Reflection essay

Brandon Reeder

IDS 493 – IDS Electronic Portfolio Project

Professor Tammy Sommer

Old Dominion University

March  7, 2025

During my time at Old Dominion University, I have had the opportunity to develop a wide range of skills related to my major, cybersecurity, and the career I hope to pursue. These skills include risk analysis, network security, and professional communication. By completing coursework and participating in hands-on assignments, I have gained the experience necessary to properly mitigate cybersecurity risks and understand the basic workings of network systems.Cybersecurity experts have stated that proper risk analysis is crucial for effective cybersecurity (Cremer et al., 2022). At the same time, I developed my leadership skills and communication effectiveness in team environments through my involvement in extracurricular organizations. These experiences helped me learn how to collaborate with others, organize responsibilities, and contribute to group goals. When reviewing this portfolio, a potential employer can see the work I have completed and the skills I have developed in risk analysis, network security, leadership, and communication. The nine artifacts included in this portfolio clearly demonstrate my past experiences and the preparation I have gained for future opportunities in the cybersecurity field.

I believe that one of the most important skills I have learned and developed at Old Dominion is cybersecurity risk analysis. This is one of the most prominent and important areas within cybersecurity. Identifying threats properly, assigning values to systems and other assets within an organization, and determining which vulnerabilities exist are critical to ensuring that sensitive data remains secure. Companies regularly assess the risk across their systems, especially amid the rise in cybercrime in recent years. Research has shown that a security breach within a company’s network or systems can lead to massive financial and operational consequences, making risk management a top priority for organizations worldwide. Throughout the various courses and assignments I have completed over the past few years, I have gained experience evaluating a company’s security policies, identifying vulnerabilities in systems, and developing strategies to effectively mitigate those risks.

The first artifact someone would find in this section of my ePortfolio is a snippet of a discussion post about having a proper security policy that is HIPAA-compliant. In this post, I discussed how an organization that handles medical data must adhere to very high standards, since that information is extremely sensitive. Additionally, I discussed the CIA triad, one of the foundational principles of cybersecurity, which I learned very early in the major. The CIA triad stands for confidentiality, integrity, and availability. These three concepts form the core of information security and guide how organizations protect sensitive data. I also explained the importance of ensuring that employees and individuals who handle sensitive data are aware of the security policies in place so that everyone involved can help maintain a secure environment. Research shows that organizations with strong security policies and clear procedures for handling sensitive information are much more successful at preventing and mitigating security incidents (Bulgurcu, Cavusoglu, & Benbasat, 2010).

The second artifact in the risk analysis section of my e-portfolio is another discussion post about how companies aim to mitigate vulnerabilities by implementing a structured risk management approach. In the field of risk management cybersecurity, one of the most common ways organizations track everything related to a particular vulnerability is through a Plan of Action and Milestones (POA&M). This is a thorough, detailed document that allows an organization to identify weaknesses, assign the appropriate party to address them, and track how things are developing. This was a very useful assignment, as it gave me more insight into the actual process for resolving these cybersecurity issues and what professionals do on a day-to-day basis, which is something I would like to do in the future.

The third and final artifact in the risk analysis portion of my e-portfolio is another discussion post that compares qualitative and quantitative approaches to addressing cybersecurity risk. Quantitative risk analysis is when an organization uses formulas like single loss expectancy and annual rate of occurrence to determine the financial impact of a vulnerability being exploited. Then you can assess the potential loss, compare it to the cost of fixing the vulnerability, and determine the best course of action. These kinds of calculations are extremely important, since there has been extensive research indicating the financial damage a cybersecurity breach can cause (Cavusoglu, Mishra, & Raghunathan, 2004). This assignment was very useful because it allowed me to view risk assessment from a different perspective. Traditionally, I had always thought about the possibility that people’s sensitive information could be exposed to potential bad actors, but while that is true, there is also a financial component.

