Regulations

Name: Isis Jordan

Date: April 28, 2019

Details

As a society we are used to having technology so easily accessible to us. We have become dependent on technology in our daily lives. But as the rise in technology becomes more integrated into our lives, the federal regulatory agencies are tasked with trying to keep up with the changing technological advances (DeSimone).

Technology should not be unregulated. In fact, companies ar4e subject to multiple laws that varybased on the industry and the local authority (Downes). This includes them reporting any of their finances, paying taxes, complying with full range of employment, safety and health, advertising, consumer protection, and that is just naming a few (Downes).

Technology should be changing how the regulatory model is, and ways it can benefit the consumer rather than the federal government. If the federal government is allowed to dictate the regulatory authority over the local governments and the state, then the people are who suffer (Downes). There is a way to make technology available to everyone, and that is allowing the producers to enter the upcoming market and by removing any regulatory boundaries that currently exist in the social, economic, and administrative areas (DeSimone).

We use technology as our main form of communication. We use it for talking, texting, and social media purposes. Alone approximately 2.6 billion people use mobile devices, and it is soon to increase to 6 billion (Staff). Technology is also a way people are able to do their work. The forms can be endless when it comes to technology. We have immersed ourselves into it almost completely due to how much we rely on it. The new configuration of humans and technology shows that their implications are enormous. The new information technology will install new norms for any human behavior and have a political impact on how we are able to interact in a public space and help shape the quality of interpersonal interactions (Verbeek).

References

DeSimone, Nicholas. “Federal Regulations Stifle Technological Advancement | Nicholas DeSimone.” FEE, Foundation for Economic Education, 23 July 2018, fee.org/articles/federal-regulations-stifle-technological-advancement/.

Downes, Larry. “How More Regulation for U.S. Tech Could Backfire.” Harvard Business Review, 21 Feb. 2018, hbr.org/2018/02/how-more-regulation-for-u-s-tech-could-backfire.

Staff. “Regtech Principles.” Regtech Principles, info.onfido.com/regtech-principles?utm_term=%2Bregulation%2B%2Btechnology&utm_campaign=0518-SCH_US_%7BGeneric_Branding%7D_%5BRegTech%5D_BMM&utm_source=Search&utm_medium=Ad&hsa_tgt=kwd-29761914458&hsa_grp=40655117493&hsa_src=g&hsa_net=adwords&hsa_mt=b&hsa_ver=3&hsa_ad=187239392521&hsa_acc=7069526351&hsa_kw=%2Bregulation%2B%2Btechnology&hsa_cam=783420150&gclid=EAIaIQobChMImeGip6j04QIVmonICh1SrQZhEAMYASAAEgImLvD_BwE.

Verbeek, Peter-Paul. “Verbeek – Designing the Public Sphere.pdf.” Google Drive, Google, drive.google.com/file/d/1WAHx3muA_-0RXcoD8Gs9CzciWlc0cpFy/view.

How we approach Cyber-policy and infrastructure

Name: Isis Jordan

Date: April 17, 2019

Details

A cyber security policy is a guideline that helps in the preservations of the security of data, and the technological infrastructure. The more we put trust in technology to store, collect, and manage our information, the more we become vulnerable to any cyber threat that can consist of hackers and technology malfunctions that can consist of anything that is able to jeopardize a business or our government (Staff).

The United States has developed many systems that are considered complex. They are all said to link to the economic and national security of our nation. To depend on these systems is based on the dependence of the business’s success in both the private and public sectors, that also includes the infrastructure (Ross). This can make our nation vulnerable to any cyber-attacks. The Department of Defense has shown concern for private and public networks. They have also stated that they recommend building a strategic plan that increases the response to catch and prevent attacks on the systems we depend on (Ross).

