This diagram shows how SCADA control systems help to provide security for network systems. This system operates by using computers, network data, communications, and user interfaces to conduct high level process supervisory management. 

(via https://www.youtube.com/watch?v=aEmF3Iylvr4)

This clip is a reminder how important it is to create strong passwords that will not be easily compromised. It is also very smart to change passwords often especially to protect personal data such as financial information and other sensitive personal information.

This diagram shows how firewalls are used to protect internet users from unwanted attempts to access their networks.

(via https://www.youtube.com/watch?v=rFg7TSwVcL4)

This is a short video that explains what VPN is and how it works for its users. 

Technology & Society

Name: Kenny Messman

Date: 4/25/2019

Details

Technology & Society

Technology is growing more important to our society with each passing day. Our everyday lives consist of using technology whether it be for personal, school, or work related purposes. While using these technologies we must understand what positive things they can do for our society while at the same time establishing morals and ethics to establish somewhat of a code of conduct when using the cyber space in which they operate. It is very important to the progression of technology use that we establish proper guidelines on what is and isn’t acceptable when using technology as well as creating a proper foundation and infrastructure to create security and privacy for the people and companies that use cyber spaces and technology.

The Development  of Cyber-Policy

Cyber policy and infrastructure is something that as to be thought of thoroughly when developing safety and protocol infrastructures. Technology and the cyber attacks that come with evolving technology is something that engineers have to constantly keep up and adapt with. The measures that are trusted and put into place must be very reliable in protecting sensitive information as well as having the ability to last a long time. With that being said morality should also be taken into consideration for the use of technology and the internet. We must learn to defend person technological spaces from those who wish to hack and steal data and we must also consider the ethics of regular technology users. The internet and technology is suppose to give us a sense of free space and be a place that allows us free roam of the broad range of information that can be accessed through the internet. But free roam shouldn’t mean that users can do whatever they like on these platforms. Cyber policy acts as a code of morals and ethics within the space of the internet and it is based off of the morals and ethics as I mentioned before. These policies would help to ensure the internet and technology is just a little bit safer. These policies must be thought out carefully much like how infrastructure is and it must also be able to be changed and adaptive in order to keep up with how technology and internet use is constantly changing and evolving.

My position on cyber-policy is that it is very important to ensure that technology and cyber places are secure enough for users to feel safe accessing them. By this I mean that companies that rely on technology which is almost every company in our current society should feel safe about putting their personal, business, and customer information onto their private computers and services without out unreasonable fear of the information being easily accessed. If we as a society did not set cyber- policies along with strong cyber infrastructure it would not be safe for consumers or businesses to use technology and cyber space to be more productive. We as a society would be in fear of selling and purchasing through cyber spaces without these types of contingencies in place. I feel that the same thing also applies to personal cyber space use there also needs to be policy set into place so that the vast world of the internet seems at least somewhat safe to it’s users. These policies that we put into place for cyber spaces and technologies must also be able to be adaptable and interchangeable due to the fact that technology and cyberspace are things that are constantly adapting and changing.

Managing Cyber Risk

Engineers play an important role when it comes to managing and preventing cyber risk as well as designing in the infrastructure and programming of electric grids. From the beginning engineers implement security and resilience measures in their designs whether it be in the case of hardware or software. Engineers are tasked with protecting the information about important substations and control centers. This includes protecting site security information, modeling results, and other information that may be used to manage vulnerabilities.  The engineers must monitor operating conditions as well as monitor and detect threats. They help to deploy security devices such as video cameras, motion detectors , aerial drone surveillance, and periodic inspection by security employees. Engineers must be able to use and develop software that is capable of being advanced to combat the increased sophistication of potential threats. Engineers must be prepared to take action against network breaches but also need to be able to handle other types of cyber activity. These can include phishing, hacking, malicious code, loss of intellectual property, and insider damage. Some of the threats that engineers may face do not always come in the form of a malicious attack but instead come through cyber espionage.

