Many industrial processes have been automated with Operational Technology (OT) like computational tools, systems, and networks. However, this autonomy comes with vulnerabilities that must be addressed to prevent an attacker from wreaking havoc on an organization's assets. The attached entry will discuss some operational technologies used in industrial processes, their vulnerabilities, and the implementation of Supervisory Control and Data Acquisition (SCADA) systems to miti

We introduce the Quality Organization Profile (QOP) policy, a security policy designed to cover the bases for a secure Information Technology (IT) environment. While there are no perfect solutions to securing IT networks, the QOP policy offers guidance and methods to align with the National Institute of Standards and Technology’s (NIST) conventions and prevent security breaches. This paper will leverage security issues such as risk analysis and control selection to drive th

In March 2019 , the widely known United States Financial Corporation, Capital One , suffered a data breach whose impact made it one of the worst recorded breaches of its time. The attack resulted in federal investigations, financial losses, and a reevaluation of technical standards in place. The attached paper discusses the vulnerabilities that led to the breach, the exploitations used in the attack, the different outcomes of the event, and possible prevention and mitigation