In order to bring a strategic plan to life, there would have to be visible changes. Each cybersecurity strategy will be different between each business and industry, but the success of the strategy should have common goals (Ford). It is better to carry out cybersecurity earlier rather than later, and everyone should have an understanding on how and why it is important. “To foster a common mindset to deliver security for any system, regardless of its scope, size, complexity, or stage of the system life cycle” (Ross).

No system can be engineered as perfectly secure (Ross). Cyber threats can be lurking in the background, and that is why widening the perspective of the strategy and adapting to new methods will be beneficial to catching the threats. Prevention of inside threats are as important as outside threats and should be monitored the same. Cybersecurity involves an adaptive mindset that helps preserve threat awareness (Ford).

All systems should be protected, some more than others. The infrastructure identifies the vulnerabilities within the network. The strategic plan tells the staff how and who is responsible for protecting the data and systems including what programs being used to fight any cyber-attacks. For example:  building a firewall, anti-malware, antivirus, how updates are being applied to patch any vulnerabilities a hacker can get into, and where and how data is being backed up. Maintenance by the IT team is also very important. IT should be resolving incidents in a timely manner. Having controlled access to systems and programs will help prevent insider threats and reduces system vulnerabilities (Staff).

Approaching a cyber-attack should be a top priority, all approved actions and procedures should be implemented to stop an attack (Ford). Cyber security has become the number one priority and should be everyone’s responsibility even with little to no knowledge. Having a cyber policy or strategy in place can offer coverage against cyber-attacks. While hackers are known to change their tactics, businesses and their IT teams are forced to evolve in order to protect the company against emerging risk (Rosengarten). Cyber criminals can be one step ahead at all times but having a strategy in place will help prevent future damage, and to help the recovery after an attack (Staff).

References

Ford, Neil. “Developing a Cybersecurity Strategy.” IT Governance USA Blog, 10 Feb. 2016, www.itgovernanceusa.com/blog/developing-a-cybersecurity-strategy.

Rosengarten, Joe. “Three Critical Components of a Cyber Policy.” Insurance Business, www.insurancebusinessmag.com/us/news/cyber/three-critical-components-of-a-cyber-policy-99482.aspx.

Ross, Ron. Systems Security Engineering.nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160.pdf.

Staff. “Company Cyber Security Policy Template | Workable.” Recruiting Resources: How to Recruit and Hire Better, 30 June 2017, resources.workable.com/cyber-security-policy.

Cyber Crimes between Offenders and Victims

Name: Isis Jordan

Date: April 10, 2019

Details

The amount of crimes being committed using technology has grown tremendously over the years. In order to keep up with all the different crimes that can be committed online means constantly learning new ways to fight them, and new technology to help stop attacks (Staff). Crimes can be committed through tablets, laptops, game consoles, smart phones, and even internet enabled televisions. Almost any device that has access to the internet has the possibility of being hacked (Staff).

Why would people consider committing a cybercrime? Well, it makes it easier for someone to commit a cybercrime across the world, which makes it harder for an arrest to take place. Also makes it easier for them to be able to hide their true identity, and even their location (Dredge). People become vulnerable online with ads, fake profiles, bullying, and once a hacker has access to your device, they are able to cause a lot of damage (Kranenbarg).

Cybercrimes have a different outlook than a traditional crime that is committed. This may include different factors for the victim and also the offender (Kranenbarg). Traditional crime usually involves some sort of physical interaction for a crime to be committed, unlike cybercrime. Cybercrime requires no physical interaction and no exact time and place for it to occur. But in order for a victim to become a victim they do have to have some sort of contact with the potential offender for the cybercrime to happen (Kranenbarg).

The more someone does online the more they become an easy target. Our willingness to share and online shop helps the criminals select who they are targeting (Dredge). Ads, fake emails, and spam are all good examples of the lengths a cybercriminal will go to get access to your passwords, online banking, and more. The lengths cyber criminals will go are endless, and the damage they can do can be substantial and affect anyone, or even a business greatly.

