Category: Cyber security

Before you begin, read this report: National League of Cities (at the bottom of the page)
Prepare a briefing statement (3 to 5 paragraphs) for a group of state government employees and local government city managers who are interested in learning more about the benefits of working together with peers in government to improve their organization’s cybersecurity posture.
These employees and managers are not all technically savvy so ensure that laymen can understand your statement. This audience’s specific interest is in obtaining help in preventing data breaches since state agencies and city governments collect, process, transmit, and store large amounts of private information about individuals. This private information might include:
Student Records (K-12)
Online Reservation & Payment Systems for Parks & Recreation Facilities
Hospitals (Patient Records)
Vital Records (Birth / Death Certificates)
License Applications (Marriage, Business, Driver’s Licenses)
Building Permits (including architectural drawings and property information)
Your briefing statement should answer the following two questions:
Will working with peer government organizations, e.g. through regional or national partnerships, help reduce risks and improve a small agency’s cybersecurity practices? Why or why not?
Who else could each city partner with to reduce the risks and impacts of data breaches?
Additional Resource: https://www.cisecurity.org/ms-isac/services
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your posting.
https://www.nlc.org/resource/state-and-local-partnerships-for-cybersecurity/ 

Overview
One of the three focus projects for this course is creating a technical brief based on the research you’ve conducted. The audience for this brief is the security or IT director for the fictional organization for which you work. This technical brief will serve as the basis for a proactive adversarial detection plan that your director will be creating. The final product represents an authentic demonstration of competency because, as a security analyst, you must develop skills that use a variety of methods and tools to detect, characterize, and counter cyber threat actors. Your work will contribute to larger team projects across your organization. This project will also help you develop an important mindset: thinking responsibly and proactively about what threat actors would do to attack organizational assets.
The project incorporates one milestone, which will be submitted in Module Five. The project will be submitted in Module Seven.
In this assignment, you will demonstrate your mastery of the following course competency:
Develop reliable, ethical methods to detect, characterize, and counter cyber threat actors
Scenario
In a course announcement, your instructor will provide some scenarios for you to choose from. In your chosen scenario, you are a security analyst, creating a technical brief for the security or IT director explaining how the situation informs the larger proactive adversarial detection plan they are writing for the organization. The specific technical information, results, or determinations you need are supplied within the scenario. Your brief should address each critical element in the Project Three prompt, discussing your best-practice tactics or methods recommendations based on your research from the decision aid you completed as the milestone for this project. The Conclusion section of this activity requires you to expand on all the research you did for the decision aid.
Prompt
In your technical brief, you must address the critical elements listed below.
IntroductionIdentify your threat actors and characterize their motivations or desired outcomes. Use research from the Project Three resource guide or decision aid to support your response. For example, is the threat actor gathering information for financial gain?
AnalysisDescribe best practices or methods for detecting the threat actors from the scenario. Use research from the Project Three resource guide or decision aid to support your response.
Describe ethical and legal factors that should be considered and their significance in terms of the company for which you are employed in the scenario. Use research from the Project Three resource guide or decision aid to support your response.
Describe at least one tactic or method that is important in responding to and countering this threat actor. Use research from the Project Three resource guide or decision aid to support your response.
Describe at least one tactic or method that would be employed to reduce the likelihood of the same situation happening again. Use research from the Project Three resource guide or decision aid to support your response.
ConclusionExplain the potential ramifications of the tactics or methods you have suggested. Use research from the resource guide or decision aid to support your response.
What to Submit
Your submission should be approximately 2 pages in length (plus a cover page and references) and should be written in APA format. Use double spacing, 12-point Times New Roman font, and one-inch margins. Include at least three references, which should be cited according to APA style. Use a file name that includes the course code, the assignment title, and your name—for example, CYB_200_Project_Three_Neo_Anderson.docx.
Project Three Rubric
CriteriaExemplary (100%)Proficient (85%)Needs Improvement (55%)Not Evident (0%)Value
Introduction: CharacterizeMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative mannerIdentifies threat actors and characterizes their motivations or desired outcomes, using research from the resource guide or decision aid to support the responseAddresses “Proficient” criteria, but there are gaps in clarity, logic, or detailDoes not address critical element, or response is irrelevant16
Analysis: Detecting Threat ActorsMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative mannerDescribes best practices or methods for detecting the threat actors, using research from the resource guide or decision aid to support the responseAddresses “Proficient” criteria, but there are gaps in clarity, logic, or detailDoes not address critical element, or response is irrelevant16
Analysis: Ethical and Legal FactorsMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative mannerDescribes ethical and legal factors that need to be considered and their significance, using research from the resource guide or decision aid to support the responseAddresses “Proficient” criteria, but there are gaps in clarity, logic, or detailDoes not address critical element, or response is irrelevant16
Analysis: Responding to and Countering Threat ActorMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative mannerDescribes at least one tactic or method that is important in responding to and countering the threat actor, using research from the resource guide or decision aid to support the responseAddresses “Proficient” criteria, but there are gaps in clarity, logic, or detailDoes not address critical element, or response is irrelevant16
Analysis: Reduce LikelihoodMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative mannerDescribes at least one tactic or method that would be employed to reduce the likelihood of the same situation happening again, using research from the resource guide or decision aid to support the responseAddresses “Proficient” criteria, but there are gaps in clarity, logic, or detailDoes not address critical element, or response is irrelevant16
Conclusions: RamificationsMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative mannerExplains the potential ramifications of the tactics or methods suggested, using research from the resource guide or decision aid to support the responseAddresses “Proficient” criteria, but there are gaps in clarity, logic, or detailDoes not address critical element, or response is irrelevant16
Articulation of ResponseSubmission is free of errors related to citations, grammar, spelling, and organization and is presented in a professional and easy-to-read formatSubmission has no major errors related to citations, grammar, spelling, or organizationSubmission has some errors related to citations, grammar, spelling, or organization that negatively impact readability and articulation of main ideasSubmission has critical errors related to citations, grammar, spelling, or organization that prevent understanding of ideas4
Total:100%

