Cybersecurity Management Essay Essay Sample For College

Cybersecurity Overview

In an organization’s private and public networks, electronic data transmitted within is protected by cyber security. As a result, data transmitted and shared within internet networks and private local area networks are protected. Nonetheless, the major role of computer security is protecting data transmittable and transmitted in a private network only. Concerning how data flows across a network, data is broken down into packets, notable chunks that enable the packets to move through and around the network (Tissir, El Kafhali & Aboutabit, 2021). Organized and packed in a series of hops, data flow across the network in hand flows effectively from the source, which is mostly a computer to its designation. Data packets may move and transverse from one host to different hosts or through broadcast domains. Moving in different paces called buffers, data flow can be optimized for direct or shared flow.

By analyzing different criteria, we are better placed to categorize cyber security vulnerabilities depending on the cause, the point, or even how they can be manipulated. For instance, in network vulnerability, the hardware or software of a network might be weak, allowing intrusion of a third party. Operating system vulnerabilities are different since they are found within an operating system and can be exploited by hackers to access the operating system or even cause damage to the entire operating system (Tissir, El Kafhali & Aboutabit, 2021). The human vulnerabilities, however, are linked to cyber technicians and architectures. If the developers use a wrong code or error, sensitive data might be exposed and used against the organization. Wise to note process vulnerability is different since it is caused by the presence or lack of process control in a process. Cyber-attacks have been categorized as offensive and intentional acts focused on causing damage by targeting computer information systems.

Additionally, computer systems, devices, and data systems can suffer the wrath of cyberattacks. Common cyber attacks include acts that overwhelm a system, making it unable to access or respond to requests sent to it. Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks are common among host machines in a system (Tissir, El Kafhali & Aboutabit, 2021). Flash attacks are also risky for a system since using and exploit a system’s transmission control protocol. Queues pile up, making the system unable to handle requests once perplexed up with them at once. Man-in-the-middle attacks and malware such as spyware, worms, and viruses are common cybersecurity attacks. Commonly referred to as pen testing or security testing, an organization’s cybersecurity is ethically hacked, attacking and pushing pressure on its cyber defense tools such as its networks, users, and even web apps.

Not only do network tools identify problems prior, but spot out network vulnerabilities in their communication. One of the most common and effective computer forensics analysis tools is the Distributed Network Attack (DNA). The forensic tool plays a core role in fully recovering password protection files (Tissir, El Kafhali & Aboutabit, 2021). To employ network forensic analysis tools (NFAT), a direct installation to the server is done, accessing the network and all of its compositions for decoding. Other NFATs are log aggregated for analysis and identifying software communications vulnerabilities present.

An organization’s cyber security is achieved by applying enterprise cybersecurity, a concept that entails protecting the network’s physical and cloud-based infrastructure (Krumay, Bernroider & Walser, 2018). Moreover, enterprise cybersecurity is achieved by scrutinizing third-party providers and ensuring all internet points are covered. To ensure the above is achieved, all individuals involved with the network are vetted for confidentiality, integrity, and accountability of protecting the network hardware and software. A guiding principle exists in developing an enterprise cybersecurity policy framework and making a cybersecurity policy work.

Notably, identifying an organization’s intellectual property and assets dear to the organization is the first principle in coming up with a policy framework for an organization’s cyber security. Second comes implementing procedures and processes to protect the intellectual property, followed by placing resources to detect any defects in the network. The detection of hitches in an organization’s network is followed by responding to the defects or threats noted. The last principle that entails recovery of intellectual property of a network is applied in cases where data is lost and when necessary (Jouini & Rabai, 202). Several cybersecurity situations and actions threaten your operation and data protection as a modern enterprise. Data hacking and data leakage lead the least due to the adverse effects experienced in their occurrence. Additionally, phishing and ransomware follow-through, with patch management, social engineering, and crypto-jacking following through due to their mid and low-risk natures.

Cybersecurity Weaknesses in American Electric Power

Analyzing our company from a technology aspect, several loopholes are available on our website, leaving space and a chance for unethical hacking. For instance, on our website, the HTTP Strict Transport Security (HSTS) is not enforced as it should. Man-in-the-middle attacks can happen, leading to access of clients’ data illegally. Also, there are no secure cookies in use, allowing third-party interceptions. Moreover, in the header of the website link, it is easy to notice the presence of asp.net, the host in which the website is, and where it is built. With the heder showing where the site is built on, vulnerability is easy to be applied (Chan, Morgan, Simon, Alshabanat, Ober, Gentry, … & Cao, 2019). The Domain Name System Security Extensions (DNSSEC) are not enabled as expected. With them disabled and not configured with the website domain, it is easier for third parties with malice to forge records of a Dorman’s identity, thus accessing personal data (Kshetri, 2017). Our organization’s network managers and technicians are also reluctant in their roles. For instance, our network has numerous unsecured communication channels due to the use of outdated systems of management.

