Journal Entry #1:
The areas that I wanted to focus my career on were Artificial Intelligence (AI) Security, Cloud Security, and Operating Systems (OS) Security. I chose these three areas because they are swiftly developing, highly impactful, and central points to the modern digital infrastructure. They all share a common purpose of securing both digital environments and technologies that support information technology, which requires technical capability, a dynamic approach to evolving threats, and mutual dependence on the principles of core security. In other words, these three areas are highly valuable because AI security is crucial for the future, Cloud Security is necessary for securing the core of the modern IT infrastructure, and OS Security provides both basic knowledge and broad suitability.

Journal Entry #2:
The principle of empiricism enhances the effectiveness of cybersecurity practices because it bases cybersecurity in the real-world, which makes security measures more responsive, effective, and resilient. For instance, when cybersecurity professionals both analyze and collect empirical data, they can anticipate early emerging threats, validate the current defenses based on actual performance, and innovate the security strategies informed by the real-world evidence rather than theories. In other words, since this scientific approach emphasizes knowledge that is gained through observation, experience, and data to enhance cybersecurity practices, it makes it highly necessary for a greatly evolving digital threat environment where unchanged theoretical methods fail.

Journal Entry #3:
Researchers use the information about privacy rights to better understand the causes and patterns of data breaches by inspecting what specific rights, such as the right to data reduction or data access are most often violated. This helps to highlight the areas of vulnerability. Researchers use this technique to build anticipating models, factoring in oversight effectiveness, industry practices, and user behavior to speculate both where and how future breaches might occur. It also helps to explain how well individuals both know and exercise their privacy rights offer insight about how user behavior leave an impact toward data security. In other words, researchers can analyze both past incidents and early warning signs for emerging threats.

Journal Entry #4:
In Maslow’s Hierarchy of Needs, each level relates to my experiences with technology. For instance, the level of psychological needs is the basic life in sustaining needs like food, water, and shelter. This relates to my experience with technology because I use food delivery services like DoorDash and Grubhub for easier accessibility for food, and a fitness tracker to help monitor my exercise and hydration routines. The level of safety needs refers to the protection of harm, and both personal and financial security. This relates to my experience with technology because I use two-factor authentication for my accounts for a safer digital experience to prevent interactions with any data breaches. The level of belongingness and love needs contributes to friendships, relationships, intimacy, and a sense of connection. This relates to my experience with technology because I use apps like Instagram and FaceTime to chat with friends and family to keep me emotionally connected. The level of esteem needs contributes to respect, self-esteem, achievement, and recognition. This relates to my experience with technology because I posted a YouTube video, and received several comments that were highly complimenting, which gave me a good sense of achievement. Finally, the level of self-actualization refers to achieving one’s full potential, creativity, and personal growth. This relates to my experience with technology because when I first learned how to make a video game back in middle school, it encouraged me to pursue that activity and choose to major in Game Design in college today.

Journal Entry #5:
My ranking for the motives that make the most sense to the least sense are for money (1), multiple reasons (2), political (3), recognition (4), curiosity (5), entertainment (6), boredom (7), and revenge (8). Money is first because it is the most common factor in human society and people need it for comfort, survival, power, and opportunity. Multiple reasons is second because human behavior is defined by multiple reasons, such as either money and recognition, or curiosity or boredom. Political is third because political motives are based on people’s beliefs about society, justice, freedom, and identity. Recognition is fourth because it explains everything from social media behavior to performance, competition, or the criminal acts that draw attention. Curiosity is fifth because it drives learning, exploration, invention, and sometimes trouble. Entertainment is sixth because people tend to act out based on their desire to amuse themselves, such as trolling, creating prank videos, and doing risky stunts. Boredom is seventh because it explains behavior, but lacks more of a purpose than a clear reason. Finally, revenge is eighth because it causes more harm than good, which makes less logical sense.