References

Dredge, Stuart. “How You Could Become a Victim of Cybercrime in 2015.” The Guardian, Guardian News and Media, 24 Dec. 2014, www.theguardian.com/technology/2014/dec/24/cybercrime-2015-cybersecurity-ransomware-cyberwar.

Kranenbarg, Marleen. “Offending and Victimization in the Digital Age: Comparing Correlates of Cybercrime and Traditional Offending-Only, Victimization-Only and the Victimization-Offending Overlap.” Taylor & Francis, www.tandfonline.com/doi/full/10.1080/01639625.2017.1411030.

Staff. “Cyber Crime.” Cyber Crime | Victim Support, www.victimsupport.org.uk/crime-info/types-crime/cyber-crime.

CJ and Cyber Security

Name: Isis Jordan

Date: April 6, 2019

Details

Crime will always be present. It will continue to be a flourishing business, especially in the technology world. Cyber security has not been around long, and when it was needed back then, the technology was not as advanced as it is today to prevent the crimes. That is where Criminal Justice came in to help in that field aspect.

Crime is an illegal act committed in violation of the criminal law without defense or justification and sectioned by the state as a felony or misdemeanor (Payne). Cyber Crime is an illegal act that involves cyber technologies that are in violation of the criminal law (Payne).

Cyber security and Criminal justice are becoming similar as the days go by. Everyday cybersecurity jobs are being added into criminal justice. This is because of the growing rate of cybercrime that we have.  It is easily becoming the number one concern across all businesses and even the Government. (Staff)

Some examples of the new jobs being added is a Malware Analyst. Malware programs have the intention of stealing important data and crashing any system it gets into. The Malware Analyst monitor and familiar themselves with the different programs to exploit any weaknesses. Evaluate threats, testing, and conduct useful research (Staff)

Security System’s Engineer is another new job being added to criminal justice. They are in charge of maintaining the network and its infrastructure. Continuously monitoring security systems for any failures, and constantly debugging hardware (Staff).

Jobs in Criminal Justice that include cybersecurity are not limited to networking or IT. Cyber security professionals work in marketing department, and sales (Staff). There are no limits on where they are needed. There are also many cybersecurity courses taught in Criminal Justice Programs (Payne). Criminal Justice and Cyber Security mix with each other regarding their purpose and the jobs that fall under them. Both are there to prevent, protect, solve, and catch criminals.

References

Payne, Brian, and lora Hadzhidimova. “INPRESS at International Journal of Criminal Justice Sciences Cybersecurity and Criminal Justice: Exploring the Intersections.” Google Drive, Google, drive.google.com/file/d/1AJ5R5Ia7KLp7GK9Ndt6uAF6ESWYQ9HqI/view.

Staff. “What Cybersecurity Jobs Are in Criminal Justice?” Top Criminal Justice Degrees, www.topcriminaljusticedegrees.org/faq/what-cybersecurity-jobs-are-in-criminal-justice/.

Deviance in Cyber Security

Name: Isis Jordan

Date: March 24, 2019

Details

Businesses strive to make the work environment comfortable for every employee. That includes the teamwork between each employee to help with the productivity. But the size of the organization does not matter or is prone to deviant behavior. Deviance can occur in every workplace.

Aggressive behavior is one form of deviance. Cyber stalking has become more common in the world. Physically stalking someone is not enough especially when they post everything they do online. In the cyber world this is someone who constantly keeps tabs on a person, where they are, what they eat, follows their exact moves online. This is unwanted obsessive attention to a specific person. Cyber stalking can also lead to cyber harassment. Using the technology in a workplace to harass, manipulate a coworker or business. And this can happen in a workplace, especially if the business uses some form of messenger for their employees.

Abuse of the business’s property is another form of deviance. Employees who use their work computers for accessing social media gives hackers an opportunity to attack the businesses system. Using the businesses computers for any personal use can create a window for hackers. Also Leaking passwords to other coworkers who can cause damage to the business.

