Week 1
Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas are most appealing to you and which are least appealing.
Workforce Framework for Cybersecurity (NICE Framework) | NICCS (cisa.gov)
The NICE Workforce Framework breaks cybersecurity into seven categories, each with unique roles. I’m most interested in the Protect and Defend and Investigate areas because they focus on hands-on work like detecting threats, responding to incidents, and performing digital forensics. I enjoy problem-solving and working directly with technology, so these roles feel exciting and challenging. On the other hand, the Oversee and Govern category is less appealing to me since it focuses more on compliance, policy, and management rather than technical work. While those roles are important, I prefer being on the front lines, actively identifying and responding to cybersecurity threats.
Week 2
How does the principle of empiricism enhance the effectiveness of cybersecurity practices?
Reflect on how empirical data collection and analysis can help identify emerging threats, assess the effectiveness of current security measures, and guide the development of new strategies to protect information systems.
Empiricism makes cybersecurity more effective because it focuses on real evidence instead of assumptions. By collecting and analyzing data, security teams can spot patterns like unusual network traffic or suspicious login attempts that may point to new threats. Looking at this data also helps organizations see whether their current defenses are working—for example, how quickly they respond to incidents or how often vulnerabilities are being exploited. These insights take the guesswork out of decision-making and encourage constant improvement. By learning from past attacks and tracking ongoing trends, teams can build smarter, more practical strategies to protect information systems. In short, empiricism keeps cybersecurity grounded in reality and adaptable to changing risks.
Week 3
Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches and forecast future data breach trends?
I visited PrivacyRights.org and explored the Data Breach Chronology, a powerful database compiling more than 75,000 publicly reported breach notifications across the U.S. since 2005. It offers rich detail, such as breach types (e.g., hacking, portable device loss), the kind of organizations affected (healthcare, financial services, education), the data exposed, when breaches occurred, and when they were reported. By converting fragmented government notifications into a standardized, searchable format, this resource empowers researchers to unravel patterns: temporal shifts in breach frequency, differences across sectors, reporting delays, and even the scale of individual breaches. Scholars could use this data to model trends like the prevailing dominance of hacking or rising incidents in healthcare, forecasting future risks, evaluating regulatory impact, or detecting emerging vulnerabilities. In short, the Data Breach Chronology turns scattered public disclosures into a consistent lens for understanding and anticipating threats, one that can inform strategic planning, policy development, and stronger privacy safeguards.
Week 4
Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology.
Give specific examples of how your digital experiences relate to each level of need.
Maslow’s Hierarchy of Needs really shows up in how I use technology every day. At the most basic level, my physiological needs are covered just by having electricity, Wi-Fi, and a working phone or laptop. For safety, I rely on things like two-factor authentication, strong passwords, and antivirus software to keep my information secure. My sense of belonging is met through group chats, social media, and online communities where I can stay close to friends and family. Esteem needs shows up when I earn online certifications or post accomplishments on LinkedIn, boosting my confidence. Finally, self-actualization happens when I use technology to learn new cybersecurity skills and push myself toward my career goals.
Week 5
Review the articles linked with each individual motive in slide/page #3. Rank the motives from 1 to 8 as the motives that you think make the most sense (being 1) to the least sense (being 8). Explain why you rank each motive the way you rank it.
After reviewing the articles on individual motives for cybercrime, I ranked money first because financial gain is one of the clearest and most common drivers of hacking activity. The examples from HP and BitMart show how hackers can quickly profit from illegal actions, which makes this motive especially powerful. I placed political motives second, since hacktivist groups often coordinate large-scale attacks to advance ideological goals, which can be just as motivating as money. I ranked revenge third because emotional retaliation is a strong and personal motivator, particularly in cases like revenge porn. Recognition came fourth, as some hackers seek prestige or validation from peers or even from organizations they breach. Curiosity was fifth because many young or new hackers act simply to see if they can. Entertainment and boredom followed, since these seem less intentional than financial or ideological reasons. Finally, I ranked multiple reasons last because it represents a mix of motives rather than a single clear driver, making it weaker as a standalone explanation.
Week 6
Can you spot three fake websites? [Refer Online Security Blogs, Public Awareness Sites, Academic Resources etc., and cite the source].
Compare the three fake websites to three real websites and highlight the features and similarities that identify each fake website as fraudulent.