Journal Entry #6:
Based on the video, the human firewall refers to authorizing and training individuals to act as a forward-thinking defense against cyber threats by both recognizing and responding to social engineering and phishing attacks that avoid technical safeguards. This term contributes to the biggest risk of cyber threats because it acts as a necessary precaution towards these threats, particularly the exploitation of human trust and behavior. For instance, the cyber threats of risk that the video refers to are phishing, human error, and impersonation. For example, phishing refers to tricking individuals, particularly employees into clicking unsecured links or revealing credentials by deceptive emails. Impersonation refers to manipulating employees by impersonating a trusted authority, such as a CEO or IT staff, only to either gain access or steal data. Human error only occurs when individuals use weak passwords or improper setups. In other words, what I think about the human firewall is that it is a great aspect of cybersecurity because it helps to better recognize current or incoming threats whether it is through email, communication, or any other form of suspicious activity. It is also beneficial to help individuals improve their trust in the digital environment and become more active towards cyber threats.

Journal Entry #7:
The photos that I have chosen were photos #7, #14, and #18. For photo #7, the meme is, “My company’s cybersecurity strategy: ‘Just throw more hardware at it!’” For photo #14, the meme is, “Human-Centered Cybersecurity: Recognizing that the biggest firewall is informed people, not just blinking lights.” For photo #18, the meme is “Me: Trying to work securely from a coffee shop, while also needing to meet deadlines.” In other words, these memes highlight the disconnection between the solutions of both cybersecurity and human nature. For instance, the first meme represents a high-tech, but somewhat an inexperienced approach. The second meme shows both the individual struggle and risk that associate with the work habits of the real-world. Finally, the third meme introduces the idea of human-centered cybersecurity as the solution that emphasizes that people are fundamental to security.

Journal Entry #8:
After watching the video, I think that the media influences our understanding about cybersecurity in both a positive and negative way. For instance, it raises awareness by encouraging both individuals and businesses to approve safer online behaviors, such as using the two-factor authentication system. It influences the debate of both policy and the public because the media determines which cyber issues draw attention that impact the topic based on what the public and policymakers view as the most urgent. However in a negative way, it can spread some misinformation, such as social media raising false information about cyber threats, scams, or government-related issues. In other words, cybersecurity helps influence our understanding about its purpose because it informs us about threats, shapes the public behaviors, and frames how we perceive hackers and risks.

Journal Entry #9:
My score on the Social Media Disorder Scale (SMD) scale was a 2 out of 9. It’s considered a risky usage, but it isn’t generally too bad because it is still a lower score based on my usage. When thinking about the items in the scale, it is usually just a reflection towards how social media affects certain aspects of your life, such as personal relationships, daily functions, self-regulation, and other social connections. However, the patterns of this scale differ across the world due to the factors of culture, society, and technology. This means that social norms generally impact how much use of social media is considered too much, but some variations in both network access and platform status form actions and beliefs. In other words, this scale emphasizes that the problematic use of social media is both a psychological and cultural circumstance, which varies based on its impact towards societies.

Journal Entry #10:
This article’s purpose is to review the diverse techniques that are used to detect social cybersecurity threats to define both the current challenges and future directions for research in this rapidly evolving digital environment. The survey uses detection techniques that involve the use of discrete models, which focuses on both structural representations and logical relationships for threat analysis. This includes Attack Graphs, Markov Models, and Bayesian Networks, which all help in visualizing the potential attack paths and capturing the evolutionary trajectory of attacks. In other words, the survey of this article functions as a reliable resource for researchers by providing a structured framework of approaches and tools to help build a safer digital environment against threats that can potentially exploit both human and social weaknesses.

Journal Entry #11:
Even though cybersecurity is a technical field, it is entirely tied to human behavior. This is because its effectiveness not only depends on both systems and software, but also on the decisions, actions, and habits of people. For instance, cybersecurity analysts study the patterns of social behavior to design better digital safeguards when security breaches occur due to human error, such as clicking on phishing links and using weak passwords. They must discuss security risks to staff and promote a more security-based approach towards a mindset of digital safety, which requires empathy, persuasion, and an understanding of workplace conduct. Analysts must also understand the social behaviors of trust, fear, and curiosity to both predict and prevent attacks from hackers that use psychological or social ways to trick individuals into revealing information. In other words, social themes, such as trust and communication arise when examining this role because being a cybersecurity analyst applies to not only securing systems, but also individuals, particularly their actions, decisions, and relationships.