Engineers must be able to figure out when their networks have been hacked and adversaries are conducting surveillance on the network. The attacker may do this in order to gain access to information in which to use in a future attack. The engineers must be able do remote access maintenance and management. This may include making patches to software programs when there has been an attack or breach. With patches the engineers leave more vulnerabilities to networks so they must be highly alert and be able to catch any attacks or unauthorized users trying to exploit any of the weaknesses caused by creating patches. Because they often use off the shelf systems in which other programmers may be familiar with engineers need to be able to adjust existing programs to make them more efficient but they must also be able to implement their own stronger and more reliable forms of network securities.

Although most of these risk management designs and infrastructures created by engineers  are based on supporting and securing networks controlled by company and government entities these same types of models are very useful in standard societal role as well. These same types of models can be used by social media websites to secure user information and privacy. They can also be used in a consumer setting like Amazon for example to secure online consumerism within our society allowing buyers to feel safe while using cyber spaces access media and shopping. I believe models created by engineers that follow these guidelines are the basis to most of our technological securities and infrastructures used in everyday life and that they are just mitigated to be more intense or lenient depending on where they are being implemented.

Information Security & Society

Information security is something that we should consider to be very vitale considering just how much we use and rely on technology.  With every passing year the technology we use becomes even more imbedded within our lives and our devices have become part of our lifestyle. New devices are created and sold every year with people buying them by the masses. These devices include mobile phones, tablets, computers, and laptops. With the increase of the different types of devices there comes a need for different types of security. Having security on our devices is very important because of the fact that many consumers flood their technology with a lot of their personal information. Users log into their bank accounts, emails, and social media platforms through their devices without even thinking about security. Cyber attacks and security breaches are just as prevalent on your mobile devices and tablets as they are on ones computer. These attacks can come in the form of corrupt apps or emails and text that have a malicious virus attached to them. This then will compromise any information that you have on your device. Along with the device being attacked the increased amount of devices along with how small devices are becoming a risk for loss and theft. When a device is lost a person is immediately at risk because of how connected their device is to all of their personal information. Users can take certain precautions to ensure that their devices and information aren’t easily attacked. This means that users should protect all private information with strong passwords and even change passwords regularly. Users should also be aware of links and downloads. No one should activate links that they think may be “sketchy” and beware of emails from unfamiliar users. It is suggested that users also stray away from using third party apps or internet sites and browsers. These are just small steps that you can take to make sure that your information on your devices is just a little more secure.

In my opinion information security is also just as important as managing other cyber risk. Information security plays a pivotal role on the protection and security of the private consumer. To manage information security the users of cyber spaces and technology must be aware of the information that they are putting out on to their used technologies and preferred cyber spaces. Self protection and awareness becomes the first line of defense in these situations. Although there are cyber risk infrastructures placed into our technologies and cyber spaces we must understand that these can potentially broken into by those with enough hacking capabilities. Policies and laws are currently in place which make the theft of personal information and hacking illegal but is best to also combat that with proper information security that is established by the personal user.

Conclusion

My final position on technology and society is that we need technology to be a more productive society and it helps us as a whole to make greater discoveries and achievements. It also allows for us to accomplish personal task a lot easier creating a better quality of life for the general public. I also believe that with our reliance on technology we also need to be vigilant on creating proper security infrastructures and policies to ensure that we can keep relying on our beloved technologies and cyber spaces. Without the proper cyber risk measures and infrastructures created and put into place by engineers we would not be able to protect information, data, and create surveillance both protecting every day people as well as business and other entities. Also without the proper knowledge of how to properly secure sensitive information through the knowledge of information technology securities our private cyber spaces would not be able to be an open and secure place for users to access media and other information. All of these aspects of cybersecurity help to protect technology users and create policies which prevent people doing harm to others in cyber spaces without the possibility of being penalized. It also creates an unspoken set of morals and ethics in which users follow much like in our physical societies. Without cybersecurity and policies the cyber world would be a free for all for lack of better terms.

References

Figure 2f from: Irimia R, Gottschling M (2016) Taxonomic revision of Rochefortia Sw. (Ehretiaceae, Boraginales). Biodiversity Data Journal 4: E7720. https://doi.org/10.3897/BDJ.4.e7720. (n.d.). doi:10.3897/bdj.4.e7720.figure2f

Implications of cyber vulnerabilities on the resilience and security of the electric grid: Hearing before the Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology of the Committee on Homeland Security, House of Representatives, One Hundred Tenth Congress, second session, May 21, 2008. (2008).