A couple of unknown bugs and multiple connection points in the system act as loopholes to system access by unwanted persons. In general, a high-level management strategy to manage our networks is missing, which affects the system’s data. Also, our cybersecurity policy is out of date and should be updated for ultimate network security. Protocols should be created, and access should be limited to the roles of employees and customers for the betterment of our cybersecurity.

Cybersecurity Risk Analysis

Malware is a significant risk to our network. To curb the issues related to malware, it would be wise to defend our organization’s data by buying anti-malware. Password theft is another risk our network possesses but would be curbed by a two-factor authentification or a robust method of protecting our data and customers Krumay, Bernroider & Walser, 2018). Data manipulation in SQL injections is also a common and notable risk our organization is prone to. To curb such a risk, however, the application of small firewalls should be enabled to detect and cut off unwanted and intentionally spoilt requests (Kshetri, 2017). Water hole attacks are also possible risks to our network but can be curbed using anti-viruses that detect and drop dangerous scripts Krumay, Bernroider & Walser, 2018). The unique and identified security risks above are subject to change and, at times, subject to elevation in terms of their adverse effects. Therefore, our organization should apply the above-listed prevention methods for the safety of our network and our different shareholders and stakeholders.

Cybersecurity Weakness Assessment

It is wise to note that our systems are faulty and our hardware and the entire organizational process in network management. In case of a significant threat from either of the three security weaknesses, a security breach can occur, causing damage to our network and affecting our business operations. In terms of system vulnerability categorized under non-physical network vulnerabilities and weaknesses, our operating system is not well protected, and system features are up-to-date. With the network’s operating system being away from up-to-date with the latest security requirements and patches, curbing system-related threats and risks can be hard out of the lack of updates. Regarding the physical aspects of risks, our security has easy access to our servers and the entire data storage room. As a result of the weakness in physical security, servers can be accessed by people who mean malice and plant malware into our systems. Lastly, our organization is not invested in organizational process management in terms of network management. As a result of having no long-term strategy for network protection, the security weaknesses keep expanding and increasing into network issues and giants. A lot of focus should be given to the management of the security department since a lot of letdowns and assumptions are made at the managerial level.

Cybersecurity Models Summary and Analysis

Developed by David Elliott Bell and Leonard J. LaPadula, the purpose of the Bell–LaPadula model was to push and enforce access control in military and governmental operations. The model is categorized as a state machine into top-secret and unclassified. The model’s notable features are its strong star principle and the tranquillity principle that changes not while being referenced. On the other hand, Biba’s Strict Integrity model was developed by Kenneth J. Biba, taking the role of a transition system for the state (Kshetri, 2017). The Biba model has features that block unauthorized parties from editing and modifying data and unauthorized parties from data modification to ensure data integrity and protection. Another unique feature of the model is how its data reflects into the real world in real-time due to the use and maintenance of consistency in its internal and external systems (Goodyear, Goerdel, Portillo & Williams, 2010). The Clark-Wilson model was fully and well described by both David D. Clark and David R. Wilson to formalize the concept and ideology of information integrity. Through its basic principles, such as how well-formed it is in its series of transactions and its integrity, duties are well transacted and separated and given different entities for follow-up and identification in the future. Last is the Chinese Wall, which plays a vital role in blocking communication between conflicting parties (Herrmann & Pridöhl, 2020). Used in a diverse field, the concept behind the model is to ensure no information is exchanged by parties that have a conflict of interest hence balancing the information share and stagnating decision making to an individual level.

The above cybersecurity models would be perfect for achieving a great and tight cybersecurity firewall as an organization. From the weaknesses in our network, as noted earlier, a cybersecurity model would be ideal. We would select the most suitable security model for protecting our organization’s network and data through its application and its purpose and context of development. Key features of the models above will play a significant role in accomplishing our newly identified needs to close the earlier weaknesses. From our research and analysis, models that had the part of data encryption, data safety, access and limit controls of users, and ensuring integrity and protection of data will be important in upgrading our organization’s cybersecurity protocols and roles. Below is a detailed customary security plan that will seal all network weaknesses as noted and listed above.

