W8-2/3 How I Will Apply My New Skills (8/14)
With my new calmness and
appreciation of prioritization I will be far more efficient with my work in
general as I will be able to make sounder strategic decisions. Past that, I
think cyber security has many applications outside of cyber security specific
jobs. Since I will be starting my radio job again soon. I am considering
setting up alarms on the system and some other changes to keep people from
playing music that breaks FCC regulations. I’ll probably write a script that
blocks any songs that have “explicit” mentioned in any of their categories and
writes down when the attempt was made. That way we can follow up with those DJs
(according to the radio show scheduling) and make sure they understand the
college’s rules on content (we technically do not have to follow FCC standards,
legally speaking, for the moment but we do follow them in order to avoid
playing offensive music). I’m also considering possibly using a data analytics
software (maybe Splunk) to help do data reports. I could possibly use wireshark
or something similar to watch the traffic on the studio pc. I don’t expect
there to be any of weird traffic, but it’s better to be safe than sorry. I
could simply setup some alarms to watch for traffic on at-risk ports (e.g. FTP
ports 20 & 21/tcp) and watch signs of attrition (e.g. multiple “fumbles”
and multiple logins).
I could also apply some of
the knowledge I picked up from learning about site security assessments and
CER/CIR (from the NIST 800-61) to improve the security of the studio. We have
had issues in the past with vandalism which I think is caused by lack of a means
to prove who is accountable (in some cases) and training (emails are sent out,
but I think a lot of people ignore them). I think if we gave more in-depth
explanation of the soundboard and its cords, the culprits would stop trying to
rewire the sound board. I think a lot of times they are having sound issues and
are assuming that it is the wiring configuration causing it, when in fact it is
commonly due to improper management of sound settings. Especially when music is
played over something from outside our music library (e.g. aux cord or
spotify). When this occurs the soundboard usually is at the mercy of the other
device or site and its settings only affect the settings of said other device
or site (i.e. if a site is muted yet the sound board settings are maxed out
then the sound board will still be silent over the air).
I think as long as there are
cyber activities going on in a business there will be application for cyber
security skills. Then even in cases where there is no cyber activity, security can
still be improved by transposing one’s knowledge of cyber security unto more
general security. A lot of the policies and “philosophies” of the security
world can be good to try to avoid loss, since so many security policies are
about mitigating damage and doing all that one can to avoid/prevent failure
from occurring.
Comments
Post a Comment