Journal Entry 1

Out of the 7 work role categories, the ones that seem the most fitting with what I would want to focus my career on are Oversight and Governance (OG), Implementation and Operation (IO), Protection and Defense (PD), Investigation (IN), and Cyberspace effects (CE). The other 2 that wouldn’t appeal to me all that great is Cyberspace Intelligence (CI) because I feel that it’s mostly focused on analyzing certain information and implementing that information to other environments or networks that wouldn’t be interesting to me. The other one is Design and Development (DD) because I feel that it would take a lot of energy and brain power to keep up with the new issues and develop and test certain concepts or functions for new problems that arise because of the ever-evolving world of Cybersecurity. The other 5 that I picked out seem most appealing and interesting to me because they all seem like the type of work I’d like to do and actually stay interested in just by reading them. 

Journal Entry 2

There are multiple scientific principles that relate to cybersecurity including relativism, which acknowledges that security measures must adapt to various contexts and threats. Objectivity ensures that cybersecurity professionals assess threats and solutions based on unbiased evidence. Parsimony encourages finding the simplest yet most effective solutions to complex security issues. Empiricism involves using data and evidence to guide security strategies and responses. Skepticism is crucial in constantly questioning and testing systems to uncover potential vulnerabilities in the ever-evolving world of cybersecurity. Ethical neutrality reminds experts to analyze threats without personal bias, while determinism implies that every cyber event has specific causes, which can help identify the root cause of breaches and prevent future incidents. 

Journal Entry 3

Academic experts have the opportunity to explore incidents of information security breaches through this platform by delving into the variations in state regulations regarding notifying individuals of breaches. They can analyze elements, like what counts as personal identifying information (PII) the events that prompt notifications to be sent out, and which organizations are included in each state’s regulations. By studying these factors closely researchers can recognize trends in the safeguards provided across states and evaluate how well these laws protect consumer privacy. Researchers may also explore how notification delays or exceptions affect the situation and assess enforcement methods such, as having a right of action in place to enforce regulations effectively. This examination can offer insights into the ways legal frameworks impact the management of data breaches and consumer protection results. 

Journal Entry 4

Maslow’s Hierarchy of Needs applies to many life experiences, but there are multiple examples when looking at it from a technological perspective. At the physiological level, technology supports basic survival needs like food delivery apps and healthcare information. For safety needs, I can relate to this level based on the fact that I have security systems on my computer, passwords, and two-factor authentication like Duo mobile or face recognition. For belongingness and love needs, I have social media apps, messaging apps, YouTube, and more. For esteem needs, this can personally relate to me for things like YouTube videos I post or my photography account and getting recognition and likes for these. Self-actualization can be related to the apps and websites that I use like Duolingo, canvas, quizlet, Photoshop, and any other apps that I have that are related to learning and developing new skills like fitness apps. 

Journal Entry 5

Doing it for money would be #1. Financial gain is a clear and straightforward motive, making it the most logical driver for cybercrime, as highlighted by how cybercriminals spend their earnings. I would rank Multiple Reasons at #2. Many hackers have a mix of motivations (money, recognition, politics), which aligns with real-life complexity and adds a layer of practicality to their actions. Recognition is going to have to be at #3. The desire to be acknowledged, as seen in the DDoS attacks for status, is a strong motive, especially in a digital world where online fame is highly valued. Political is #4. Hacktivism stems from a desire for social or political change. While it’s often seen as noble, it can also lead to significant damage, making it less rational than personal gain. Revenge is placed for #5. Revenge-driven motives, like revenge porn, are often fueled by emotional responses and are harmful, and is something that we don’t see a lot, but does frequently happen. Entertainment is set for #6. Hacking for fun can seem juvenile and lacks depth as a motivation, ranking lower due to its superficiality. The last one #7, is Boredom. Hacking out of boredom shows a complete disregard for the consequences, making it the least sensible of the motives.

Journal Entry 6

Finding these 3 emails on my personal account, I noticed that I usually get these about once every
week or so. Between the 3 of these, they all send calendar files and reminders on things that I don’t
involve myself with like crypto. They try to use these emails to scam people into crypto projects or
see if they have a balance and end up stealing their information or downloading viruses and
malware. They use this phishing process to scam people who may trust these types of emails.
Matching the 3 of these, we can see how the emails, descriptions, and files can seem suspicious in
how we view these. None of the information shown is real and is all a front to either stolen
information or malware. file:///C:/Users/gta4t/Downloads/annotated-Journal%2520Entry%25206%20(1).pdf

Journal Entry 7

1. This meme taps into the thrill individuals experience when they get surprise
   rewards and how this can make them disregard security threats like phishing
   scams. Shedding light on how people react based on emotions, rather than
   judgment. A significant aspect of cybersecurity that revolves around humans is
   educating users to exercise caution before clicking on links.
2. The 2nd meme highlights the risks of using devices in public without considering
   physical security risks like shoulder-surfing. Human-centered cybersecurity
   emphasizes the importance of awareness of physical surroundings and how
   human behavior often overlooks these vulnerabilities.
3. The final meme points out the risk of using public Wi-Fi. This free feature of most
   public spaces can make data vulnerable to interception. It taps into the human-centered cybersecurity perspective by focusing on a common behavior; using
   free Wi-Fi without security measures. Using secure networks or a VPN is
   important when handling sensitive information in public spaces. file:///C:/Users/gta4t/Downloads/annotated-Journal%2520Entry%25207.docx.pdf

Journal Entry 8

After watching Keren Elazari judge different scenarios from the movies, we can really tell how they dramatize the actual roles of security in the cyber field. Hearing it from an actual expert made me realize how exaggerated these scenes actually are. The films and other things that social media seems to post about the understanding of cybersecurity can be realistic at moments, but what it fails to show is how long it takes to breach into something. As some examples show the reality of what goes into the hacking process, we can see how taking pictures and analyzing them plays into the process of what actually happens. Although media influences can sometimes raise awareness of cybersecurity and display actual techniques and devices, they mostly seem to focus on the dramatic aspects that don’t really happen, rather than providing real-life examples and technical features. 