Custom Cybersecurity Plan

The purpose of our cybersecurity plan is to seal all notable and yet to be noted loopholes in our network. As is the business objective, all data belonging to our organization should be protected for user privacy to enhance credibility among our users and protect company information from malicious access and destruction. As is the vision of our information technology department, all hardware, software, and policies should be sealed from third-party access as well as from unauthorized internal access. As it is our business strategy to expand into more states and nations in the future, reliable network security and concealment should be present. To have a sound and all-alert network, we need to curb our underlying internal and external risks. Weaknesses that might result in malicious individuals accessing our network should also be closed and loopholes sealed. As a security policy, all internal stakeholders should understand the adverse effects of accessing unauthorized data and sharing the accessed data with third parties. Repercussions should be well understood by our externals, too, to keep them safe from security threats and breaches. Therefore, in our plan, we shall classify available data and create data support tools and roles to have a smooth operation internally and externally. Moreover, we shall remind all involved staff and stakeholders of their roles, responsibilities, and rights concerning data security.

Organizational Business Case and Recommendations

To the chief technology officer, there are several security issues relating to the breach of data and information from our organization’s network system that poses an information risk to our internal customers and our external customers and shareholders. As a result, as members of the cybersecurity department, we have noted several weaknesses our system has and have several proposals regarding its strengthening. Moreover, we have noted a perfect cybersecurity model to address our security issues. As a result, we will need to purchase several security models to kick off our security enhancement journey and project. With due respect, if the above concerns are suppressed and assumed as in the near past, most of our network will be breached by third parties, stealing our private files and data and manipulating us for repossession. To be on the safe side, our infrastructure will need a security make-over to eliminate the chances of a third party being present. In addition, our application security system will need to be reviewed and our network security. Revamping the two will also give us the confidence to face and fully protect our cloud security.

Nonetheless, since we have no major issue with the security of our internet of things, no significant changes will be needed aside from the normal housekeeping activities. Physical access to our servers will be the first significant revolution step to improve our organization’s security. We shall move our servers to a secure location that specific individuals can only access. Apart from that, we shall purchase a new cloud of storage and migrate all our data in a clean slate as we wipe out any third-party access and links present in our current cloud storage. Pending updates that may lead to a breach of our client data will also be approved and updated, closing off and protecting our clients’ data. If the above proposals are implemented, American Electric Power will be assured of a secure network. We shall also need to clean up our IT department off any moles and data sellers to make the plan work. By so doing, we shall be confident of a network free of an intrusive third party.

References

Tissir, N., El Kafhali, S., & Aboutabit, N. (2021). Cybersecurity management in cloud computing: semantic literature review and conceptual framework proposal. Journal of Reliable Intelligent Environments7(2), 69-84.

Chan, L., Morgan, I., Simon, H., Alshabanat, F., Ober, D., Gentry, J., … & Cao, R. (2019, June). Survey of AI in cybersecurity for information technology management. In 2019 IEEE technology & engineering management conference (TEMSCON) (pp. 1-8). IEEE.

Kshetri, N. (2017). Blockchain’s roles in strengthening cybersecurity and protecting privacy. Telecommunications policy41(10), 1027-1038.

Goodyear, M., Goerdel, H., Portillo, S., & Williams, L. (2010). Cybersecurity management in the states: The emerging role of chief information security officers. Available at SSRN 2187412.

Herrmann, D., & Pridöhl, H. (2020). Basic Concepts and Models of Cybersecurity. In The Ethics of Cybersecurity (pp. 11-44). Springer, Cham.

Jouini, M., & Rabai, L. B. A. (2020). Towards New Quantitative Cybersecurity Risk Analysis Models for Information Systems: A Cloud Computing Case Study. In Handbook of Computer Networks and Cyber Security (pp. 63-90). Springer, Cham.

Krumay, B., Bernroider, E. W., & Walser, R. (2018, November). Evaluation of cybersecurity management controls and metrics of critical infrastructures: a literature review considering the NIST Cybersecurity Framework. In Nordic Conference on Secure IT Systems (pp. 369-384). Springer, Cham.

Cycle Of Violence University Essay Example

The cycle of violence, also known as the cycle of abuse, is a theoretical framework that explains the pattern of behaviors by the abuser/aggressor and the victim in a relationship. This relationship may or may not involve marriage. The cycle breaks down into the honeymoon phase, tension-building phase, violence/acute explosion phase. Therefore, violence does not occur randomly but occurs following a pattern. During the honeymoon phase, the relationship does not experience any problems or arguments, but the aggressor may appear loving, passionate, and jealous to convince the victim that he is concerned about her. Also, the aggressor can apologize and promise not to act abusively again. In the tension-building phase, the aggressor makes derogatory remarks, and hypercritical comments towards the victim become extremely moody and withdraw affection. Once the victim sees behavior change, she will avoid family and friends and keep children away from the aggressor. During the explosion/violence phase, the aggressor becomes violent. It is common for the aggressor to hit or throw things towards the victim, rape and assault them. Also, the victim will live in denial and may pretend that violence never happened and it will never happen again.