If computer security risk is due to flaws in software, why do software developers allow them to exist and why don’t they get repaired before a zero-day exploit is discovered?

Review the table of contents and relevant chapters
in the Certified Information Privacy Professional textbook to find information
about legal and regulatory drivers.
Review additional
resources which discuss IT compliance audits and/or policy system audits.
Min. of 4 Authoritve/ Credible Sources 
Additionaly information provided upon taking the job.

Organizations commit to cybersecurity by way of a policy – this is how the organization describes the “law” of the organization. Policies generally do not include “how” something should be implemented, just the overall commitment (the Acceptable Use is an exception to this overall rule). In later assignments, we will be describing internal standards, which would indeed describe the details of “how.”
[AC-7] Unsuccessful Login Attempts:   must enforce a limited of consecutive unsuccessful login attempts, and automatically locks the user account for a period of time until unlocked via established authentication methods, detailed in the internal standard.
or
[AC-11] Device Lock:   must prevent further access to the system by initiating a device lock after a period of inactivity and retain the device lock until the user reestablishes access using established identification and authentication procedures, detailed in the internal standard.
Note that the timings and number of times unsuccessful login attempts are not listed in a policy – these would be detailed in the internal standard.
Completion Instructions:
Section 7 of the Cyber Security Program document will contain 4 policies.
7) Policies – complete this section by providing 4 complete policies, using the template you created for the DB in this module.
Policies
Acceptable Use Policy (use what you did for the DB – and put it in the template format – you will have to add to it as the DB did not include all sections of the template).
Asset Management Policy – This is mostly provided for you by way of an example.  You should complete the blank sections.
Access Control Policy – leverage NIST 800-53r5, the Access Control family, for inspiration. There should be at least 8 policy clauses included (2 examples are provided above as examples, you can use them)
Risk Management Policy – leverage NIST 800-53r5, the Risk Assessment family, for inspiration. There should be at least 5 policy clauses included
Additional Policies
NAME at least 8 additional policies that should be created to support the organization.
Note – this is just the NAME of the policy – you do not have to create these policies.
You can list policies based on the aligned standard, such as from NIST. You may choose policies such as “Audit and Accountability” – or If you want to be more direct, policies like “Password Policy” is fine as well, or a combination of both. Ensure that your polices cover most, if not all of the landscape of the common security controls areas.
Completion
Each week, more content will be added to it, you will always turn in the entire document each time. There are additional notes and comments on the template, remove them as you move through the completion of the template. For example, for the sections due this week, all of the comments, notes, and suggested text should be removed for those sections.