Journal Entry 9

I scored a 4/9 so I did not meet the criteria for a disordered social media user. The items in the scale that are used for determining the behavioral and emotional aspects, were great questions that actually brought a realization for me to get rid of these bad habits. It’s almost like it’s related to substance disorders as it focuses on how dependent you are on social media and how it can affect you and the relationships of people around you. I feel like different patterns found across the world could be a few different causes like cultural, economic, social lives, or any other factors related to this. People use social media to connect with family from far away or for business use because of the limited in-person connections. Global variations in mental health can bring awareness and access to social media or even general online education can shape how individuals use and be affected by social media. 

Journal Entry 10

The article emphasizes the importance of cybersecurity, within national security concerns by examining how cyber-mediated influence affects behavior and societal frameworks. It distinguishes itself from traditional cybersecurity practices by delving into the manipulation of public opinion and the creation of social divides through information warfare, unlike traditional approaches in this field. With countries like Russia using disinformation to disrupt other nations, social cybersecurity seeks to combat these tactics using a blend of sociology, psychology, and cutting-edge computational technologies. The emergence of “cognitive hacking”, and the concept of the “information blitzkrieg”, really shows the importance of creating plans to protect communities from manipulation. We must understand these trends to enable political figures to secure safety in a rapidly evolving information environment.

Journal Entry 11

The video on the cybersecurity analyst role showed several social themes related to the intersection of technology and human behavior. The job’s roles emphasize the importance of vigilance in the face of persistent threats, highlighting how social engineering tactics exploit human psychology, such as phishing attacks. This necessitates not only technical skills but also strong interpersonal communication for user training and awareness programs, creating a culture of security within organizations. Additionally, the discussion of networking highlights the significance of relationships in career advancement. Building a professional network is crucial, particularly in an evolving field like cybersecurity, where collaboration can lead to better threat detection and response strategies. The diversity in job titles and responsibilities showed the diversity of roles, reflecting how the cybersecurity landscape adapts to social and technological changes, making adaptability an important trait for success in this field.

Journal Entry 12

This data breach notification connects to two economic and two social science theories. Classical Economic Theory emphasizes minimal intervention, yet the company’s reliance on a third-party provider’s security led to customer risks, illustrating the potential downsides of limited oversight in such partnerships. Marxian Economic Theory focuses on power imbalances and exploitation; here, customers bear the consequences of the breach without direct fault, highlighting inequality in control and accountability between the company and consumers. From a social sciences perspective, Behavioral Theories suggest that breach notifications can impact consumer behaviors, possibly reducing repeat purchases if customers perceive the company as unreliable. Lastly, Neutralization Theory examines how the company’s letter subtly shifts blame to the third-party provider, perhaps attempting to reduce its perceived accountability, which may shape customer reactions and perceptions of responsibility.

Journal Entry 13

The article addresses the importance of bug bounty policies for companies, highlighting both theoretical and practical benefits. The literature review shows a strong rationale for these programs, emphasizing how freelance ethical hackers help uncover vulnerabilities that internal teams might miss. The shortage of cybersecurity professionals is critical, particularly for smaller companies, which benefit from bug bounties by accessing talent they might otherwise lack. Findings indicate that hackers are generally price-insensitive, making bug bounties viable for companies with limited budgets. Surprisingly, factors like company size or brand profile do not significantly affect the number of reports received, underscoring that smaller companies can effectively utilize these programs. However, limitations in the data suggest that further research is needed to fully understand the dynamics and effectiveness of bug bounty policies in enhancing cybersecurity.

Journal Entry 14

Five serious breaches of internet regulations that were pointed out in the article are: utilizing streaming platforms, downloading copyrighted content, disclosing personal details of others without permission, assuming false identities online, and gathering data about minors under the age of 13. These transgressions are significant as they can negatively impact content creators and individuals alike, resulting in identity theft occurrences and violating privacy rights. Streaming and torrenting activities violate copyright laws, leading to losses for content creators. Disclosing information or falsifying identities jeopardizes privacy and security with malicious intentions. Gathering details, about children without permission puts them at risk of being taken advantage of and mistreated, leading to both repercussions and serious damage, to people and communities. 

Journal Entry 15

The speaker’s journey into the field of digital forensics illustrates a fascinating intersection of passion, opportunity, and social science applications. Initially an accountant, he transitioned into digital forensics by leveraging his interest in technology and his IT experience. What stands out is how his career path was shaped not by formal education in the field, but by curiosity and seizing opportunities, like joining Australia’s first digital forensics team. Digital forensics relies heavily on social sciences, as it involves understanding human behavior, organizational dynamics, and ethical considerations in investigations. The speaker highlighted how discreetly gathering evidence protects individuals’ privacy and organizational trust, showcasing how the field integrates technical expertise with social principles. His pathway demonstrates that careers are often nonlinear, with skills from one domain enriching success in another, reminding me that adaptability and curiosity are crucial for a fulfilling career.