This book shows the capabilities of cyber security threats on the power grid and its network. It gives a good in depth look on how engineers and other security teams plan for potential attacks and breaches.

Mailloux, L. O., Beach, P. M., & Span, M. T. (2018). Examination of security design principles from NIST SP 800-160. 2018 Annual IEEE International Systems Conference (SysCon). doi:10.1109/syscon.2018.8369491

03a - Ommeren - Staying Ahead - What matters now. (n.d.). Retrieved from https://drive.google.com/file/d/138J6FOI3XLjz87rb0t73v4xoZIcmGp9z/view

This article gives and incite to how information security can be beneficial for the infrastructure of organizations as well as consumer and public use.

Intelligification & The Material World

 Kenny Messman

Date: 4/26/2019

Details

Intelligification & The Material World

The regulation of markets, business, groups, and individuals due to intelligification and networking of the material world is something that is inevitable. This is due to the ever increasing reliability and use of technology in our everyday lives as humans. We are seeing the integration of technology in almost every aspect of our lives these days. Technology has made its way into aspects of our lives that we would have never imagined about a decade ago. Businesses and markets use technology now to make shopping an easier process for consumers. We see this in the form of online shopping and digital screens to showcase items in stores among many other things as well. Businesses and markets also use these technologies to market to consumers allowing them to see products they may not have known of or to convince them to by products based off of other things they show interest in. This can even be seen within individuals and groups. As mentioned in the article by Verbeek Individuals can use technologies within the physical world to interact with people physically and digitally. Augmented reality and technological devices make it easier for individuals to find out who someone is and even gain access to some of their public information. In return this makes social interactions between individuals and groups easier because they have all the information that they need about another individual or group with an ease of access through technologies.

The regulation of these technologies that are causing the increase of intelligification within our society is just as import as the technological advancements that are making way into our material worlds. Businesses and markets that use technology to reach out to consumers must not be given the power to interfere with a consumers private information or aspects of their private life. The persuasive technologies that can used while using these technologies that are integrated in our material world should be regulated as well as to not persuade an individual to make life altering decisions but to only persuade the to do things to increase quality of life or buying of consumer goods. There also needs to be boundaries set with cyberspace and the integration of technology into our material world. It can be easy for our online lives to merge into our physical everyday lives and with more of our personal information making it on to technologies there needs to be a regulation of what people can and can not see. Some of this regulation is going o have to be done by the users as far as deciding what they do and don’t put onto public accessible technology and web spaces. Regulations and rules as well as moral and ethics for businesses, markets, individuals, and groups needs to be set by laws and rules that translate into the digital world. These rules also should be very malleable due to the fact that technology is evolving constantly as well as becoming increasingly integrated into everyday human life.

References

Floridi - Hyperhistory and the Philosophy of Information Policies.pdf. (n.d.). Retrieved from https://drive.google.com/file/d/1IWj5_0eI5j7ReyujadF2BYXKXOy9yU5p/view

This article gives us an overview of what hyper history is and how it has evolved from its past to what it is now. It also gives a look into how these changes have effected policy within our current society.

Verbeek - Designing the Public Sphere.pdf. (n.d.). Retrieved from https://drive.google.com/file/d/1WAHx3muA_-0RXcoD8Gs9CzciWlc0cpFy/view

This article by Verberk gives us a look into how technology has been increasingly becoming part of human life and how it is integrated into our material world.

The Development of Cyber Policy

 Kenny Messman

Date: 4/21/2019

Details

The Development of Cyber Policy

Cyber policy and infrastructure is something that as to be thought of thoroughly when developing safety and protocol infrastructures. Technology and the cyber attacks that come with evolving technology is something that engineers have to constantly keep up and adapt with. The measures that are trusted and put into place must be very reliable in protecting sensitive information as well as having the ability to last a long time. With that being said morality should also be taken into consideration for the use of technology and the internet. We must learn to defend person technological spaces from those who wish to hack and steal data and we must also consider the ethics of regular technology users. The internet and technology is suppose to give us a sense of free space and be a place that allows us free roam of the broad range of information that can be accessed through the internet. But free roam shouldn’t mean that users can do whatever they like on these platforms. Cyber policy acts as a code of morals and ethics within the space of the internet and it is based off of the morals and ethics as I mentioned before. These policies would help to ensure the internet and technology is just a little bit safer. These policies must be thought out carefully much like how infrastructure is and it must also be able to be changed and adaptive in order to keep up with how technology and internet use is constantly changing and evolving.

