Article #1 post link: https://sites.wp.odu.edu/bgree041/2024/02/11/article-1-review/
Article #2 post link: https://sites.wp.odu.edu/bgree041/2024/04/04/article-two-review/
Career Paper post link: https://sites.wp.odu.edu/bgree041/2024/04/19/career-paper/
Module 1: Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas would appeal the most to you and which would appeal the least. #1
The NICE framework is a nationally recognized program designed to help employers focus their resources. I want to concentrate on Protect and Defend because I will be a business owner. I am interested in incident response. Incident response appeals to me, and I like the pressure of figuring out what happened on a network. Furthermore, I would need to understand malware analysis and cloud models. I would look to dive deeper into malware analysis later in my career once I figure out what my business offers. I am not interested in Technology R&D because I’m not too fond of prototyping capabilities. It’s just not a field I want.
Module 2: Explain how the principles of social science relate to cybersecurity #2
The principles of social science relate to cybersecurity because people ask, test, and check their answers. We ask questions about why people hack. Then, we test by seeing who is hacking and why they are hacking. Finally, we see if there are correlations. We still follow the scientific method in cybersecurity. We just ask different questions.
Furthermore, cybersecurity relates to social science principles with determinisms. Determinism states that preceding events influence actions. This relates to cybersecurity, which involves setting up firewalls, switches, or software. One mistake is over because it is only a matter of time before someone finds the bug and exploits it.
Module 3: Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches? Enter a paragraph in your journal. #3
Researchers can analyze data breaches to identify patterns and trends. By examining who is being targeted and what type of data is being stolen, they can gain insights into the attackers’ motives. For instance, during the COVID-19 pandemic, there was a significant increase in ransomware attacks due to the high number of people working from home. Furthermore, adding more users online increases the attack surface for cybercriminals. Researchers can also determine which types of attacks are most common in certain regions, which can help them provide more effective cybersecurity training. In short, analyzing data breaches can help improve cybersecurity practices and prevent future attacks.
Module 4: Review Maslow’s Hierarchy of Needs and explain how each level relates
to your experiences with technology. Give specific examples of how
your digital experiences relate to each level of need. #4
Let’s start at the bottom of the pyramid: physiological needs. This one does not apply to technology but applies to me as a person because everyone needs food and water to survive. Then, safety needs. This applies to technology because I want to feel safe using the web and logging onto a device. Next, I need belongingness and love. I have a lot of online friends. Without them, I would not game or research as much as I do now. They give me a reason to learn new things and help fix problems they may have on their computer. Second to last, Esteem needs. It applies to a lot of technology areas. When I play a game, I want to win, or when I am learning something new in a programming language, I want it to work. When it works, then I feel accomplished. Finally, self-actualization. Did I achieve my goal when programming? If I did, I would feel great and want to learn more, but if I fail, I would like to know why.
Module 5: Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7). Explain why you rank each motive the way you rank it. #5
One is for money because, without money, you can’t keep hacking—for example, nation-state hackers and groups. They would not want to operate without money because they are not making anything. Two, political because hackers want to send a message to the people. That can be from government to government or from individuals to companies. Third, revenge because the hackers are angry at someone and want them to pay or someone wronged them. Four, recognition. They want people to know their hacking name. Five are bored because hackers want a dopamine hit. They might just want to try and get in, and if they do, the person is happy—six, entertainment. The hackers may want to see the world burn and find it funny. Another reason is they might find joy in hacking people and watching them panic—seven, multiple reasons because people only need one reason to hack. However, I can see it being higher on the list, but it is too vague for me because there can be a lot of wiggle room.
Module 6: How can you spot fake websites? Compare three fake websites (don’t
access those sites, of course) to three real websites. What makes the fake websites fake? #6
One of the easiest ways to identify a fake website is by checking whether the website is HTTPS. For example, https://www.paypal.com/ has https in the URL. However, this method is not foolproof anymore, as most websites now have HTTPS. Another way to verify the genuineness of a website is by examining the link. For instance, if you bank with SoFi, and the link is SoFi-Banking-.com, you can be sure that the website is malicious or fake because the link is incorrect. However, they have websites with Celtic letters that look like the standard URL. Lastly, you can spot counterfeit websites by checking for spelling and grammar mistakes. The website I used is now taken down but it was a fake PayPal loging form. However, this method can be time-consuming, and it may not always work because of the use of AI in creating fake websites. Another example is https://lookup.icann.org/en. It can help users check the domain of a website.
Modulate 7: Explain how your memes relate to Human Systems Integration. Create a meme for your favorite three, explaining what is going on in the individual’s or individuals’
mind(s). #7
On the left the person is thinking about the meeting they’re in. Even though they are out and about. This goes for seniors developers because of the memes of them always out and about. Then the person on the left is acting like they are working but they are just scrolling through Instagram. My meme relates to human system integration because phones and wearable devices are becoming more integration every day through software
Module 8: After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity #8
The media makes it harder for non-security experts to understand hacking and makes the media makes it way more interesting. The media influences everything, and they can change how we perceive hackers and what happened. Furthermore, when they start throwing out terms that sound cool but have no meaning, it makes it harder for the non-secure person to understand what is happening on screen because when the person googles the term they used and finds nothing, it confuses them. Another thing the media can do is change public opinion about a hacker. They might be a white or gray hat hacker, and the media makes it seem like they are the worst person.
