Cybersecurity and the Social Sciences
Module 1 Journal Entry
Chase Dickerson
Jun 15
The “Analyze” category appeals to me due to its focus on identifying and interpreting data to uncover
security threats. This role involves critical thinking and a deep understanding of cyber threats, which I find
intellectually stimulating. It’s highly intriguing. Identifying threats through data analysis – cerebral and
stimulating. A tantalizing combination of critical thinking and deep technical knowledge of cyber threats
(Brown, 2020). Vulnerability assessments engage analytical abilities to the fullest. Threat detection
involves racing against the clock to prevent incidents. Data analysis reveals insights by connecting
seemingly disparate pieces of information. Understanding the root causes of cybersecurity incidents – an
intellectually satisfying pursuit of unveiling the full narrative behind each case (Brown, 2020).
This category, “Protect and Defend” is fascinating because it involves proactive measures to safeguard IT
systems and networks. Roles in “Protect and Defend” include cyber defense analysis and infrastructure
support, focusing on preventing cyber attacks and responding to threats in real time. I am drawn to the
dynamic and defensive nature of this work, where quick thinking and technical expertise can have a
significant impact on organizational security.
The “Investigate” category is highly intriguing. Identifying threats through data analysis – cerebral and
stimulating. A tantalizing combination of critical thinking and deep technical knowledge of cyber threats.
Vulnerability assessments engage analytical abilities to the fullest. Threat detection involves racing
against the clock to prevent incidents (Brown, 2020). Data analysis reveals insights by connecting
seemingly disparate pieces of information. Understanding the root causes of cybersecurity incidents – an
intellectually satisfying pursuit of unveiling the full narrative behind each case. Tracking cyber crimes by
following intricate digital trails.
While important, the “Collect and Operate” category interests me the least. This category involves
specialized operations for gathering cybersecurity intelligence and performing denial and deception
operations. The tasks here are often more covert and strategic, which doesn’t align as closely with my
preference for more hands-on, technical roles that involve direct problem-solving and immediate impact.
Additionally, the operational and often classified nature of this work might limit the transparency and
collaborative aspects that I value in a cybersecurity role (Brown, 2020).
References
https://doi.org/10.1016/j.cj.2020.03.002
National Initiative for Cybersecurity Education. (n.d.). NICE Framework.
https://niccs.cisa.gov/workforce-development/nice-framework
——————————————————————
Module 2 Journal Entry
Analyze: This is all about making sense of the cybersecurity info coming your way – sortingthrough the noise to find the truly useful intel that could expose threats. Think of it like adetective sifting through evidence to crack a case. Collect and Operate: Imagine being a spy running specialized ops to gather critical intel on thebad guys. This involves clever tactics to covertly collect data on cyber threats and attackers’ methods without them knowing.Investigate: When a cyber incident or crime goes down, these are the cybersecurity forensicsexperts brought in to examine the digital crime scene. They’re like the CSI team, but forcomputer systems and networks, digging into evidence to find the “who” and “how.” Operate and Maintain: Think of an IT team, but with their focus squarely on ensuring systemsare running smoothly and securely. They’re the mechanics keeping the engine running whilealso reinforcing it against potential attacks. Oversee and Govern: These leaders are like the coaches, managers and tacticians steering anorganization’s overall cybersecurity game plan. They set the policies, make the big strategy calls, and rally the team. Protect and Defend: The cybersecurity guardians actively shielding an organization’s systems and data from malicious threats. They’re installing the firewalls, virus scanners and the other frontline defenses to fend off the constant barrage of attacks. Securely Provision: The architects and builders ensuring new systems and code being developed are cybersecure from the ground up, baking in security by design rather than trying to bolt it on later. They’re avoiding future vulnerabilities.
——————————————————————————————————————–
Module 3 Journal Entry
The Privacy Rights Clearinghouse’s Data Breach Chronology provides a valuable resource for
researchers to study and analyze data breaches in the United States. Some key ways
researchers could use this information:
1. Identifying trends over time in the number, types, and scale of data breaches to
understand how the data breach landscape is evolving. The timeline view allows seeing
breach patterns year-over-year.
2. Analyzing which industries and sectors are most commonly impacted by breaches, as
shown in the “View by Category” chart breaking down breaches by
business/organization type. This can highlight areas needing stronger security practices.