The next skill I would like to discuss, one I acquired while attending Old Dominion University, is my understanding of network security, which is one of the most crucial aspects of modern life. Every single thing done in the modern day is done over a network. When people complete their homework assignments, they are using a network. When someone is at work trying to make a PowerPoint presentation for a meeting later, they are on a network. When you are chatting with your friend over a video call, you are on a network. These are fundamental systems for modern life. The coursework I did while in school has helped me understand these systems, their vulnerabilities, the ways attackers might try to exploit them, and even the psychology behind why someone might want to gain access to a network they were not permitted to. Understanding the function of a network is essential to being successful in the cybersecurity industry. It is a regular part of many cyber professionals’ days to monitor a network, scan for irregularities, and ensure everything is behaving normally, since this is crucial digital infrastructure. I put this into practice by completing hands-on labs to see what a network really looks like, understand how it works, and learn how different devices interact with one another.

The next section of the artifacts portion of my e-portfolio goes over my experience with network security and infrastructure. Every single organization on the planet in 2026 uses a network to communicate with others, transfer data, and manage every facet of modern operations. These are incredibly important systems. They are equally fragile and can be exploited by someone who knows what they are doing. Therefore, they need to be protected, since an attacker will do everything in their power to exploit a vulnerability and gain unauthorized access to the system. In the labs shown in the e-portfolio, I learned how to identify the various devices in a network. I learned how the structures are set up to ensure that everything is reliable and efficient while maintaining security. I also learned how to identify network issues so they can be properly addressed. These labs were a great hands-on experience and gave me a ton of knowledge. They are useful for my future career and life in general, since the world runs on networks.

The first two sections of the skills and artifacts portion of my e-portfolio are filled with technical skills that are very useful and will help me in my future career. But there is more to being a good employee, team member, and person than just having technical skills, which is what I am talking about now. I have developed my leadership and communication skills while at school. While you get a little bit of this in the classroom through group projects and other assignments, I experienced the most improvement and development outside the classroom through extracurricular activities, my fraternity, and the clubs and other organizations I was involved with while at school. Cybersecurity professionals often work in team environments and collaborate to achieve a common goal. My leadership positions and the skills I developed will help me greatly with this. In the artifact section, you will see how I created task calendars to ensure the people I was in charge of were moving in the right direction and knew what they needed to do and when they needed to do it, so the entire group was progressing in the right direction.

Additionally, you will see my event planning experience, where I helped organize large-scale events that required extensive planning and communication with third-party vendors to ensure everything ran smoothly. Lastly, you will see a schedule of events that was sent out along with a message to ensure everyone knew what was going on, when it was happening, and what they needed to have for the occasion. These artifacts demonstrate my ability to communicate with people respectfully while still getting the job done, so they know what they need to do and when they need to do it. They also show my ability to lead without being overbearing or abrasive, since the best work comes from environments with positive energy where people can collaborate and work together toward a common goal. This is true in any industry, but especially in cybersecurity, where research has shown that the best way to mitigate risk and prevent threats is for an organization to collaborate to develop strategies to combat bad actors. That kind of environment requires strong leadership and effective communication. (Mızrak, 2024).

Creating this e-portfolio and reflecting on the artifacts I included enabled me to look back on my time at the university and the vast improvements I have made in my academics and leadership abilities. I have completed my coursework and gone through my classes, gaining invaluable knowledge in risk management, network security, and cybersecurity. I have also developed the technical skills I need to ensure vulnerable systems are protected, sensitive data is kept secure, and I can continue advancing in my career. Additionally, I improved my leadership abilities, strengthened my communication skills, and became a better team player through my experiences. These skills will serve me well in the professional world, particularly in a field like cybersecurity, which requires a delicate balance between technical expertise and the ability to collaborate and communicate with others. This portfolio not only shows what a student did at Old Dominion University, but also reflects how much I have grown as a person and how capable I am of taking on future opportunities in cybersecurity.

References 

ulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010).
Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523–548.

Cavusoglu, H., Mishra, B., & Raghunathan, S. (2004).
The effect of internet security breach announcements on market value. International Journal of Electronic Commerce, 9(1), 69–104.

Cremer, F., Sheehan, B., Fortmann, M., Kia, A., Mullins, M., Murphy, F., & Materne, S. (2022).
Cyber risk and cybersecurity: A systematic review of data availability. Risk Analysis, 42(3), 537–554.

Gordon, L. A., Loeb, M. P., & Zhou, L. (2011).
The impact of information security breaches: Has there been a downward shift in costs? Journal of Computer Security, 19(1), 33–56.

Mızrak, F. (2024).
Cybersecurity risk management and strategic management integration. Review of Business Management.