Kevin Mehok
Forum Replies Created
-
Posts
-
Marcena,
I loved your post! In Chicago no new building gets built without smoke alarms, CO2 detectors, flame detectors, sprinkler systems, emergency stair wells that are fire proof. Yet, I have never ever attend one safely drill class or training at any of these buildings. Besides a bunch of maps telling one where to go, it doesn’t really say what to do, or how to do it. I loved and see the value in our action plan post!
Great job.
God Bless,
Kevin
IST3100 Information Systems Security Officer
Week Five
Assignment # 3
WK5 Cyberattacks story
Kevin MehokMarcena,
Awesome job with elaborating several different scenarios. Your cybersecurity attacks could all be used to create excellent movie titles. Sadly, these very stories not movies and they actually happen. We hear and see headlines regarding these sorts of attacks on the news far too often.
Great job!
God Bless,
Kevin
IST3100 Information Systems Security Officer
Week Five
Assignment # 3
WK5 Cyberattacks story
Kevin MehokI think that sourcing an actual story for this discussion will be the most effective approach.
In this era of time, we have been hearing a lot about Russia, and Ukraine. For years, Russia has aggressively and recklessly mounted digital attacks against Ukraine, causing blackouts, attempting to skew elections, stealing data, and releasing destructive malware to rampage across the country—and the world (Newman, 2022). Sadly, Russia carried through with invading Ukraine in February, though, the digital dynamic between the two countries has changed as Russia struggles to support a massive and costly kinetic war and Ukraine mounts resistance on every front it can think of (Newman, 2022). What does this mean? Well, this means that while Russia has continued to pummel Ukrainian institutions and infrastructure with cyberattacks, Ukraine has also been hacking back with surprising success (Newman, 2022). In defense, much like our need to create and implement an action plan, Ukraine has formed a volunteer “IT Army” at the beginning of the war, which has focused on mounting DDoS attacks and disruptive hacks against Russian institutions and services to cause as much chaos as possible (Newman, 2022). Hacktivists from around the world have also turned their attention—and digital firepower—toward the conflict (Newman, 2022). In a valiant effort Ukraine has launched other types of hacks against Russia, including attacks utilizing custom malware, Russia has suffered data breaches and service disruptions at an unprecedented scale (Newman, 2022).While we discuss over and over the negatives of malware and virus attacks, cyberattacking, yes cyberattacking can also in and of itself be an incredible form of offense, in defense just as it has been for Ukraine.
I would be willing to keep approaches like this in mind as well if my organization were attacked.
God Bless,
Kevin
References:
Newman, L. (2022) https://www.wired.com/story/worst-hacks-breaches-2022/
Marcena,
Your amazing word choices and excellent responses are just incredible. Well done, once again! I feel that we as future professionals, maybe some of us are currently practicing, that incorporating and testing an action plan is a must. The little details in the ‘what ifs’ discussion are often overlooked. I also feel that if we discuss disasters with companies and organizations that have suffered a loss, will also be a great point of reference in our planning to protect and restore our organizations.
God Bless,
Kevin
IST3100 Information Systems Security Officer
Week Five
Assignment # 2
WK5 “What ifs” Discussion
Kevin Mehok
Hey Class,
This week to me is all about prevention and situational awareness. It all starts with assessments of risks, and/or potential scenarios that may or may not occur. To me, based upon the reading, we should simply be proactive, discuss risks as a team, and finally, have an action plan in place.
Security Controls, what are they? Well, I am a huge component of encryption. In the security control segment, we should be prepared to identify what is considered as ‘sensitive’ information. Once this has been determined, we can encrypt this intel.
Recovering, or being prepared as to how to recover from a disaster is another must! The goal in this area should set upon restoring core or critical systems as quickly as possible in the event of a disaster. Developing this procedure will require a tremendous amount of solid communication and coordination between teams and units.
Training: Yes, good ole training. Organizations need to literally practice drills just like many of us may have in our school days. For example, when I was in grade school, we had both regularly scheduled tornado and fire drills. We also implement unplanned drills. The point I am driving home is, practice procedures as a team as if an actual disaster were occurring.
As a security officer, we not only need a formal plan or plans in place, but timeliness is a must. The faster we can restore our organizations, the better.
Thank you. That’s all I’ve got.
God Bless,
Kevin
IST3100 Information Systems Security Officer
Week Five
Assignment #1
WK5 Devotional
Kevin MehokHey Class,
This week’s devotional reminds us that we have been created in the image of God. The challenge in considering as to whether or not there is life on other planets, seems so, well ‘unchanging’ for me. I feel that I would not lose an once of faith or belief in God if I was learn about life on another planets.As for me, this would in fact prove to me again just how powerful our God and almighty Creator actually is. His power, His vastness is so far beyond our scope of understanding. The same must be said about His love for us. Scripture also reminds us of God’s desire to be loved by us.