3. Studying the geographic distribution of breached entities to see if certain states or
regions are disproportionately affected, using the “Location of Breached Entity” map.
4. Examining the most common types of breaches (hacking, insider threats, physical loss,
etc) to understand key vulnerabilities, as categorized in the “Data Breaches by Breach
and Organization Type” view.
5. Quantifying the scope and scale of individual and aggregate data breaches in terms of
number of records exposed.
In terms of social science fields that could benefit most from this data:
● Information science and cybersecurity researchers can use it to study evolving data
breach trends, common attack vectors, and identify areas for strengthening security
practices and technologies.
● Public policy and political science researchers can leverage the data to shape data
privacy regulations and breach disclosure laws based on the empirical evidence of
breaches’ prevalence and impact.
● Sociologists could examine public/consumer sentiments and behaviors in response to
breaches over time.
● Economists may quantify the fiscal impacts of breaches on affected organizations and
entire industries.
● Psychologists can explore individuals’ emotional/mental health responses to having
personal data exposed.
So in summary, while cybersecurity and policy researchers may be the most direct beneficiaries,
this important chronology has broad cross-disciplinary value for data-driven social science
research into one of the most critical issues of the digital age. The centralized reporting enables
researchers to spot macro-level trends and patterns that can meaningfully shape our collective
understanding of and response to data breach threats
——————————————————————————————————————–
Module 4 Journal Entry
Maslow’s Hierarchy of Needs, a cornerstone theory in psychology, outlines five categories of human needs often visualized as a pyramid (Mcleod, 2020). Examining my own technology experiences through this model reveals how digital tools intersect with needs on every level:
Physiological needs, the foundational tier, include food, water, warmth and rest (Mcleod, 2020). Food delivery apps, programmable thermostats, and sleep tracking devices demonstrate how technology can support these basic necessities (Patel, 2020). Safety needs involve physical security, order, stability and freedom from fear (Mcleod, 2020). Smartphone passcodes, antivirus software, home security systems, and vehicle dash cams are all examples of how technology can provide a sense of protection and preparedness (Raphael, 2019). Belongingness and love needs relate to intimate relationships and feeling part of a community (Mcleod, 2020). Social networks, messaging apps, video chats and multiplayer games can foster a bunch of social connection and combat isolation, as evidenced during COVID-19 lockdowns (Nguyen et al., 2021). Esteem needs include self-esteem, recognition, status and feelings of accomplishment (Mcleod, 2020). Accumulating “likes,” points, badges and other digital markers of progress in apps and games can activate reward centers and boost self-worth (Zuo et al., 2020). Self-actualization sits atop the hierarchy, representing the drive to achieve one’s full potential (Mcleod, 2020). Online courses, digital creativity tools, and knowledge bases enable the pursuit of learning, skill mastery and self-transcendence in novel ways (Krems et al., 2017).
Viewing digital habits through Maslow’s lens underscores technology’s role in need fulfillment across the spectrum of human motivation. While not without drawbacks, everyday tech touches the full scope of the human experience today, from the essential to the aspirational.
References:
Nguyen, M. H., Gruber, J., Fuchs, J., Marler, W., Hunsaker, A., & Hargittai, E. (2021). Changes in Digital Communication During the COVID-19 Global Pandemic: Implications for Digital Inequality and Future Research. Social Media + Society. https://journals.sagepub.com/doi/full/10.1177/2056305120948255
Link, J. (2018, August 3). Council post: How digital disrupted Maslow’s hierarchy of needs. Forbes. https://www.forbes.com/sites/forbeshumanresourcescouncil/2018/07/30/how-digital-disrupted-maslows-hierarchy-of-needs/
Krems, J. A., Kenrick, D. T., & Neel, R. (2017). Individual Perceptions of Self-Actualization: What Functional Motives Are Linked to Fulfilling One’s Full Potential? Personality and Social Psychology Bulletin, 43(9), 1337–1352. https://journals.sagepub.com/doi/10.1177/0146167217713191
Mcleod, S. (2020). Maslow’s Hierarchy of Needs. Simply Psychology. https://www.simplypsychology.org/maslow.html
——————————————————————————————————————-
Module 6 Journal Entry
Before delving into the realm of cybersecurity, I harbored misconceptions that have been challenged or
proven wrong over time. One major misconception was that cybersecurity mainly revolved around skills
such as coding and network architecture. While these aspects are crucial, I’ve come to realize that human
factors and social engineering also play a significant role (Elazari, 2024). As emphasized in Keren
Elazari’s video, numerous breaches stem from human mistakes or manipulation rather than just technical
exploits.