References

Figure 2f from: Irimia R, Gottschling M (2016) Taxonomic revision of Rochefortia Sw. (Ehretiaceae, Boraginales). Biodiversity Data Journal 4: E7720. https://doi.org/10.3897/BDJ.4.e7720. (n.d.). doi:10.3897/bdj.4.e7720.figure2f

How Does Cyber Technology Impact Interactions Between Offenders & Victims

 Kenny Messman

Date: 4/14/2019

Details

How Does Cyber Technology Impact Interactions Between Offenders & Victims

Cyber technology has become a major part in our everyday lives. We rely on cyber technology for many various reasons like keeping in touch with family and friends, staying up to date on the latest trends, and as a way for us to keep up on things that go on globally. With the increased use of technology it means that cyber technology users interact with an abundance of people. This gives criminals more chances to commit offenses against victims because there are so many people using cyber technology to interact with. There is a variety of different types of crimes that people can fall victim to through the use and interactions through cyber technology.  Offenders can commit crimes like scamming for money, identity theft, credit card fraud , cyber stalking, cyber harassment, and cyber bullying. The offenders who commit these crimes are often very good with technology and can easily cover their digital footprints easily. Cyber offenders can commit these offenses on victims without even having to show their face or even a glimpse of who they truly are. The use of the internet and ability to stay anonymous makes it easy for them to commit the crimes multiple times and even have multiple victims at a time. Offenders can make fake accounts in which they pretend to be someone who they are not then they use this to become close to a victim only to later harass them or stalk them or even to steal important information from them.  Technology users also are unaware of just how much of their personal information they are putting on the internet or social media platforms which then allows offenders to gain more information about the victim making stealing their identity or even stalking them an even easier task for them. Cyber technology is a major gateway for users and victims to interact and a lot of the time the victim can not figure out exactly who the offender is unless the offender wants to let their identity be known. Technology allows both offenders and victims to have the ability to act or pretend to be anyone that they want to be allowing them to act in any manner they please towards other users. Technology users must be aware of who they are interacting with and also must be vigilante about the information they give out and the depths of their interactions.

References

Carll, E. K. (2013). Cyber Harassment and Cyber Stalking: Strategies for Intervention and Social Change. PsycEXTRA Dataset. doi:10.1037/e597722013-001

This article gives a look at how interactions between internet users can quickly become harassment or end up in a victim being stalked by the offender.

The Overlap Between Criminal Justice and Cybercrime

Kenny Messman

Date: 4/7/2019

Details

The Overlap Between Criminal Justice and Cybercrime

With technology making a stronger presence in our everyday lives we can start to see a correlation between crime and technology. With that being said there is also a stronger presence and relation between cybercrime and the criminal justice system. With cybercrime becoming part criminal justice there is additional terms that criminal justice experts attach between the two. Some of these terms include computer crime, internet crime, cybercrime, and cyber security. With these new terms and concepts there are also evolving sections in the criminal justice system that study and fight against these crimes. Cybercrime and the criminal justice system overlap because there are crimes being committed using technology and these crimes involve a victim, a criminal act, and motives. Criminal justice experts are now tasked with trying to understand the various types of crimes that can be committed through the use of technology and the internet. They try to understand and create theories that coincide between the two in a sociological, psychological, and criminological stand points. Schools that offer criminal justice programs are also trying to implement cybercrimes and cyber security into their curriculum because of the increasing presence of these types of crime in the real world. This new curriculum is constantly being studied for better understanding and it is constantly changing because the world of cybercrime evolves quickly. This also means that criminologist must also interpret laws as well as creating new laws that combat cyber crimes. Different jurisdictions have different laws to fight cybercrime as well as new criminal procedures as to how they can collect evidence against criminals for committing these crimes to be used against them in the court. They must also learn how to preserve digital crime scenes along with the digital evidence that they have been able to collect during a criminal investigation. Not only criminologist are tasked with combating cybercrime. It is something that is having an effect on many different fields. Businesses and information technology specialist are also learning how to combat cybercrime in order to protect sensitive information as well as fight against hacking and fraud. It is something that can be used against anyone that has access to technology and internet on both small and large scales.