Several well-documented fake websites demonstrate how fraudsters exploit trust online. For example, spoofed FBI complaint portals like icc3[.]live and ic3a[.]com mimic the legitimate FBI Internet Crime Complaint Center (ic3.gov), while ABCnews.com.co posed as the real ABCNews.com and National Report published fabricated news under the guise of a legitimate outlet. These fraudulent sites typically use deceptive domains, such as slight alterations or unfamiliar extensions, to appear authentic. They also copy the design, branding, and text of legitimate sites but may request sensitive personal information or payments, which genuine sites such as ic3.gov, ABCNews.com, and Snopes.com never do. Another telltale sign is their short lifespan and lack of institutional history, in contrast to the longstanding credibility of official domains. Together, these comparisons highlight that checking URLs, domain history, and information requests are critical steps in distinguishing fake websites from real ones.
Week 7
Review the following photos through a human-centered cybersecurity framework. Create a meme for your favorite three, explaining what is going on in the individual’s or individuals’ mind(s).
Photo 1: Person using a VPN, most likely in a public place
Meme: “When you’re working at a café and forget that ‘free Wi-Fi’ also means free data for hackers.”
Explanation (Human-Centered Cybersecurity):
This meme highlights a common behavior where convenience trumps caution. The individual’s mindset is likely: “I just need to check a few emails — it’ll be fine.”
Human-centered cybersecurity examines how usability, environment, and human motivation (like convenience and productivity) influence security choices. Public Wi-Fi often feels harmless, but users underestimate the risks of unsecured networks. Designing more intuitive security prompts or automatic VPN connections could help align user goals with safer behavior.
Photo 2: A group of people jumping mid-air
Meme: “When you post your vacation pics in real-time… and your burglar says, ‘Perfect, they’re not home.’”
Explanation (Human-Centered Cybersecurity):
This represents oversharing on social media, a major privacy and security issue rooted in human emotion and social validation.
The people in the photo are likely thinking: “This is fun! Let’s share it now!” rather than, “This might reveal my location.”
Human-centered cybersecurity stresses understanding these psychological motivations. Rather than shaming users, systems and policies should encourage safer sharing practices, such as delayed posting options or reminders about location tagging risks.
Photo 3: Male programmer with multiple monitors
Meme: “Thinks he’s building the next big security app… forgets to lock his screen when he goes for coffee.”
Explanation (Human-Centered Cybersecurity):
Even cybersecurity professionals are human. The individual’s mindset might be: “I’ll be right back, no one will touch it.”
This meme shows how even experts are prone to human lapses like overconfidence, time pressure, or habit, all of which affect real-world security posture. Human-centered cybersecurity acknowledges that secure systems must accommodate human error through design, for example, auto-lock features, reminders, or physical security training that fits into workflow habits.
Week 8
Watch this video and pay attention to the way that movies distort hackers.Scientists Rate 65 Scenes from Movies and TV | How Real Is It? | Insider – YouTube Links to an external site.https://www.youtube.com/embed/_ojA5OqOKYo?autoplay=1&rel=0&hl=en_US&fs=1
After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity.
After watching “Scientists Rate 65 Scenes from Movies and TV | How Real Is It?” I realized how much movies and TV have influenced the way people imagine hacking and cybersecurity. In most films, hackers are shown typing super fast on glowing screens, breaking into systems in seconds while lines of green code fly across the monitor. It looks exciting and dangerous, but it’s not really how cybersecurity works in real life.
The experts in the video explained that real hacking is usually slower, more strategic, and often involves people more than code. I think that’s what really stood out to me, how the media makes hacking seem like this mysterious, movie-style battle between geniuses, when in reality, it’s often about human mistakes, weak passwords, or someone clicking the wrong link. I am a victim of believing the glamorization of cybersecurity.
Because of those movie stereotypes, many people underestimate the simple things that keep them safe online. They might think cybersecurity is only for “tech experts” instead of something everyone should care about. The media kind of makes it feel distant and unrealistic, so people don’t take smaller security habits seriously.
I think if movies showed cybersecurity as more human, with teamwork, problem-solving, and even small daily choices, it could help people understand it better. Watching the video really changed how I see those scenes now. Instead of thinking, “That’s so cool,” I now think, “Wow, that’s not how it works at all.”