Another mistaken belief I held was that using strong passwords alone could effectively safeguard
accounts and systems. However, my understanding has evolved to recognize that even intricate
passwords can be vulnerable to compromise through techniques like credential stuffing, where hackers
test leaked passwords across multiple accounts (Elazari, 2021). This has underscored the importance of
implementing multi-factor authentication and avoiding password reuse across different accounts, a point
reinforced by Aiken and Boush’s (2006) research on online trust and internet signals.
I also used to think that cybersecurity fell primarily under the responsibility of IT departments. Yet the idea
of the “human firewall” demonstrates how each individual within an organization plays a crucial role in
upholding security (Elazari, 2021). This realization has heightened my awareness of my digital habits and
their potential impact on overall security. Furnell and Clarke (2012) support this view, emphasizing the
evolving recognition of human aspects in security.
Furthermore, I assumed most cyberattacks were highly sophisticated and challenging to carry out. While
advanced attacks do exist, I’ve learned that many successful breaches exploit simple vulnerabilities or
human errors. This has highlighted the significance of maintaining basic security practices and staying
informed to ward off typical risks, a point that aligns with Furnell and Clarke’s (2012) research on the
human aspects of security.
Finally, I used to think of cybersecurity as a purely defensive field. However, I now realize the significance
of taking proactive steps, engaging in ethical hacking practices, and employing offensive security
strategies to pinpoint vulnerabilities before they are maliciously exploited, as demonstrated by Elazari’s
(2021) insights from real-world hackers.
Overall, studying cybersecurity has challenged many of my preconceptions, highlighting the field’s
complexity and the critical role that human factors play alongside technical considerations. The work of
researchers like Aiken and Boush (2006), Furnell and Clarke (2012), and practitioners like Elazari (2021)
have been instrumental in reshaping my understanding of this dynamic field.
References
Furnell, S., & Clarke, N. (2012). Power to the people? The evolving recognition of
human aspects of security. Computers & Security, 31(8), 983-988.
https://www.sciencedirect.com/science/article/abs/pii/S0167404812001228
Aiken, K. D., & Boush, D. M. (2006). Trustmarks, objective-source ratings, and implied
investments in advertising: Investigating online trust and the context-specific nature of
internet signals. Journal of the Academy of Marketing Science, 34(3), 308-323.
https://link.springer.com/article/10.1177/0092070304271004
Elazari, K. (2024). Real hackers review Hollywood hacks.
https://www.youtube.com/watch?app=desktop&v=6BqpU4V0Ypk&ab_channel=Insider
——————————————————————————————————————–
Module 8 Journal Entry
The media has had an impact, on how the public views cybersecurity, swinging between sensationalism
and oversimplification. In the days of internet use, movies and TV shows tended to portray hackers as
either heroic rebels or wicked villains showing cyber attacks in a flashy unrealistic manner. This skewed
peoples perception of cyber threats and the skills needed to address them.
As real world cyber incidents increased news outlets started covering data breaches and attacks. While
this raised awareness the focus was often on the aspects potentially distorting public understanding of
common threats.
Over time media representation has become more nuanced and accurate. Nowadays TV shows and
movies are more likely to consult cybersecurity experts for depictions of threats and defenses. News
coverage has also improved with cybersecurity reporters offering technically precise reporting.
Despite these advancements challenges persist. The fast pace of advancements means that media
struggles to keep up with the developments, in cybersecurity.
People often tend to gravitate towards stories sometimes neglecting the less attention grabbing elements
of cybersecurity practices and defense. The rise of media and online platforms has introduced a level of
complexity enabling quicker sharing of information while also increasing the risk of misinformation and
simplistic explanations, for intricate topics.