References

Payne, B. K. (2016). Editor’s introduction: Special issue on Cybersecurity and Criminal Justice. Criminal Justice Studies,29(2), 89-91. doi:10.1080/1478601x.2016.1170283

This journal gives a look at how cybercrime are making its way into the criminal justice system as well as how criminal justice experts and school are learning to study and combat these crimes.

Cyber Technology & Deviance In The Workplace

 Kenny Messman

Date: 3/30/19

Details

Cyber Technology & Deviance In The Workplace

With technology increasingly becoming a main factor in our everyday lives you have to start to wonder how it and when it plays an influence within the workplace. The workplace is suppose to create a professional environment where employees complete task efficiently and as quickly as possible. It is also a controlled environment where there isn’t a lot of social fraternizing or misconduct between employees. With technology being thrown in the equation now employers are worried about their employees using the technology during work hours and being distracted by social media platforms and other streaming networks. They also have to worry about the ability and availability of employees committing cyber and white collar crimes within the workplace as well. Employees are one of the biggest threats to a company when it comes to these crimes because they often have access to sensitive information and materials. Having access and trust to a company's data can often be very enticing to an employee who feels that they need more money or are just not happy with their position or place of employment. Employees can steal funds from a company or embezzle money that a company has trusted them with.  The workplace can even provide a place for other cyber crimes like an employee accessing content through company computers that may be illegal to view and even hacking attempts because they believe it wont trace back to them through the workplace IP address. White collar crimes are more likely to take place in the workplace because of the difference in age of offenders that commit the crimes. Cyber crime offenders tend to be younger in age and commit crimes that often don’t involve using a place of employment as a median while white collar crimes are often committed through a place of employment by and employee that is often put in a position of trust.

References

05b_6329-white-collar-cybercrime-white-collar-crime-cybercrime-or-both-module7.pdf. (n.d.). Retrieved from https://drive.google.com/file/d/1id2JHiAfyUjuKj0necP4AKE3gZFrD7__/view

This article gives an insight of how cyber crime and white collar crime is implemented within the workplace. It also gives a description of how the two crimes can differ and have different impacts in the world.

White-Collar Crime. (2016, May 03). Retrieved from https://www.fbi.gov/investigate/white-collar-crime

This article gives a detailed description of what white collar crime is and the different types of way that the FBI identifies and categorizes the crimes committed.

How Engineers Make Cyber Networks Safer

Kenny Messman

Date: 3/24/19

Details

How Engineers Make Cyber Networks Safer

Engineers are at the forefront of securing privacy for all types of cyber networks. Along with the fairly fixed approach to protecting privacy and the laws and regulatory policies that come along with it engineers must be able to assess and adapt to problems and security measures in order to keep up a high level of security for networks. Engineers must be able to apply their skills throughout multiple types of systems as well as being able to learn and adapt to newer systems which may develop over time.  While keeping up with systems engineers must also keep up to date with the standards of the industry as well as the technologies and continue to implement improvement to already existing systems and services. Engineers are able to run , change and automate elements within the security infrastructure. They are left with the responsibility of being aware of risk and and maintain a high level of risk management. They implement security systems by creating various levels of firewalls and routers creating a perimeter of defense which help to slow down and keep outside cyber attackers from breaching networks and sensitive information. Even with these measure they still have protocols within their security networks to monitor and quickly detect threats before they become more severe than they can protect against. Along with these protocols engineers must have protocols for when their security measure have been breached and sensitive information is accessed by cyber attackers. The system engineers must also be able to communicate with other employees on how to take measures to keep access into the systems secure and what to do incase of a breach. They must be able to translate all of these preliminary concepts of predictability, manageability, and dissociability into actionable guidance in accordance to guidelines set by the NIST.

