Haleigh Duguay CYB 200 Project Three
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
200
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
5
Uploaded by MinisterDuckMaster1030
Project Three
Haleigh Duguay
Cybersecurity, Southern New Hampshire University
CYB 200: Cybersecurity Foundations
Dr. James Beneke
October 15, 2023
The threat actors in scenario four are Jan and other unknown threat actors. Jan is the only known threat actor prior to a deeper dive into the situation. It appears Jan’s motivation to attack the organization is financial gain. She has admitted to having financial hardship, and now, she is seen with nicer clothing and new jewelry.
In this scenario, I would focus on awareness and auditing to detect the threat actors. Annual short-form computer-based training is the best practice for awareness because they “
…
offer a convenient and engaging way to provide employees with the essential security training they need in a format that allows them to complete training in small increments, making it easier to assign within the flow of work with minimal disruption (Sans Institute, n.d.).” Awareness is the key to a proactive approach to cybersecurity. When the employees of the organization are well-versed in what to look out for, things can be caught and reported early enough for substantial damage to be done. Auditing a computerized environment should be split into two areas; audit of operational computer systems and audit of systems under development. A data-oriented audit would look at processed transactions. Developmental audits can evaluate controls without observing results. In developmental audits, the auditor is ensuring that developmental procedures and standards are being followed (Ruthberg, Z. G., et al, 1988). Operational audits can be riskier because controls can receive actual negative results whereas developmental audits do not produce legitimate transactions. An operational audit is necessary in this scenario because Jan is clearly not following policies and procedures as she should. An audit will need to be done on all her equipment.
It is important to understand that Jan may be responsible for embezzlement. Stealing assets from company property is called embezzlement. This usually occurs when an employee
wants financial gain from ideas or physical property within their place of employment. If she is found guilty, she should be charged with embezzlement and theft. Theft involves stealing money or intellectual property (CISA, 2023). Theft is done for financial gain or gain or intellectual property to claim as their own. Intellectual property can also be used for financial gain. Because she is taking pictures of a schematic, it can be assumed that she may be selling intellectual property.
To respond to and counter the threat actor, we will run the audit and monitor their activity. A management network is a dedicated network to remotely control, monitor, and configure computer nodes in an HPC system. These systems can allow admins to remotely power
on/off machines and install/uninstall operating systems. These can only be accessed by authorized system administrators (Guo, Y., et al, 2023). These can give cybersecurity professionals access to all systems on the network from anywhere at any time. If it is found during this audit/monitoring process that Jan is embezzling or stealing intellectual property, she will be prosecuted immediately. With the monitoring, we are hopeful that other threat actors will be exposed so they can be prosecuted as well.
Awareness and monitoring would reduce the likelihood of this happening again. It is obvious that Jan has been successful in embezzling and theft. Because she is seen wearing new clothing and jewelry, this may have been happening for a while. This could have been stopped earlier if someone had noticed her odd behaviors and reported it. That is the importance of awareness. Going forward, we will need to enforce routine monitoring on all devices. We can create triggers to alert the cyber security team of suspicious activity and audit as needed.
Potential ramifications of these tactics and methods could be a reduction in employee satisfaction. At times, employees can see security awareness as a waste of time. They
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
could also feel as though they are being micromanaged with the increased monitoring. It is important that we stress the importance of cybersecurity to protect the organization from being attacked. We will need to reiterate the fact that they are not being micromanaged, we just value national security. Because the data is confidential and owned by the military, security is exponentially more important. We want our employees to be patriots and also value national security. In conclusion, these methods will have more benefits to the security of the organization to outweigh the potential negative pushback from current employees.
Citations
CISA. (2023). Defining Insider Threats | CISA. Cybersecurity and Infrastructure Security Agency CISA. https://www.cisa.gov/topics/physical-security/insider-threat-
mitigation/defining-insider-threats
Guo, Y., Chandramouli, R., Wofford, L., Gregg, R., Key, G., Clark, A., Hinton, C., Prout, A., Reuther, A., Adamson, R., Warren, A., Bangalore, P., Deumens, E., & Farkas, C. (2023).
NIST Special Publication NIST SP 800-223 ipd High-Performance Computing (HPC) Security: Architecture, Threat Analysis, and Security Posture Initial Public Draft. NIST Special Publication NIST SP 800-223 IPD
. https://doi.org/10.6028/NIST.SP.800-223.ipd
Ruthberg, Z. G., Fisher, B. T., Perry, W. E., Lainhart IV, J. W., Cox, J. G., Gillen, M., & Hunt, D. B. (1988). Computer Science and Technology NBS Special Publication 500-153 Guide to Auditing for Controls and Security: A System Development Life Cycle Approach
.
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nbsspecialpublication500-153.pdf
Your Security Awareness Program Can Do More Than You Think: Fulfilling the Promise of “Training for All” | SANS Institute. (n.d.). Www.sans.org. Retrieved September 30, 2023, from https://www.sans.org/blog/your-security-awareness-program-can-do-more-
than-you-think-fulfilling-the-promise-of-training-for-all/