Another Deviance in Cyber security is unproductive behavior. When in the Cyber security world being unproductive is not a choice. An employee has to constantly be on their toes to fight and catch any cyber-attack that the company may face. Being lazy can allow hackers to attack undetected causing a lot of damage to the business. Educating employees is important also. If they are not properly educated, then the business will be at a high risk. Unproductive behavior cannot happen in cyber security.

References

Joseph, Chris. “What Are Common Kinds of Workplace Deviance?” Small Business – Chron.com, Chron.com, 21 Nov. 2017, smallbusiness.chron.com/common-kinds-workplace-deviance-10178.html.

Sterneckert, Alan B. “Cyber Deviance.” SC Media, 5 July 2018, www.scmagazine.com/home/security-news/cyber-deviance/.

Cyber Security Engineers

Name: Isis Jordan

Date: March 18, 2019

Details

Cyber Security engineers are people who help us protect our computers within a work place and the network we use to do our work. Every day they are fighting off cyber-attacks and anyone trying to hack into any companies’ systems, they help fill the gaps in technology and make sure we feel secure using the networks.

Businesses need to keep their sensitive data safe at all times. The data they have can consist of patient’s medical records, financial records, and other data that are potential targets to cyber-attacks. Just having a Cyber security engineer helps businesses even the government feel more secure when it comes to sensitive data.

Cyber security engineers have a great responsibility in the government or business. They act as the front line, fighting off attackers from hacking into any sensitive data. But on any given day they face many challenges in their job roll. Having to constantly develop new ways to solve security issues. Hackers are becoming more advanced and are finding new ways to attack so engineers have to “stay on their toes”. Engineers have to frequently install new firewalls and detection systems onto any device that contains sensitive data. They also have to perform accurate testing, analysis and security assessments. Engineers have to Investigate any new and past intrusions and take the opportunity to learn from them. They have to evaluate any new technology component to make sure it has the proper security. Also testing the security plays a big role in their daily responsibilities. Responding to any security and software issues. And engineers also need to implement the importance of data security, policies and procedures when an attack is detected. Educating coworkers plays an important role in keeping attacks away and protecting all sensitive data.

Engineers in the cyber security world play a big part. They keep businesses up because they are there preventing businesses from losing all their data. Loosing sensitive data can potentially cost a business millions of dollars and lose their customer base. Cyber security engineers are essential.

References

Learn How to Become a Security Engineer | Protect the Data.” Cyber Security Education, www.cybersecurityeducation.org/careers/security-engineer/.

How to Become a Security Engineer | Requirements for Security Engineer Jobs.” Cyber Degrees, www.cyberdegrees.org/jobs/security-engineer

Cybersecurity Risk in the US and Japan

Name: Isis Jordan

Date: February 26, 2019

Details

New cybersecurity threats develop every day and develop ways to fight them changes constantly. A new era of strategic competition demands a new cyber strategy that responds to new realities, deters adversaries, reduces vulnerabilities, and safeguard opportunities for the American people to thrive. Protecting the American people, the American way of life, and interest is at the forefront of the National security strategy (Trump).

Information Technology has taken center stage, it lies underneath all processes. Our dependence on technology is larger than ever, everything from marketing to sales, service and internal processes. System sabotage can be larger than ever (Ommeren).