This is a group project. each team member choose one specific threat and I chose to do a research on “Man-in-the-Middle (MitM)”
Research the selected topic (below are discussion headings, include others to enhance your paper):
Introduce and explain the topic / tool-related topic
Explain how it is relevant to threat modeling or Intel
For research topics:
Discuss core concepts and conclusions
How the research is relevant to an organization
For tool-related topics:
Describe how it works
Discuss how an organization can use it
Provide a review of the tool
Last page(s):  List of APA formatted References
Beginning on a new page
Listed alphabetically
Minimum of 10 credible references, at least five published within the last two years
There needs to be at least one in-text citation for every reference!

Starting Point References/Resources 
On March 13, 2024, the European Parliament adopted the Artificial Intelligence Act (AI Act)https://www.europarl.europa.eu/news/en/press-room/20240308IPR19015/artificial-intelligence-act-meps-adopt-landmark-law. . It is considered to be the world’s first comprehensive horizontal legal framework for AI. It provides for EU-wide rules on data. 
Also Global KPMG:https://kpmg.com/xx/en/home/insights/2024/04/legal-predictions-on-data-privacy-cyber-security.html. 5 predictions: How AI, data privacy and cyber security could transform legal practices
This article highlights predictions from Global KPMG Legal Services leadership from around the world on how data, privacy and cyber security issues will affect the future of legal functions and legal practice. As predictions, they are not intended to guarantee any future outcomes.
Today’s legal teams are challenged by rapid technological innovations. Generative artificial intelligence (gen AI) and other new technologies are being adopted across legal functions and broader businesses at breakneck speed. While productivity is being pushed to new heights, organizations are being exposed to a new range of risks, including data privacy breaches, loss of attorney-client privilege, heightened regulatory scrutiny, ransomware and related reputational damage.
At the same time, new abilities to access, manipulate and analyze huge pools of data are compelling legal professionals, regulators and policy innovators to balance technology’s potential to drive positive social change against the dangers of exposing large swathes of sensitive personal information.
How will these trends reshape the legal functions of the future? Here are KPMG professionals’ top five predictions:
As gen AI becomes ever more embedded into legal function processes, legal teams will need to understand how and when to keep humans in the loop to maintain the skills needed to guard against the related risks.
The application of gen AI and other new technologies to legal work will significantly increase efficiency and productivity. These gains will grow as legal professionals get more comfortable with these powerful solutions and continue to develop more constructive ways to employ them.
Dependence on gen AI will grow apace, however, and legal teams will need to stay vigilant about the attendant risks. For example, using gen AI to inform legal advice could lead to data breaches that could affect privilege. And eventually, as gen AI subsumes ever more routine legal activities previously done by junior lawyers and paralegals, there will be fewer people in the organization with the skills to do that type of work.
Legal professionals will need to avoid the tendency to simply accept that a computer’s output is correct without questioning the reasoning behind it. They will need to develop the skills to work backwards from the output to explain how a legal conclusion was derived and independently verify whether it is accurate. Attorneys will also need to be purposeful in determining which processes are a good fit for AI and where they still need to maintain the skills to verify the legitimacy and accuracy of AI output.
A raft of new legislation will emerge to address a wide array of AI-related issues.
As new AI legislation is enacted, legal teams will move beyond building AI for their own use cases to advising their businesses on the AI implementation. Legal departments will need to understand all of these different rules so they can establish legal frameworks that enable the organization to innovate and use AI. This use must follow ever-evolving new laws and regulations and must proceed in a safe and trusted way.
Within these frameworks, legal teams need to set business-optimized guardrails so they can make the most of business opportunities while preventing their organizations from incurring risk.
Smart use of technology will be a key to managing these new compliance obligations. gen AI and large language model AI can ingest, decipher, summarize and automate data and regulatory and compliance rules to a much wider degree than any current technology. Legal professionals who learn how to use technology for both improving productivity and policing its use will have a distinct competitive advantage.
Privacy laws and approaches to open data innovation will continue to diverge. The more AI is relied on, the more the risks increase, leading to more rigorous requirements aimed at protecting personal data on one hand while enabling its use for productivity gains and positive social change on the other.
Revolutionary AI systems have enormous potential to help solve various societal problems, such as disease and vendor diversity-based discrimination. However, these systems require copious amounts of personal data to create reliable statistical conclusions, raising issues about whether the right permissions and safeguards are in place for processing that data.
Regulatory restrictions on data usage, such as data localization and data sovereignty rules, will continue to increase. However, there will be some push and pull as some jurisdictions, such as the UK, attempt to simplify those rules in order to encourage innovation, sharing of data and open data. For example, the EU Data Act aims to allow public authorities to make public data available for purposes of the wider community via a public data trust.
Legal teams are likely to increase their use of AI-enabled privacy technology to demonstrate compliance as new data protection legislation comes onstream. This technology can also make legal data analysis more efficient and ultimately help make legal decisions more consistent. 
With gen AI’s ability to create and transform, data sources will become more opaque and harder to trace, leading to more data privacy and intellectual property disputes.
As machine learning, large language models and gen AI continue to advance and collect huge volumes of data, it will become increasingly difficult to trace and verify the sources used to train these technologies. Currently, we have seen disputes over AI’s use of copyrighted texts and artworks in generating new works. The inability to prove who “owns” a source of original data could frustrate attempts to gain intellectual property protection for AI-generated results.
Challenges in tracing data could also cause companies to run afoul of data privacy legislation by hampering their ability to comply with legislated data subject rights, such as access or erasure requests.
In-house privacy teams will need to expand their focus to streamline processes and controls and adapt to AI-related risks and regulations. Legal departments will also need to have the ability to quickly develop internal policies, procedures and controls to keep up with the pace of new usage.
Legal departments will be on the front lines of defending against cyber attacks and upholding organizational resilience.
Cyber security threats are likely to multiply in the future as cyber criminals become adept at using gen AI for writing ransomware, bypassing protections, spreading misinformation and other offences. Legal teams will be called on to respond to these risks on a number of fronts by:
advising companies on consistent policies for responding to and dealing with ransomware attacks
working with in-house technology or operational teams to implement or adopt appropriate cybersecurity technology to protect the organization’s data (in compliance with stricter data protection/cyber security laws).
educating people across the company on cyber risks, including the guardrails needed to mitigate those risks and what red flags to watch out for
ensuring that the people responsible for complying with data security and privacy legislation:
have the skills to understand the sources of cyber risks and related safeguards
maintain their human connections within the organization so they can ensure AI uses remain safe and secure.
Governments can also be expected to get involved to ensure businesses in their jurisdiction have appropriate cyber security policies and governance in place. In the near future, we are likely to see legislation enacted to mandate organizational resilience on adopting stronger cyber security technology and efficient response to cyber security breach. Legal professionals will need to help their organizations develop approaches to complying with these rules.
Also, see https://www.javatpoint.com/application-of-ai