References

An Introduction to Privacy Engineering and Risk Management ... (n.d.). Retrieved from https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8062.pdf

This article shows how engineers help to secure systems and implement security measure that protect sensitive information stored within the network.

How Computers Make The World Safer

Name: Kenny Messman

Date: 3/3/2019

Details

How Computers Make The World Safer

In the modern world that we live in computers have become an important tool that we use in our everyday lives. Computers in our society can be used for ease of access, personal information, and security purposes. I will be discussing three ways how computers have made the world safer.

Computers are a great tool to use when it comes to fighting crime. Technology allows for law enforcement to collect data which can be used to track what kinds of crimes are committed and even where they are most likely to happen.  Some of the data collected by law enforcement can be things such as criminal descriptions, incident reports, fingerprints and DNA. Computers also allow law enforcement to share information among different agencies and precincts. Law enforcement agencies also utilize the internet and computers to inform and alert the public as well as look for information that may incriminate criminals or solve crimes that have been or are going to be committed. In recent years law enforcement agencies have made a valiant effort to use computers to fight cyber crimes. They are faced with trying to solve and prevent crimes such as identity theft, phishing scams, pirated materials, and the sharing of illegal materials. As we can see technology has significantly aided in helping law enforcement keep communities safer.

Technology has also aided in our everyday security. Computers now more than ever can be used to aid us in home security. With technology becoming increasingly better every year so does the ability to monitor our homes. We live in a time where you are able to monitor your home electronically through our technological devices. Companies are offering home security systems that include video surveillance for both inside and outside the home. These security systems can be configured to alert the homeowners phone when doors or windows are opened or when there is motion on the cameras that are placed either on the perimeter of the home or inside the home. The user is also able to access these security devices whenever they may please. This can even help parents monitor children or pets when they are at work or away for the day.

Technology has also helped to improve our healthcare systems. This ultimately creates a safer environment by providing better medical care and data collection. Computers have increased the ability for doctors to treat patients. It allows medical experts to conduct better research which then leads to more effective medicines and procedures. The use of technology has also allowed for medical centers to provide better care for patients by using real time data and being able to access patient records instantly as well as being able to share diagnosis and change patient medical records at anytime. Overall the increased use of technology in the medical field allows healthcare to become increasingly efficient and reliable so that patients are able to seek proper care and live healthier lives.

References

3 Ways Technology has Changed Healthcare | UIC Health Informatics. (2018, October 30). Retrieved from https://healthinformatics.uic.edu/blog/3-ways-technology-has-changed-healthcare/

This article highlights how technology can make the healthcare system a lot more efficient and precise.

5 Ways Technology Has Improved the Health Industry. (n.d.). Retrieved from http://www.healthtechzone.com/topics/healthcare/articles/2018/01/16/436425-5-ways-technology-has-improved-health-industry.htm

This is a short article that gives a brief insight into the different aspects of the medical field that are impacted by technology.

Edwards, C. (2019, January 10). How Is Computer Technology Used in Law Enforcement? Retrieved from https://itstillworks.com/computer-technology-used-law-enforcement-1233.html

This is an article that describes how technology is used to aide law enforcement in keeping our current society safe and how it also aids in preventing future crimes from being committed.