Not all countries are up to date with their cybersecurity strategy plan like the Unites States, and Japan is a great example. Japan has just recently developed a new cybersecurity strategy plan due to its last updated strategic plan in 2013. The new plan hopes to improve cybersecurity of Japans infrastructure and hopes to encourage Japanese businesses in pursuing cybersecurity practices within the country (Staff). If Japan is able to have businesses and organizations utilize cybersecurity, it may be able to help with Japans growth in the economy also. Japan definitely lags behind in cybersecurity compared to the United States,

If a cyber threat was to attack Japanese businesses and organizations, Japan would not stand a chance due to not being properly prepared to fight the attack. Only an average of 27 percent of Japans businesses have an Information security personal or Cyber security team. That is extremely low compared to the United States having over 70 percent of its businesses protected with the proper Cyber security force (Staff)

Japan is still new at integrating cybersecurity (Staff). Japan views Cybersecurity as a corporate social responsibility practice than an asset that can improve their businesses, seeing it as more of a cost than an investment (Staff). Incidents have become a wakeup call to most businesses and organizations, and over 45 percent are taking advantage of getting the proper cybersecurity plan and hiring people to prevent future attacks.

The United states NIST framework has become an outline to Japans new strategic plan. They have been developing more guidelines for businesses and organizations to accurately arrange their resources to aid in protecting them from cyberattacks and developing additional cyberattack assessments that will help identify the amount of risk they are receiving today.

The new Cybersecurity strategy hopes to encourage many business leaders in Japan to become more aware of the potential risk they may face, and hopefully shows them to invest more in cybersecurity.

References

Trump, Donald. “Nation Cyber Strategy of the United States of America.” Washington DC,        Washington DC, Sept. 2018

Staff. “How Japan’s New Cybersecurity Strategy Will Bring the Country Up to Par with the Rest of the World.” Net Politics, June 2018, www.cfr.org/blog/how-japans-new-cybersecurity-    strategy-will-bring-country-par-rest-world.

Ommeren, Erik, et al. Cyber Security Games: What Matters Now. 2014.

Framework for handling Security Incidents

Name: Isis Jordan

Date: March 3, 2018

Details

Having a computer incident response team has become an important part of cybersecurity. With the amount of attacks rising, they are becoming more damaging. Preventive activities based on the results of risk assessments can potentially lower the number of incidents, but not all indents can be prevented (National). This means incident response is important for aiding in detecting attacks. There is a set preparation guide to help with incident response. It includes detection, containment, investigation, remediation and recovery (Blair),

Intrusion Detection is discovering where and when something has been hacked and reporting any incidents. Being able to monitor the event using firewall and prevention systems to help with the loss of data (Blair). Then becoming alert and creating an incident ticket, documenting any other findings and reporting it all in a timely manner.

Containment can also lead to possible neutralization. This can count as the most critical stage of an indecent response. Using any data that has been gathered on containing the incident during the analysis. Being able to identify what systems that were compromised and performing a shutdown of the devices. Then wiping the devices and rebuilding them to operating standards. This phase can cause seizure of any devices that have been compromised. (Bandos)

Investigation is mainly taking the effort in properly understanding what happened. All resources should be used to collect data to be analyzed to find what the indicators were. This is where the priority, scope, and root cause of the incident are researched thoroughly (Blair).  This is also where people are educated on how live system responses, malware analysis, and memory analysis are handled. Giving people a better understanding on how and why certain percussions are taken will help them understand and hopefully help detect future hacks. (Bandos)

Remediation and recovery are the last step. Remediation consist of post-incident repairs of the systems that have been affected. And being able to run an analysis that can verify that the threat has been controlled. (Blair) Recovery is the breakdown of the incident as a whole. After taking all proper procedures on handling the incident, recovery looks at how it can be prevented in the future. With the incident documented, people are also educated. Education also plays a big role, because it is showing how people can help detect attacks, and how to properly report them for a response team to take proper action.

References

Bandos, Tim. “The Five Steps of Incident Response.” Digital Guardian, 19 Sept. 2018,       digitalguardian.com/blog/five-steps-incident-response.

Computer Security Incident Response Plan. Edited by Marry Blair, 2015,             www.cmu.edu/iso/governance/procedures/docs/incidentresponseplan1.0.pdf

National Institute of Standards and Technology (COR). Computer Security Incident Handling        Guide. Createspace Independent Pub, 2013.

What are the costs and benefits of developing cybersecurity programs in business?