References
Rosenzweig, P. (2014). Cyber Warfare: How Conflicts in Cyberspace are
Challenging America and Changing the World. Praeger.
https://www.amazon.com/Cyber-Warfare-Cyberspace-Challenging-
International/dp/031339895X
Kuehn, A., & Mueller, M. (2014). Shifts in the Cybersecurity Paradigm: Zero-Day
Exploits, Discourse, and Emerging Institutions. In Proceedings of the 2014 ACM
Workshop on Security and Privacy in Smartphones & Mobile Devices.
https://www.researchgate.net/publication/301467829_Shifts_in_the_Cybersecurity_Para
digm_Zero-Day_Exploits_Discourse_and_Emerging_Institutions
——————————————————————————————————————–
Module 9 Journal Entry
Upon completing the Social Media Disorder Scale (SMD Scale), I scored positive on four out of the nine
criteria. While this falls short of the five criteria required for a formal diagnosis of “disordered social media
user” according to the scale’s interpretation, it still suggests a significant impact of social media on my
daily life.
The items in the scale cover a comprehensive range of potential issues associated with social media use.
They address key aspects of behavioral addiction, including preoccupation, tolerance, withdrawal, and
conflict (Van den Eijnden et al., 2016). The scale’s focus on these elements aligns well with established
criteria for other behavioral addictions, lending credibility to its approach.
However, the binary (Yes/No) response format may oversimplify complex behaviors and experiences. A
Likert scale might provide more nuanced insights into the severity and frequency of these issues.
Additionally, the scale’s reliance on self-reporting could introduce bias, as individuals may not accurately
perceive or report their own behaviors.
The varying patterns of social media disorder across the world likely stem from a complex interplay of
cultural, technological, and socioeconomic factors. In some cultures, social media use may be more
integrated into daily life and social norms, potentially leading to higher scores. Conversely, in areas with
limited internet access or stricter regulations on social media, lower scores might be observed.
Economic factors also play a role, as access to devices and internet connectivity varies globally.
Furthermore, cultural attitudes towards technology and individual privacy may influence how people
engage with and perceive their social media use.
It’s important to note that while this scale provides valuable insights, cultural sensitivity in its application
and interpretation is crucial. What may be considered “disordered” use in one context might be normative in another. Future research could benefit from exploring these cultural nuances and adapting assessment tools accordingly.
References
Kuehn, A., & Mueller, M. (2014). Shifts in the Cybersecurity Paradigm: Zero-Day
Exploits, Discourse, and Emerging Institutions. In Proceedings of the 2014 ACM
Workshop on Security and Privacy in Smartphones & Mobile Devices.
https://pubmed.ncbi.nlm.nih.gov/26999354/
Chen, L., & Nath, R. (2016). Understanding the underlying factors of Internet addiction
across cultures: A comparison study. Electronic Commerce Research and Applications, 17, 38-48.
https://www.sciencedirect.com/science/article/abs/pii/S1567422316300059
——————————————————————————————————————–
Module 10 Journal Entry 1
Trust plays a role, in the realm of cybersecurity. Cybersecurity experts are responsible
for safeguarding data and systems serving as a defense against cyber threats (Furnell
& Thomson 2009). This duty gives rise to a dynamic where organizations and
individuals must place their trust in the skills and reliability of these professionals.
The role also brings attention to the debate between privacy and security. Cybersecurity
analysts often have access to data and communications prompting discussions on
finding the balance between safeguarding information and respecting individual privacy
(Solove, 2011). This dilemma mirrors broader conversations regarding surveillance and
data protection in our era.
Collaboration emerges as another component. Effective cybersecurity practices
necessitate teamwork not within IT departments but across organizations. Analysts
must convey ideas to non specialists nurturing a culture of awareness about security
(Fenz et al., 2014). This cross departmental collaboration challenges boundaries.
The competitive nature of cybersecurity work is fascinating from a standpoint. Analysts
engage in an battle with hackers and cybercriminals studying their strategies and
anticipating their actions. This leads to the formation of a subculture, with its jargon,
ethical standards and customs (Holt, 2019). Lastly this profe ssion underscores the interconnectedness of our landscape.
Cybersecurity risks go beyond country borders highlighting the need, for collaboration
and sparking discussions, on the control and management of the online realm (Choucri
& Clark 2019).
References
List your References in APA Format Below
Choucri, N., & Clark, D. D. (2019). International relations in the cyber age: The
co-evolution dilemma. MIT Press.
Fenz, S., Heurix, J., Neubauer, T., & Pechstein, F. (2014). Current challenges in
information security risk management. Information Management & Computer Security,
22(5), 410-430.
Furnell, S., & Thomson, K. L. (2009). From culture to disobedience: Recognising the
varying user acceptance of IT security. Computer Fraud & Security, 2009(2), 5-10.