Computer Security & Incident Security

Kenny Messman

Date: 2/24/19

Details

Computer Security & Incident Security

Cyber attacks have seemed to become increasingly more common and diverse in out era of technology. They have also become a lot more damaging and disruptive to the computer systems which are attacked. This is why security and incident response has become a major focus of information technology programs. These programs conduct risk assessments in which preventive activities are based off of. This helps the information technology programs have the capability to detect incidents, minimize loss and destruction, mitigate the weaknesses that were exploited, and restore IT services. Each company or organization should implement incident response plans that meet the requirements for that specific company or organization. Most incident response plans include the following elements mission, strategies and goals, senior management approval, organizational approach to incident response, how the incident response team communicates with the rest of the organization and other organizations. Metrics for measuring the incident response capability and its effectiveness, roadmap for maturing the incident response capability, and how the program fits in the organization. After all of these elements are approved by the organization or company and are implemented they should be reviewed annually to make sure that they still meet the requirements of the organization or business. Organizations should only communicate about incidents with outside entities such as law enforcement, fielding media inquiries, and external experts. Law enforcement would be contacted to investigate incidents through specialized investigative agencies. This can help with the investigation resulting in a conviction of the attacker.  The media would be contacted media to hold interviews as well as press conferences regarding the incidents. This would be to disclose who attacked the company and why as well as when did it happen, how widespread the incident is, and what the impact of the incident is. Lasly outside entities such as incident reporting organizations would be used to assist federal and civilian agencies in the incident handling efforts. They are not to replace federal agencies but act like an aid to those agencies and analyze the data already collected by those agencies .

References

National Institute of Standards and Technology. (2019, February 21). Retrieved from https://www.nist.gov/

This article shows the inner workings and framework that is used by a company or business to protect their sensitive materials from cyber attacks. This articles shows the elements involved in keeping the network secured and how outside entities can also be helpful in protecting valuable information.

Cyber Technology & Workplace Deviance

 Kenny Messman

Date: 2/17/19

Details

Cyber Technology & Workplace Deviance

With technology increasingly becoming a part of our daily lives the chances for cyber technology deviance has also increased. This is especially true within the workplace where technological deviance can be prevalent due to the access to company technologies and information. Cyber deviance in the workplace can lead to cybercrime and white-collar crimes.  In most businesses and workplaces computers are an essential piece of equipment in order to complete daily work task. The use of the computers increases the chances of employees committing white collar crimes and other cyber crimes. Resources and information within the workplace can be used by an offender to commit crimes that will have an impact on either the business itself or the consumer. A lot of the time the offender is able to commit the offense without the victim realizing what has been done until it is too late. Both white-collar crime and cybercrime can have an impact on large groups of people. If an employee was to commit a data breach within a business they could potentially use that data to harm many people who trusted the business with confidential or other important information. A lot of the time these crimes also require extensive investigation in order to apprehend the offender who committed the crimes. Most crimes committed in the workplace are categorized as white-collar crimes. This is because most of those crimes are committed towards victims who are customers whom had some level of trust with the business or offender who victimized them. Cyber crimes committed in the workplace are often the result of an employee using company resources with the hope of having a hard time being detected and not being able to be traced to their private technological devices.

References

05b_6329-white-collar-cybercrime-white-collar-crime-cybercrime-or-both-module7.pdf. (n.d.). Retrieved from https://drive.google.com/file/d/1id2JHiAfyUjuKj0necP4AKE3gZFrD7__/view

This article went into depth about the differences between white-collar crimes and cybercrime. It showed insight into how these crimes can play a role in the workplace and how they can be similar as well as very different.

Managing Cyber Risk

 Kenny Messman 

Date: 2/9/2019

Details

Managing Cyber Risk

Engineers play an important role when it comes to managing and preventing cyber risk as well as designing in the infrastructure and programming of electric grids. From the beginning engineers implement security and resilience measures in their designs whether it be in the case of hardware or software. Engineers are tasked with protecting the information about important substations and control centers. This includes protecting site security information, modeling results, and other information that may be used to manage vulnerabilities.  The engineers must monitor operating conditions as well as monitor and detect threats. They help to deploy security devices such as video cameras, motion detectors , aerial drone surveillance, and periodic inspection by security employees. Engineers must be able to use and develop software that is capable of being advanced to combat the increased sophistication of potential threats. Engineers must be prepared to take action against network breaches but also need to be able to handle other types of cyber activity. These can include phishing, hacking, malicious code, loss of intellectual property, and insider damage. Some of the threats that engineers may face do not always come in the form of a malicious attack but instead come through cyber espionage. Engineers must be able to figure out when their networks have been hacked and adversaries are conducting surveillance on the network. The attacker may do this in order to gain access to information in which to use in a future attack. The engineers must be able do remote access maintenance and management. This may include making patches to software programs when there has been an attack or breach. With patches the engineers leave more vulnerabilities to networks so they must be highly alert and be b;e to catch any attacks or unauthorized users trying to exploit any of the weaknesses caused by creating patches. Because they often use off the shelf systems in which other programmers may be familiar with engineers need to be able to adjust existing programs to make them more efficient but they must also be able to implement their own stronger and more reliable forms of network securities.