Journal Entry #12:
The first economic theory related to the sample data breach notification is the “information asymmetry” because it highlights the unbalance in the issue of knowledge between the company and its customers. The second economic theory related to the sample data breach notification is the “principal-agent theory” because based on this case of a data breach, the company could be held accountable for the demeanor of its agents, such as employees or contractors that manage the company’s data. However, the first psychological social science theory related to this sample data breach notification is the “trust theory” because both the data breach notification, and how a company handles the situation can directly influence customer trust. The second psychological social science theory related to this sample data breach notification is the “social identity theory” because customers’ acceptance or bond to a company can be affected when a breach occurs. In other words, a data breach notification is not just both a legal and operational requirement, but also a significant psychological and operational event that can affect both the company and its customers.

Journal Entry #13:
This article makes an important effort by treating bug bounty policies, particularly the bounty size, visibility, and response speed, all as economic measures that form the supply of risk reports. The way the authors use their approach of how they drafted bug bounty programs highlights that policies can influence participation, especially when hackers are price insensitive. It also emphasizes the insight that smaller companies can still interest high quality reports without offering massive payments. However, this article restricts policy to both financial and operational factors by overlooking the broader system of rules that manage hacker engagement, such as compliance safeguards, scope transparency, and communication practices. In other words, the article’s economic composition incorporates these policy elements to provide a more complete understanding of how bug bounty programs function in practice.

Journal Entry #14:
Based on Andriy Slynchuk’s perspective describing the eleven things that online users do illegally, the five most serious violations out of the eleven in my perspective are “collecting information about children,” “faking your identity online,” “sharing others’ passwords/addresses/photos,” “illegal searches on the internet,” and “recording a VoIP call without consent.” All five of the violations that I’ve mentioned are remarkably dangerous because of the harm that they can cause. For instance, collecting information about children, particularly those under age 13, violates protections like COPPA, and can expose them to both security breaches and online child sexual abuse. Faking your identity online, most commonly considered “fraud,” can enable either deception, manipulation, or even financial crime, all of which makes it a serious crime towards both individuals and society. Sharing someone’s passwords, addresses, or photos are all effective ways to expose their private information, which can most likely lead to harassment, stalking, and especially physical harm. Illegal searches on the internet are seriously alarming because they can provide bad people to carry out real-world crimes, such as seeking instructions to commit violent or illegal acts. Finally, recording VoIP calls without consent breaches privacy rights, and can violate the laws of electronic communications or wiretapping. In other words, each of these five violations all sabotage personal safety, trust, and legal protections, which is why I consider them to be the most serious.

Journal Entry #15:
After watching the video, it raised a few questions for me based on trust, accountability, and misinformation amplification. The first question is “If AI can perfectly imitate a person’s voice, appearance, and communication style, how can we establish trust in digital interactions, and what standards should define reliability?” This is because the ability to create convincing illusions compromises our reliance on visual evidence, which threatens the public trust of media, politics, and personal communication. The second question is “When AI systems are utilized to carry out criminal activities, such as both fraud and ransomware, who carries the responsibility for the harm caused, the user, the AI developer, or the system itself?” This is because the video highlights how easily AI can be manipulated to bypass the ethical guidelines, which suggests a major difference in the accountability structure. The third question is “Because AI models learn from data that can contain implicit biases, how can we prevent AI-powered systems from either reinforcing societal biases or enabling widespread disinformation?” This is because simulations of public figures demonstrate the potential for AI to cause both political disruption and social chaos. However, I think society should address these concerns by implementing digital watermarking, promoting human firewalls, and teaching verification practices. For instance, implementing digital watermarking is the first solution because it allows users to trace the history of media to verify that it came from a claimed media and hasn’t been changed. Promoting human firewalls is the second solution because society must prioritize cybersecurity awareness for the general public to make it engaging. Teaching verification practices is the third solution because establishing either non-digital codes or security questions for sensitive communication is highly recommended for protection against voice, financial, or personal scams.