Holt, T. J. (2019). Cybercrime through an interdisciplinary lens. Routledge.
Solove, D. J. (2011). Nothing to hide: The false tradeoff between privacy and security.
Yale University Pres
——————————————————————————————————————–
Module 10 Journal Entry 2
The field of cybersecurity is bringing to light really intriguing themes related to the role of cybersecurity
analysts. With technology empowering both state and non state actors to manipulate information and
beliefs on a scale cybersecurity analysts are, at the crossroads of technology, psychology and social
interactions. A significant aspect revolves around trust. Analysts need to establish and uphold trust with
the organizations and communities they safeguard while also undermining trust in entities and
misinformation. This delicate equilibrium calls for not expertise but also profound social awareness and
communication skills.
Another crucial societal consideration is the interplay between security and privacy. Analysts have access
to sensitive data sparking ethical dilemmas about surveillance boundaries and individual rights in the
digital era. Successfully navigating this terrain requires a nuanced grasp of values and norms. In this day
in age, collaborative efforts across teams and organizations are essential for cybersecurity measures.
Analysts must dismantle barriers, between groups. Cultivate a culture of security consciousness that
encompasses both technical experts and non technical staff members. This necessitates abilities and the
capacity to explain complex ideas in a way that resonates with diverse audiences.
The fascinating aspect is the way analysts are engaged in a psychological struggle, with opponents.
Knowing behavior, cognitive biases and social manipulation strategies really is just as crucial, as having
skills. This emphasizes the aspect that underlies the field of cybersecurity (Holt, 2019). As our digital and
physical worlds continue to merge, the social dimensions of cybersecurity will only grow in importance
and complexity.
References
Beskow, D., & Carley, K. M. (2019). Social cybersecurity: An emerging national security
requirement. Military Review, 99(2), 117-127.
Carley, K. M., Beskow, D. M., Carley, L. R., Dombrowski, M., Marcum, C., & Sicker, D.
C. (2018). Social cyber-security. In H. Bisgin et al. (Eds.), Social, Cultural, and
Behavioral Modeling (pp. 389-394). Springer.
Fenz, S., Heurix, J., Neubauer, T., & Pechstein, F. (2014). Current challenges in
information security risk management. Information Management & Computer Security,
22(5), 410-430.
Holt, T. J. (2019). Cybercrime through an interdisciplinary lens. Routledge.
Rugge, F. (2018). ‘Mind hacking’: Information warfare in the cyber age. Italian Institute
for International Political Studies. https://www.ispionline.it/en/pubblicazione/mind-
hacking-information-warfare-cyber-age-19414
——————————————————————————————————————–
Module 10 Journal Entry 2
The study “Analysis of Information Security Requirements; Critical Cybersecurity
Risk Factors in Digital Social Media” by Khidzir et al. (2016) examines crucial
cybersecurity risks in social media platforms, demonstrating key social science
principles in its approach and findings (Khidzir et al., 2016). The research questions
focus on identifying and prioritizing cybersecurity risks in social media, specifically
assessing their importance regarding three core information security principles:
confidentiality, integrity, and availability. This framework provides a comprehensive
evaluation of security issues, aligning with fundamental concepts in information systems
and cybersecurity.
Methodologically, the study employs a survey approach, utilizing a 5-point Likert
scale questionnaire administered to 33 professionals from various sectors in Malaysia.
This quantitative method exemplifies social science research techniques, allowing for
systematic data collection on human perceptions and interactions with technology
(Khidzir et al., 2016). The sample selection and survey design demonstrate an
understanding of sampling methods and questionnaire construction in social research.
The data analysis involves statistical assessment of the perceived significance of
18 predetermined risk factors. This analytical approach showcases the application of
quantitative data analysis techniques common in social science research, including
ranking and comparative analysis of risk factors across different security domains
(Khidzir et al., 2016).
The study’s findings relate to several key concepts from social science classes.
Risk perception is evident in the varying assessments of cybersecurity threats,
illustrating how individuals perceive and prioritize risks (Khidzir et al., 2016). The study
explores technological determinism by examining how advancements in social media
shape social behavior and create new vulnerabilities. Social constructivism is reflected
in the research’s highlight of how cybersecurity risks are socially constructed and
perceived differently across professional groups (Khidzir et al., 2016). The findings
implicitly address issues of the digital divide, touching on unequal access to digital
literacy and cybersecurity resources.