Victim Precipitation Theory

Victim precipitation theory holds that victims play an active role in the criminal events that harm them either through victim provocation or victim facilitation (Lasky, 2019). It is a criminology theory that criminologists use to define situations where victims initiate their victimization. Also, this theory analyzes how a victim’s interaction with the offender contributes to committing a crime. For example, when victim precipitation theory is applied to rape, victim-precipitated rape happens when the offender interprets the actions of their victim as sexual, hence initiating rape.

Costs Associated with Victims in the CJ System

The severity of victimization can be understood through its costs. These costs are classified into three dimensions: financial losses, physical injuries, and emotional stress. The costs that the victim suffers vary depending on crime severity, consequences of the crimes, and impact on the individual victim. Physical injuries may include cuts, broken bones, and bruises. Emotional stress/cost of the crime are easily quantifiable and can cause stress and depression, fatigue, lack of sleep, and change in appetite. The financial costs entail all the monetary losses the victim sustained because of the crime. Financial costs may include medical bills, productivity loss, and property loss.

Do Victim Witness Statements Help of Hinder Sentencing?

Victims present victim witness statements to the court at the offender’s sentencing. Victims, family members, and victims’ friends contribute in written and verbal victim witness statements. Once the victim has presented victim witness statements, they can assist the magistrate in deciding the kind of sentencing the offender should receive. Sometimes the judge may decide that the sentencing of the offender be based mainly on the pre-sentence report and other specific sentencing guidelines. However, the judge should first take into consideration the opinions of the victim before making a verdict in this case. According to Kunst et al. (2021), victim witness statements allow victims to explain to the judge how the crime affected their life, aiming at bringing emotional recovery. Also, victim witness statements include the financial losses that occurred due to the crime, and it is used to evaluate and approve the financial impact of the crime upon the victim. Therefore, victim witness statements help sentencing.

References

Kunst, M., de Groot, G., Meester, J., & van Doorn, J. (2021). The impact of victim impact statements on legal decisions in criminal proceedings: A systematic review of the literature across jurisdictions and decision types. Aggression and violent behavior56, 101512. https://doi.org/10.1016/j.avb.2020.101512

Lasky, N. V. (2019). Victim precipitation theory. The encyclopedia of women and crime, 1-2. https://doi.org/10.1002/9781118929803.ewac0517

Dangers Of Excessive Alcohol Consumption And How To Quit The Habit Sample College Essay

Dear Anonymous,

Recently, I have been learning about modifiable risk factors that cause illnesses in our country. I have learned about the dangers of excessive drinking and this knowledge has prompted me to write to you to discuss your excessive drinking habit. I hope at the end of the letter, you will appreciate my good intentions and effect change.

Excessive alcohol consumption has adverse effects on human health both in the short term and the long term. Remember that excessive alcohol consumption is anything above “12 ounces of beer, 4 ounces of wine, or 1.5 ounces of 80-proof spirits” per day, which from my experience, you regularly surpass (HopkinsMedicine, 2022). In the short term, excessive drinking affects various parts of the body leading to effects such as vomiting, lowered inhibitions, drowsiness, and loss of coordination and consciousness among others. While these effects may wear off after a short period, they can pose adverse health risks. When an individual loses consciousness and vomits, they can easily choke on their own vomit. Furthermore, lowered inhibitions predispose people to risky behavior such as violence leading to injuries and fatalities and unsafe sexual behaviors which can lead to sexually transmitted diseases and other dangerous health conditions. Moreover, excessive drinking can cause alcohol poisoning caused high levels of alcohol in the blood and this can lead to hospitalization or death.

In the long term, excessive alcohol consumption will take a serious toll on your health. Statistics show that excessive alcohol use “approximately 95,000 deaths and 2.8 million years of potential life lost (YPLL) each year in the United States from 2011 – 2015” (CDC, 2021). Multiple body areas and functions are adversely affected by excessive alcohol consumption and the damage increases and become more life-threatening the more an individual continues to drink. Chronic long-term drinking will ruin your digestive system. Excessive drinking damages the gastrointestinal tract wall’s tissues through corrosion caused by repeated vomiting and the acidity in some alcoholic drinks. When the damage is done, the intestines’ ability to digest food and absorb vitamins and other nutrients is diminished (CDC, 2021). This will lead to malnutrition. Furthermore, the corrosion of gastrointestinal walls can lead to flaring up of ulcers leading to internal bleeding that can be fatal if not promptly treated. Your circulatory system will also suffer because of excessive drinking. The heart, lungs, and blood vessels are all affected by excessive alcohol consumption. Long-term excessive drinking leads to high blood pressure, causes irregular heartbeats, and can lead to strokes, heart disease, heart attacks, and heart failure. Excessive alcohol consumption also negatively affects your sexual and reproductive health. Chronic excessive drinking inhibits the production of sex hormones and diminishes libido.