Assignment 4 Security Strategy
From the perspective of protecting a network and system that has multiple locations, both wired and wireless connections, LANs, WANs, intranets and extranets, write your own strategy for dealing with a particular hack. Describe the type of hack and make sure your organization is large enough to have a robust network. Make sure you address preventative, detective, and corrective countermeasures. This should be written in MS Word, Times New Roman font and 12 pt. Keep it to two pages max.

Why are protocols a basic element within the science of encryption, and what is the most important and consistent nature of protocols within the discipline?

Each week, we will have a “This Week in Cybersecurity” discussion that focuses on developing issues in Cybersecurity, with a focus on encryption related topics when possible. This discussion will provide you the opportunity to stay ‘attuned’ to current Cybersecurity issues in the news and share at least one event, activity, or development with the class. For example, if a major cyber-attack on a nation-state or major company (i.e., North Korea attack on Sony) were to occur, this would be the type of story to share.
Find an encryption and/or Cybersecurity-related current event, activity, or development in the news. In your discussion post, briefly summarize the event and reflect on its significance. You should use any legitimate news source (television, internet, periodicals, etc.) to support your topical input. (A few sites related to cybersecurity are suggested on the Student Resourcespage, but you are not limited to these.) Questions to address might include:
How does the event relate to issues addressed in class?
How might similar situations be mitigated?
What is the broader impact of the event (e.g., nationally, globally, etc.)
Include a link to the story or a citation so that others may read the story.