Once again, as humans, this idea is well beyond our ability to reason and understand. I am personally validated and assured about God’s love when I hear music, see something beautiful, and feel a certain way, all of these things happen because of God’s all-consuming love.
God Bless,
Kevin
Hey Kelly,
Thanks for responding to my post. I really appreciate it. I wanted to make breaching, well a bit more relatable. I feel that read about issues, and sort of understand the magnitude; however, when we learn about a company, especially a popular one such as EA, it hits home for many of us. This is so important when trying to comprehend just how important our roles can be as a Security Officer.
Thanks again.
God Bless,
Kevin
Hey Kelly,
Great job. You listed clear examples of both Symmetric Cryptography and Asymmetric cryptography. The irony is key, lol, yes, the ‘key’ for encryption. To me, the lock calling for the pair in asymmetric cryptography which regulates, if you will, private and public.
Thanks for your post.
God Bless,
Kevin
Kelly,
I loved that you mentioned the value of a trust 3rd party. Regardless of the business type, the 3rd party transaction completely unavoidable. Meaning, we have to have security measures in place to protect all parties involved.
I used to manage a large TPA (Third Party Administrator) for auto insurance claims, the amount of data privacy paperwork and regulatory information needed to run all facets of the business was overwhelming at times.
We had to create SSO and MFA to verify identities for all parties to maintain a safe and effective work environment.
Great post.
God Bless,
Kevin
IST3100 Information Systems Security Officer
Week Two Lesson 7
Kevin MehokHey Class,
Symmetric Encryption is the most basic and old method of encryption (Hera, 2021). It uses only one key for the process of both the encryption and decryption of data (Hera, 2021). Thus, it is also known as Single-Key Encryption (Hera, 2021).
A few basic terms in Cryptography are as follows:
Plain Text: original message to be communicated between sender and receiver (Hera, 2021).
Cipher Text: encoded format of the original message that cannot be understood by humans.
Encryption (or Enciphering): the conversion of plain text to cipher text (Hera, 2021).Decryption (or Deciphering): the conversion of cipher text to plain text, i.e., reverse of encryption (Hera, 2021).
The Symmetric Cipher Model:
A symmetric cipher model is composed of five essential parts:
1. Plain Text (x): This is the original data/message that is to be communicated to the receiver by the sender (Hera, 2021). It is one of the inputs to the encryption algorithm (Hera, 2021).2. Secret Key (k): It is a value/string/textfile used by the encryption and decryption algorithm to encode and decode the plain text to cipher text and vice-versa respectively (Hera, 2021). It is independent of the encryption algorithm. It governs all the conversions in plain text (Hera, 2021). All the substitutions and transformations done depend on the secret key (Hera, 2021).
3. Encryption Algorithm (E): It takes the plain text and the secret key as inputs and produces Cipher Text as output (Hera, 2021). It implies several techniques such as substitutions and transformations on the plain text using the secret key (Hera, 2021).
E(x, k) = y
4. Cipher Text (y): It is the formatted form of the plain text (x) which is unreadable for humans, hence providing encryption during the transmission (Hera, 2021). It is completely dependent upon the secret key provided to the encryption algorithm (Hera, 2021). Each unique secret key produces a unique cipher text (Hera, 2021).
5. Decryption Algorithm (D): It performs reversal of the encryption algorithm at the recipient’s side (Hera, 2021). It also takes the secret key as input and decodes the cipher text received from the sender based on the secret key. It produces plain text as output (Hera, 2021).
D(y, k) = x
References:
Hera, A (2021) https://www.geeksforgeeks.org/symmetric-cipher-model/
Marcena,
I would like to apply for this role. What is the most important piece of your job description that you would like for a candidate to possess?
God Bless,
Kevin
Hey Kelly,
Excellent job. I feel like applying for a job. Your description is darn near perfect. I just need the pay to be 250k annually, please.
Best regards,
Kevin
IST3100 Information Systems Security Officer
Week Two
Lesson 6 DiscussionWhat Is Records Management? Well, this week we have learned that records management (RM), also known as records and information management (RIM), is an organizational function responsible for the creation and maintenance of a system to deal with records throughout a company’s lifecycle (Weller, 2017). RM includes everything from the creation of a record to its disposal (Weller, 2017). Essentially, it comprises anything that is part of a business transaction (Weller, 2017).