Overdrinking also adversely ruins the liver. The liver is responsible for breaking down alcohol. Excessive drinking leads to the inflammation of the liver which leads to liver diseases that culminate in the fatal buildup of toxins in the body. Repeated liver inflammation can lead to cirrhosis which may lead to permanent liver damage (CDC, 2021). Similarly, excessive drinking can lead to pancreatic inflammation leading to pancreatitis and inhibiting the body’s ability to control blood sugar levels. Additionally, excessive alcohol consumption harms the immune system and the skeletal and muscle systems. Chronic excessive consumption reduces bone density and weakens muscle which puts the individual at risk of fractures, cramping, and atrophy. The immune system is also not spared. Heavy drinking reduces an individual’s immune system hence increasing their susceptibility to diseases such as tuberculosis (Volkmann et al, 2015). Chronic excessive drinking also increases the risk for various cancers.

Excessive drinking eventually interferes with the normal functioning of the brain hence inhibiting the brain’s ability to create long-term memories and think rationally. If the drinking continues, alcohol damages the frontal lobe which is in charge of impulse moderation, judgment, and short-term memory (CDC, 2021). Eventually, long-term heavy drinking can result in permanent brain damage and lead to the development of debilitating disorders such as Wernicke-Korsakoff syndrome (CDC, 2021). Excessive drinking also puts your mental and psychological well-being at risk. Alcohol diminishes memory, impulse control, and leads to irregular moods and personalities. Alcohol has also been shown to be a factor in several mental health conditions such as mood, sleep, anxiety, and psychotic disorders. Excessive alcohol consumption also leads to addiction. Thus, excessive alcohol consumption negatively affects both physical and psychological well-being. With all these key body parts and functions affected, ultimately, excessive alcohol consumption leads to death.

Therefore, it is crucial and urgent that you stop this behavior, not just for your health but for your social wellbeing. While some people may suggest quitting alcohol abruptly, this option may be unsafe. However, there are other options that have proven to be useful in providing support and treatment for those who want to quit excessive alcohol consumption. Online recovery groups such as Tempest can come in handy particularly during this Covid-19 times. While these groups are easily accessible they require discipline and resolve (Bliuc, 2019). You can also join support groups such as Alcoholics Anonymous which provides guidance and support during your journey to end the habit. While these options are useful it is also essential to consult professionals to help guide you with the recovery process. Research indicates that consulting a therapist and getting help in addressing the underlying issues that prompt your excessive drinking and prevent future relapse (Singer et al, 2013). Without resolving these underlying issues, you can easily relapse, and quitting again will be difficult. Additionally, you should seek medical intervention to address any symptoms caused by excessive alcohol use and to reduce the intensity of cravings. By combining these approaches, you can successfully cut excessive drinking and live healthily. However, it is important to remember that the quitting process is not going to be easy, and to be successful one needs resolve, discipline, and to surround themselves with positive influences that can help accomplish this goal.

References

Bliuc, A. M., Doan, T. N., & Best, D. (2019). Sober social networks: The role of online support groups in recovery from alcohol addiction. Journal of Community & Applied Social Psychology, 29(2), 121-132.

CDC. (2021, May 11). Drinking Too Much Alcohol Can Harm Your Health. Learn the Facts | CDC. Centers for Disease Control and Prevention. https://www.cdc.gov/alcohol/fact-sheets/alcohol-use.htm#

HopkinsMedicine. (2021). Alcohol and Heart Health: Separating Fact from Fiction. Johns Hopkins Medicine, Based in Baltimore, Maryland. https://www.hopkinsmedicine.org/health/wellness-and-prevention/alcohol-and-heart-health-separating-fact-from-fiction#

Singer, J. A., Singer, B. F., & Berry, M. (2013). A meaning-based intervention for addiction: Using narrative therapy and mindfulness to treat alcohol abuse. In The experience of meaning in life (pp. 379-391). Springer, Dordrecht.

Volkmann, T., Moonan, P. K., Miramontes, R., & Oeltmann, J. E. (2015). Tuberculosis and excess alcohol use in the United States, 1997–2012. The International Journal of Tuberculosis and Lung Disease, 19(1), 111-119.