W8-2/3 How I Will Apply My New Skills (8/14)


With my new calmness and appreciation of prioritization I will be far more efficient with my work in general as I will be able to make sounder strategic decisions. Past that, I think cyber security has many applications outside of cyber security specific jobs. Since I will be starting my radio job again soon. I am considering setting up alarms on the system and some other changes to keep people from playing music that breaks FCC regulations. I’ll probably write a script that blocks any songs that have “explicit” mentioned in any of their categories and writes down when the attempt was made. That way we can follow up with those DJs (according to the radio show scheduling) and make sure they understand the college’s rules on content (we technically do not have to follow FCC standards, legally speaking, for the moment but we do follow them in order to avoid playing offensive music). I’m also considering possibly using a data analytics software (maybe Splunk) to help do data reports. I could possibly use wireshark or something similar to watch the traffic on the studio pc. I don’t expect there to be any of weird traffic, but it’s better to be safe than sorry. I could simply setup some alarms to watch for traffic on at-risk ports (e.g. FTP ports 20 & 21/tcp) and watch signs of attrition (e.g. multiple “fumbles” and multiple logins).

I could also apply some of the knowledge I picked up from learning about site security assessments and CER/CIR (from the NIST 800-61) to improve the security of the studio. We have had issues in the past with vandalism which I think is caused by lack of a means to prove who is accountable (in some cases) and training (emails are sent out, but I think a lot of people ignore them). I think if we gave more in-depth explanation of the soundboard and its cords, the culprits would stop trying to rewire the sound board. I think a lot of times they are having sound issues and are assuming that it is the wiring configuration causing it, when in fact it is commonly due to improper management of sound settings. Especially when music is played over something from outside our music library (e.g. aux cord or spotify). When this occurs the soundboard usually is at the mercy of the other device or site and its settings only affect the settings of said other device or site (i.e. if a site is muted yet the sound board settings are maxed out then the sound board will still be silent over the air).

I think as long as there are cyber activities going on in a business there will be application for cyber security skills. Then even in cases where there is no cyber activity, security can still be improved by transposing one’s knowledge of cyber security unto more general security. A lot of the policies and “philosophies” of the security world can be good to try to avoid loss, since so many security policies are about mitigating damage and doing all that one can to avoid/prevent failure from occurring. 

Comments

Popular posts from this blog

W7-2/3 On Being Prepared & Further Recommendations (8/11)

W2-2/3 Network Mapping (7/5)

W1-2/3 Prioritization (6/27)