I believe that one of the largest reasons for individuals not reporting cybercrime is the evident lack of prosecution and punishment. This can be directly seen with the enforcement rate of cybercrime. Of the reported cybercrime incidents, it is estimated that only 0.31% were enforced with the rule of law. However, the estimated rate of cybercrime incident reporting is around one in six, meaning that the effective estimate for cybercrime enforcement is closer to 0.05% (Eoyang et al., 2018). This makes nearly all cybercrime effectively decriminalized, if there is an almost zero chance of repercussions, then there is no point there fighting it. Another reason could be social impact, such as feeling shamed or less than for being victimized. This could be seen in certain instances, such as a social media account being taken over, having explicit images being used as leverage, or just general embarrassment from being victimized. One final reason for individuals not reporting cybercrime could be fear of backlash from the perpetrator, especially if something of importance or sensitivity is being used as leverage. Individuals may decide for themselves that involving the proper authorities is not worth the risk of tarnishing a person’s reputation and social standing. 

Eoyang, M., Peters, A., Mehta, I., & Gaskew, B. (2018). To Catch a Hacker: Toward a comprehensive strategy to identify, pursue, and punish malicious cyber actors. In Third Way (p. 7). https://thirdway.imgix.net/pdfs/override/To_Catch_A_Hacker_Report.pdf

The first research question that researchers may address is the impact and evolution of social engineering within cybersecurity spaces. With the increase of social engineering, there has been a noticeable shift in the public’s attitude towards unknown numbers, senders, or others alike. An environment of innate distrust in many spaces, especially in the digital landscape. This distrust has also leaked into other areas of public interest due to the ways in which social engineering is commonly performed, such as impersonation, phishing, and false authentication. Social engineering has also changed the cybersecurity landscape because you cannot have complete security without ensuring proper training for all individuals. Another possible research question is how the advancement of cybersecurity and the increased reliance on technology have changed how warfare is fought. Countries have long understood that crippling infrastructure is critical in stopping an adversary, with the advance of technology and cybersecurity they can now cripple infrastructure without risking their soldiers safety. Adversaries could bring down power grids, take down internet access, or even gain access to dams and their flow of water.  This has created an entire new field of warfare that all countries must participate in if they want a chance of succeeding. 

Reuben Paul has immersed himself fully within the cybersecurity culture by always staying up to date and participating in larger, community events such as conferences. He made the point in multiple ways that you are way more vulnerable than people realize. Public Wi-Fi, shoddy infrastructure, and poor design all make a cybercriminal’s job easier. Anonymity also plays a larger role because many people can find solace hiding behind a screen by allowing some so disconnect the direct line of action from the victim(s), which also plays into the cyberbullying that has exploded as technology has become more accessible. 

The human firewall is something that I have heard many times in many different ways. Human firewalls, the education and training of individuals about current cyber threats and ways to not be taken advantage of, are among the most important things. Individuals are much too easy to coax information out of with the right mix of anonymity, wording, and perceived authority. My current employer has bi-weekly information about phishing attempts that have been spotted and caught so that all employees are aware of anything new that may be going on. 

The two theories that explain cybercrime the most are the Psychodynamic theory and Behavioral Theory. The psychodynamic theory states that early experiences can influence behavior throughout life. These experiences tend to be more jarring or have noticeable long-term effects, such as being relentlessly cyberbullied or being exposed to adult materials at a much too young age. As someone who has had some more standout things happen in my childhood, I could understand how it could drive individuals in certain directions. The behavioral theories state that these behaviors or ideas are learned from those around us, such as family, school, peers, media, or well-known figures. If all individuals surrounding you were stating the same ideological things, you are bound to question if you are truly wrong because of not being in the in-group. 

Victim precipitation, which looks at what actions victims took that may have led to their victimization, can be seen in many ways within the cyber world. A victim’s actions of clicking phishing links, visiting unsecured websites, and downloading harmful files, believing they are good. Additionally, a victim within cyberspace does not need to be actively doing things to be engaging in victim precipitation. Victims of cyber-based victimization can passively precipitate through inaction, like not updating devices regularly or using old and outdated devices that were broken years ago.

One of the simplest and most effective ways to increase security with the human aspect of organizations is frequent, repeated security training. This can make an impactful difference due to a more cyber-aware workforce being less likely to be susceptible to otherwise without the training. Additionally, it is very cost-effective and not resource-heavy. A different method with phishing simulations can also be useful. In many workplaces now it is common to get regular emails from within the company poised as a phishing email and links. This can help provide more immediate results and work on the training more personally for those caught. One other way to reduce errors and improve security could be implementing least privilege access. Regularly going through the privileges of individuals and removing ones that are unnecessary can help improve security by limiting what those accounts are capable of. This creates an environment where if a security event were to happen and an account is compromised, it is more likely that the account does not have the privileges needed or wanted by an attacker. Other ways of improving the security could include strong password rules, multifactor authentication, and by creating a security policy that everyone can understand.

I believe that determinism and computer hacking go hand in hand. Some instances of determinism via hacking are easier to spot than others, such as foreign government(s) attacking their enemy via hacking groups or other means. The reasons for participating in such activities could vary widely, from political power to monetary gain/loss, or even payback. This reaction could additionally come from individuals who others or institutions have wronged.

Hello, my name is Aria Grant. I am a senior in cybersecurity coursework, and I plan to graduate at the end of the fall 2025 semester. Most of my classes throughout college have been online, as it is my preference. However, due to circumstances out of my control, I have not had the opportunity for an internship so far. I have used ePortfolio in the past, with my preference being WordPress (https://sites.wp.odu.edu/ariag201scyse/). My only goals after graduation are to get a job I enjoy and give my wife all she deserves.