References

Implications of cyber vulnerabilities on the resilience and security of the electric grid: Hearing before the Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology of the Committee on Homeland Security, House of Representatives, One Hundred Tenth Congress, second session, May 21, 2008. (2008).

This book shows the capabilities of cyber security threats on the power grid and its network. It gives a good in depth look on how engineers and other security teams plan for potential attacks and breaches.

Information Security & Society

 Kenny Messman

Date: 2/2/2019

Details

Information Security & Society

Information security is something that we should consider to be very vitale considering just how much we use and rely on technology.  With every passing year the technology we use becomes even more imbedded within our lives and our devices have become part of our lifestyle. New devices are created and sold every year with people buying them by the masses. These devices include mobile phones, tablets, computers, and laptops. With the increase of the different types of devices there comes a need for different types of security. Having security on our devices is very important because of the fact that many consumers flood their technology with a lot of their personal information. Users log into their bank accounts, emails, and social media platforms through their devices without even thinking about security. Cyber attacks and security breaches are just as prevalent on your mobile devices and tablets as they are on ones computer. These attacks can come in the form of corrupt apps or emails and text that have a malicious virus attached to them. This then will compromise any information that you have on your device. Along with the device being attacked the increased amount of devices along with how small devices are becoming a risk for loss and theft. When a device is lost a person is immediately at risk because of how connected their device is to all of their personal information. Users can take certain precautions to ensure that their devices and information aren’t easily attacked. This means that users should protect all private information with strong passwords and even change passwords regularly. Users should also be aware of links and downloads. No one should activate links that they think may be “sketchy” and beware of emails from unfamiliar users. It is suggested that users also stray away from using third party apps or internet sites and browsers. These are just small steps that you can take to make sure that your information on your devices is just a little more secure.

References

03a - Ommeren - Staying Ahead - What matters now. (n.d.). Retrieved from https://drive.google.com/file/d/138J6FOI3XLjz87rb0t73v4xoZIcmGp9z/view

This article gives and incite to how information security can be beneficial for the infrastructure of organizations as well as consumer and public use.

The Five Core Activities of NIST’S Cybersecurity Framework

Name: Kenny Messman

Date: 1/30/2019

Details

The Five Core Activities of NIST’S Cybersecurity Framework

A cybersecurity Framework provides a universal digital language and code a long with systematic methodology to manage any types of cybersecurity risk. This helps government and private sector companies detect, prevent, and detect any kind of cyber attacks. The core of these Frameworks can be customized and tailored to fit the specific needs of any organization. The Framework is not created to be a replacement for any already existing cybersecurity programs that an organization is already using, however it is designed to complement and improve the already existing cybersecurity and risk management programs that are already in use.  Frameworks are useful for organizations to manage and determine their optimal levels of risk as well as preventing cyber attacks that could compromise their programs and data.

The 5 core activities of NIST’s cybersecurity Framework are identify, protect, detect, respond, and recover. The activity of identifying is important because it helps the framework understand the business and the context of why and how it needs the Framework to be used optimally. It helps the Framework focus and prioritize efforts as well as support other major functions.  The activity of protecting is to guarantee the delivery of important services and apply the proper safeguards. Some of the important functions of this are identity management, data security, maintenance, and protective technology.  The next activity of detecting is to help identify potential and occuring threats. It helps to promptly detect cyber threats which can include processing anomalies and events. The activity of response is to activate the proper actions when a cyber threat is discovered. This includes response planning, mitigation, and improvements to the Framework. The final activity of recover is to implement the resilient factors and protocols of the Framework and restore the services that were attacked by the cybersecurity breach.  

References

Keller, N. (2018, July 20). Framework Resources. Retrieved from https://www.nist.gov/cyberframework/framework-resources-0

This article provides a look into what a Cybersecurity Framework is and how it works. It shows how companies use Framework to provide security and assurance that a cyber attack will not cripple or corrupt important data.