Some people use the term information governance (IG) when talking about records management (Weller, 2017). IG is the management of information to support an organization’s present and future, keeping in mind the regulatory, legal, environmental, and operational requirements (Weller, 2017). It includes the structure, policies, procedures, and processes necessary to manage all the information stored within an organization (Weller, 2017).
What Makes Something a Record? We learned this week that a record is somewhat complicated (Weller, 2017). The International Organization for Standardization (ISO) is an independent, non-governmental international organization that develops international standards to be implemented globally throughout its 162 national standards bodies (Weller, 2017). The ISO 15489-1:2001 defines records as “information created, received, and maintained as evidence and information by an organization or person, in pursuance of legal obligations or in the transaction of business” (Weller, 2017). ISO 15489 is divided into two parts: concepts and principles, and guidelines (Weller, 2017). Together, the two parts provide an outline for a comprehensive records management program (Weller, 2017).
Essentially, a record is content that documents a business transaction (Weller, 2017). A record usually does not include drafts, duplicates, or convenience copies of documents (Weller, 2017). For example, a final response to a proposal is a record, but the drafts, comments about the drafts, and correspondence about the proposal might not be (Weller, 2017). Personnel files are records, as are social media posts and instant messages (therefore, records management does not just involve paper documents)(Weller, 2017). According to The Global Trade Association for Information Management Companies (PRISM), courts consider all of the following to be records: doodles on a paper napkin, core samples from oil exploration, a pipe with a part number on it, and sections of frozen tissue samples (Weller, 2017).
A record serves as evidence of an event. Therefore, you can often take a record into a court of law to prove authenticity, reliability, integrity, and usability (Weller, 2017). Records can provide necessary documentation for an audit, court case, or other official uses (Weller, 2017).
A record can also be anything that includes personally identifiable information (PII) (Weller, 2017). Companies that are in the financial services, health, government, or legal sectors must be particularly aware of this kind of record (Weller, 2017).
God Bless,
Kevin
References:
Weller, J. (2017) https://www.smartsheet.com/record-management
IST3100 Information Systems Security Officer
Week One
Discussion #4
Kevin MehokHow is access to IT systems and data controlled? Well this week we have each learned that over time the ways in which IT systems can be accessed has grown, and the job of securing those system and their data has become increasingly more complex (Precisely, 2023). High-profile breaches have spawned a host of compliance regulations that further expanded the ways and thus the complexities in which organizations needed to secure their systems and protect sensitive data (Precisely, 2023).
Access control systems perform identification authentication and authorization of users and entities by:
Strengthening logon security through multi-factor authentication
Restricting user privilege through elevated authority management solutions
Granting requests for access to systems and data based on the identity of the user and the context of the request (Precisely, 2023).
A complete system access control solution requires a layered defense to protect access control systems (Precisely, 2023).How is system access control performed? Well, once again, we have learned this week that a system access control solutions determine how users are allowed to interact with specific systems and resources (Precisely, 2023). A robust system access control regime gives an organization the ability to manage, restrict, and monitor user activity while protecting sensitive systems and data (Precisely, 2023).
God Bless,
Kevin
References:
IST3100 Information Systems Security Officer
Authentication Discussion
Kevin MehokAuthentication is the process of determining whether someone or something is, in fact, who or what it says it is (Shacklett, 2023). What I have learned this week is that authentication technology provides access control for systems by checking to see if a user’s credentials match the credentials in a database of authorized users or in a data authentication server (Shacklett, 2023). The importance in doing this is that authentication assures secure systems, secure processes and enterprise information security (Shacklett, 2023).
There are several authentication types. For purposes of user identity, users are typically identified with a user ID, and authentication occurs when the user provides credentials such as a password that matches their user ID (Shacklett, 2023). In the practice of requiring a user ID and password is known as single-factor authentication (SFA) (Shacklett, 2023). In recent years, companies have strengthened authentication by asking for additional authentication factors, such as a unique code that is provided to a user over a mobile device when a sign-on is attempted or a biometric signature, like a facial scan or thumbprint (Shacklett, 2023). Many of us are similar with this process just by being a smartphone user. This is known as two-factor authentication (2FA) (Shacklett, 2023).
Authentication factors can even go further than SFA, which requires a user ID and password, or 2FA, which requires a user ID, password and biometric signature (Schacklett, 2023). When three or more identity verification factors are used for authentication; for example, a user ID and password, biometric signature and perhaps a personal question the user must answer; it is called multifactor authentication (MFA) (Shacklett, 2023).
God Bless,
Kevin
References:
Shacklett, M. (2023) https://www.techtarget.com/searchsecurity/definition/authentication