Module 9: Complete the Social Media Disorder scale. How did you score? What do you think about the items in the scale? Why do you think that different patterns are found across the world? #9
I scored a zero on the scale. Social media is a tool for me when I am bored and have finished my work or am taking a 10-minute break from my job. The items were good; however, I did not have a yes answer for any of them. Different patterns are found across the world because of people. Other countries have different media usage. We have the luxury of having access to the internet whenever we want compared to other countries that do not have access to the internet 24 hours a day.
Module 10 part 1: Read this and write a journal entry summarizing your response to the article on social cybersecurity https://www.armyupress.army.mil/Journals/Military-Review/English-Edition-Archives/MarApr-2019/117-Cybersecurity/b/ #10
A new subdomain of cybersecurity is social cybersecurity. It relates to hacking other humans instead of computers. In addition, it is “inherently multidisciplinary computational social science” (Social Cybersecurity an Emerging National Security Requirement, n.d.). Furthermore, information has become more decentralized, allowing threat actors to manipulate people’s ideas and viewpoints with TikTok and other social media, allowing information to flow quickly and effectively to the target audience. Users must understand that the next war will be fought with technology more than ground forces. The article also brings forth bots to make the information more believable and compelling to users.
Module 10 part 2: Watch this video. As you watch the video https://www.youtube.com/watch v=iYtmuHbhmS0, think about how the description of the cybersecurity analyst job relates to social behaviors. Write a paragraph describing social themes that arise in the presentation. #11
A cybersecurity analyst must have a good network of people, good communication skills, and constantly want to learn and improve. To improve in a cybersecurity analyst role, you have to be willing to learn topics like cloud or system administration. She also mentions that anyone with certifications and real-world experience can get a job in cybersecurity. CompTIA Security+ or AWS certifications will open doors for a cybersecurity analyst. Furthermore, she mentions the graveyard shift as another way to get into a cybersecurity analyst position because fewer people want to work that shift. A graveyard shift can get your foot into the door, allowing you to move into a better position later once you get in its way, making it easier to find other jobs.
Read this https://dojmt.gov/wp-content/uploads/Glasswasherparts.com_.pdf and describe how two different economics theories and two different social sciences theories relate to the letter. #12
Liability is one economic theory related to the Glass Washer Parts breach letter. “Commission adopted final rules that will require public companies to disclose both material cybersecurity incidents they experience and, on an annual basis, material information regarding their cybersecurity risk management, strategy, and governance” (SEC.gov | Cybersecurity Disclosure [*], n.d.). Glass Washer Parts reported the breach because of the legal requirements. Another theory that could apply is rational choice. They did not state the names of the companies that were breached. However, they did state it was a third-party organization. One social science theory that could apply is parsimony. The way they disclosed the breach was straightforward. Another social science theory is determinism because it states that preceding events influence behavior. How does it apply to the Glass Washer Parts data breach, which frames the incident as a result of specific causal factors leading to a predetermined outcome? In this case, it used an unsecured third party with a lot of unsecured Personal Identifiable Information (PII) on their business partners.
References
SEC.gov | Cybersecurity Disclosure [*]. (n.d.). Www.sec.gov. https://www.sec.gov/news/statement/gerding-cybersecurity-disclosure-20231214#:~:text=In%20July%20of%20this%20year
A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company’s cyber infrastructure. To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using their penetration testing skills. The policies relate to economics in that they are based on cost/benefits principles. Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true and write a summary reaction to the use of the policies in your journal. Focus primarily on the literature review and the discussion of the findings. #13
The study on bug bounty programs provides new insights into cybersecurity. By leveraging large datasets, it can remove some bias in the findings. However, hackers play an active role in bug bounty programs and have high economic elasticity, which means that some bounties are more or less. These uses depend on how severe the bug was. Some hackers have a monetary incentive, and others do not. There are also untraditional motives like bragging rights and reputation they can build.
Another thing is that having vulnerable code will be a massive liability for companies, which means that helping small to large companies can receive a reward. However, the most significant rewards are usually paid out by large companies. Furthermore, small companies may not have a bug bounty system, but disclosing the vulnerability can help a hacker’s reputation.
Andriy Slynchuk has described eleven things Internet users do that may be illegal. Review what the author says and write a paragraph describing the five most serious violations and why you think those offenses are serious. #14
Using Other People’s Internet Networks. When someone else is using your internet and they do something illegal you will be question first and maybe even charged before they find out who actually did it.
Illegal Searches on the Internet. This one depends because different countries have different laws on what is illegal to search on the internet. However, if it is really bad than it the worse one on the list. There is very nasty things on the internet.
Bullying and Trolling. Its not ok to bully someone on the internet because people take their lives. That is a huge issue and a very sad one too.
Using Copyrighted Images. You should always sight your sources. When you don’t you take away the revenue or authors work. They could have spent years searching for one photo and you just stole it.
Using Unofficial Streaming Services. The creators deserved to get paid for their work like you do. Stealing their work and listening for free causes the artist to lose money and even their livelihood if its bad enough.
Digital Forensics | Davin Teo | TEDxHongKongSalon – YouTube Watch this video and think about how the career of digital forensics investigators relate to the social sciences. Write a journal entry describing what you think about the speaker’s pathway to his career #15
His career field is fascinating. I like how he explained everything and made it simple to understand. It can relate in many ways to social sciences because of Determinism or Reinforcement Sensitivity Theory (RST). Determinism because he worked as an accountant. Then, there is RST because there are rewards for collecting and breaking into different machines. His career is exciting because it’s needed to discover what happens on a network. It is also like he is a spy. Watching what you do and figuring out what happened. It also takes time and skill, as the speaker stated.
5 Photos and 1 Video Related to Cybersecurity Social Science
https://www.youtube.com/watch?v=8CiNx4nNqQ0