Name: Isis Jordan

Details

Cyber-attacks and data breaches can cost a business millions of dollars depending on how serious the attack is. Depending on what information was compromised can determine the cost of a breach to business. A business can spend an average of $4 billion due to loosing personal information of their customers and any other sensitive data. A stolen record can cost a business anywhere from $150 to $400 (Aggan). Records consist of financial information to health records.

Having data hacked is not the only thing that affect a business. When a business becomes a victim to a cyber-attack or data breach, it can potentially cause them to lose their customer base. When a business loss their customers, they then develop having financial loss due to the lack of busines (Aggan). Having your business attacked can cause more issues in the background that people do not understand, and potentially can cause the business to shut down for good.

Businesses should invest in cybersecurity and develop a strategy plan. This would allow a business to prepare for an attack before it happens or handle it with all the proper percussions. This also improves an element of safety for a business’s customer base. Being able to protect all sensitive data not just for the customers, but for the business. Properly educating employees on the different types of cyber risk they will can potentially encounter and developing a proper procedure if an attack is detected (Beavers). A team should be ready to handle an attack at any time. Even if an attack has accrued, developing a plan on how to handle and recover from it is important also.

Cyber-attacks and data breaches can be hard for a business to recover from and having the proper plans in place to prevent an attack will help lessen the impact it has. This can also make businesses less of a target for hackers and bring more customers. Not all businesses can avoid an attack completely, but they should be properly prepared to handle one (Beavers).

Referrences

Aggan, Wael. “The Cost of Data Security: Are Cybersecurity Investments Worth It?” Cloudmask, CloudMask, www.cloudmask.com/blog/the-cost-of-data-security-are-       cybersecurity-investments-worth-it.

Beavers, Morgan. “5 Reasons Your Company Needs a Cybersecurity Program.” Preparis, 12       Sept. 2016, preparis.com/blog/5-reasons-company-needs-cybersecurity-program/.

Name: Isis Jordan

Date: February 24, 2019

Details

In today’s society almost every part of our day revolves around computers. I believe computers have made our world safer and easier to live in. There are many advantages of computers and ways it has benefited us to make our world a better place. But not all things are good with computers, there are many disadvantages that come with it also.

Computers have impacted our education system completely. It has expanded the way we are able to access information using the internet. We are able to access online books, images, audio, and videos. With the vast amount of information available through the internet it allows people to take full advantage and consume themselves with knowledge. Also, people who are unable to physically attend classes on a college campus can utilize online courses to help get the education they need like myself. Computers have also allowed people from around the world to educate themselves with different cultures and religions.

Computers and technology have improved our ways of communications. The way our technology is advancing has led us to the many new ways of electronic communication, social networking, voicemails, emails, and even video conferences. This has helped us reduce time on getting information where it needs to go. Also beneficial for our personal relationships, education purposes, and businesses. Communication is a big part. Allowing people to stay in touch especially for those who have members of their family deploy overseas. Communication is key to keeping relationships alive. There are also disadvantages to communication. People can lose sight of the people who are physically around them. They can also Loose themselves in social networking giving them fewer social skills when communicating with the people who are around them also.

Computers has also given the healthy industry huge improvements. Hospitals have taken advantage of modern technology to improve their security systems, health rooms, and surgical rooms. Giving doctors accurate information regarding health of patients and allowing them to give proper treatment. Other than in just hospitals there are many apps for phones and desktops that allows people to monitor their own heart rate, weight, sugar levels, and other vitals.

References

The 6 Main Ways Technology Impacts Your Daily Life.” TechCo, TechCo, 19 Dec. 2018, tech.co/news/6-main-ways-technology-impacts-daily-life-2017-02.

WERESU.ME.” The Advantages and Disadvantages of Keeping Animals in Zoos.,            weresu.me/en/articles/10342-computers-have-made-the-world-a-better-and-safer-place.