks. The Framework is designed to complement, not replace, an organization’s cybersecurity program and risk management processes. The benefit that organizations gain from using Framework is that it will take steps to reduce the risks to an acceptable level. The Framework can help organizations identify and prioritize actions for reducing cybersecurity risks. The organization can use the information from the Framework to develop an action plan to strengthen existing cybersecurity practices reduce the cybersecurity risk and reprioritize resources. Now, I will use this Framework in my future workplace to identify and manage cybersecurity risks by developing a plan and a roadmap to improve the workplace. We can use the Framework to determine the most important activities to prioritize improving.
DISCUSSION BOARD: Protecting Availability: In this discussion board, you are the CISO for a publicly traded company. What protections would you implement to ensure availability of your systems (and why)?
If I was the CISO of a publicly traded company, I used the NIST Framework for protection. I would implement access control and two factor identification because authentication is the main thing used when protecting availability. If I am going to use authentication to protect my availability in my company, there are things I would implement. Such things I would be implementing are password security, using encryption, firewalls, and two factors authentication. All of these things will help me in ensuring that my availability of my systems is going to be protected. The password security will help with identifying the person is who they say they are by putting a password that only they would know. The encryption will protect the availability of the systems by making it not obvious what is in the system. The firewall will protect it by keeping people that don’t have access to it from keeping getting the information in the system. Two factor authentication is a useful thing to use when someone logs into their account from another device, and they have to identify they are the person they say they are when logging on as. These are just some of the things that I will implement in my company’s system to ensure my availability is protected from other people.
Discussion Board: Ethical Considerations of CRISPR Gene Editing: Based on your readings related to the BioCybersecurity section of this course, identify possible ethical considerations and explain your position.
There are many possible ethical considerations but there are two major ones I can see. The two major ethical considerations that I saw were the testing and availability. With all this new technology there will have to be major testing and trials for it to become a popular option for people to use. When the time comes, and testing needs to take a huge step there will be a living subject. Then when the living beings work, they will move on to a human test subject. With the humans being in the equation it could become dangerous in some way. They would have to test everything they could, so they can get all the kinks out of this kind of technology. With this being said I think all of this is a little too risky and can be dangerous. We don’t have any idea what the lasting effects of using CRISPR are. The other possible ethical consideration is availability. Like what kind of things will be allowed? Also, how much will all of this cost of the people? Just by reading about CRISPR these are the questions I have. How available will this genetic editing be for the normal person not just for the rich. Will the middle and lower class have to suffer from genetic disorders? With all this being said I do think CRISPR is an interesting technology that can help a lot of different people. It still is in the early stages of testing, but I think all of this is way too risky.
Discussion Board: Opportunities for Workplace Deviance: How has cyber technology created opportunities for workplace deviance?
With the rise of cyber technology it has created many opportunities for workplace deviance. It can make it simpler for employees to commit theft. They might steal sensitive information or it can help alter financial records. This can cause the company to lose a considerable amount of their money. With this technology employees can potentially hack into another employee’s accounts and damage that employees reputation or just their work. On a less serious note employees can take advantage of playing games, watching YouTube, or scrolling through social media on their computers instead of actually getting their work done. This can affect the company a great amount if they need that assignment on a certain day and it is not done on time, it can cause the company to be behind on things.
Discussion Board: The “Short Arm” of Predictive Knowledge: From this week’s Jonas Reading: How should we approach the development of cyber-policy and infrastructure given the “short arm” of predictive knowledge?
There are many approaches we can take in regard to the development of cyber-policy and infrastructure. Since we cannot predict the future of cyberspace with certainty at this time. So, an approach that we can take is one with flexibility because cybersecurity is always changing, and it is ever the same twice. Another approach we can take is having some sort of cooperation in sharing information so we can respond to different global cyber threats. Alos, prioritizing in cybersecurity research and training. It helps us get the knowledge we need to have a skilled workforce that can be flexible. All of these approaches and many more we can take regarding the development of different cyber-policies and infrastructures.