Importantly, the study relates to challenges faced by marginalized groups in
digital spaces. It identifies heightened risks for women, racial minorities, LGBTQ+
individuals, and people with disabilities, who often face increased cyberbullying,
harassment, and targeted attacks (Khidzir et al., 2016). The research underscores how
these groups may have limited access to digital literacy education and cybersecurity
resources, making them more vulnerable to risks like identity theft and information
manipulation. Additionally, it recognizes the crucial role of social media for these
communities in activism and community building, emphasizing the need for enhanced
security measures to protect their digital participation (Khidzir et al., 2016).
The overall societal contributions of this study are significant. It provides
quantifiable data on cybersecurity risks, informing policy-making and platform
development (Khidzir et al., 2016). The research raises awareness about the complex
interplay between social interactions and cybersecurity in an increasingly
interconnected world. By highlighting vulnerabilities, the study contributes to improving
online safety for diverse user groups. The findings can guide the development of more
inclusive and effective cybersecurity strategies that consider the needs of all users,
including marginalized groups (Khidzir et al., 2016).
In conclusion, Khidzir et al.’s research offers valuable insights into critical
cybersecurity risks in digital social media, applying social science principles to address
a pressing technological issue. The study’s comprehensive approach to risk
assessment, consideration of marginalized groups, and broader societal implications
make it a significant contribution to our understanding of cybersecurity in the digital age
(Khidzir et al., 2016).
References:
The Social Construction of Reality: A treatise in the sociology of knowledge : Peter L.
Berger : Free Download, Borrow, and Streaming : Internet Archive. (1966). Internet
Archive. https://archive.org/details/BergerSocialConstructionOfReality_201901
Hate crimes in cyberspace — Harvard University Press. (n.d.). Harvard University
Press. https://www.hup.harvard.edu/books/9780674659902
Gordon, F. (2019). Virginia Eubanks (2018) Automating Inequality: How High-Tech
Tools Profile, Police, and Punish the Poor. New York: Picador, St Martin’s Press. Law,
Technology and Humans, 162–164. https://doi.org/10.5204/lthj.v1i0.1386
Khidzir, N. Z., Ismail, A. R., Daud, K. a. M., Ghani, M. S. a. A., & Ibrahim, M. a. H. I.
(2016).
Critical cybersecurity risk factors in digital social media: Analysis of information
Security requirements. Lecture Notes on Information Theory, 4(1), 18–24.
https://www.researchgate.net/publication/306119001_Critical_Cybersecurity_Risk_Fact
ors_in_Digital_Social_Media_Analysis_of_Information_Security_Requirements
——————————————————————————————————————–
Module 11 Journal Entry 1
The provided data breach notification letter offers an opportunity to explore economic and social
science theories. Looking at it from an angle the situation demonstrates the concept of
information asymmetry (Akerlof, 1970). The company had knowledge about the breach that
customers were unaware of for some time creating an information gap that could have put
customers at risk. This imbalance emphasizes the need for disclosure to uphold market
efficiency and consumer confidence.
Furthermore the breach showcases the theory of externalities (Pigou, 1920). The security lapse
imposes costs on customers who were not directly involved in the breach potentially leading to
losses or identity theft issues. These external impacts underscore the consequences of
cybersecurity failures and emphasize the necessity for strong protective measures.
Taking a social science perspective we can examine the breach and subsequent notification
letter through the lens of trust and social capital theory (Putnam, 2000). The incident likely
damages trust between the company and its customers which is an element of capital. The
transparency and guidance in the letter aim to rebuild this trust by acknowledging how vital
strong social networks are, for business interactions.
Moreover the data breach is, in line with Beck’s (1992) theory on risk society suggesting that
contemporary society is more concerned about risks arising from the technologies we rely on.
This event shows how our dependence on technologies leads to the emergence of vulnerabilities compelling both individuals and institutions to deal with and reduce evolving risks
continuously.
In conclusion, this data breach notification serves as a practical illustration of how economic and
social theories intersect in real-world scenarios, offering valuable insights into the complex
dynamics of information security, trust, and societal risk in the digital age.
References
References The market for “Lemons”: Quality uncertainty and the market mechanism*.
(1970, August 1). OUP Academic. https://academic.oup.com/qje/article-
abstract/84/3/488/1896241?redirectedFrom=fulltext
Beck, U. (1992). Risk society: Towards a new modernity. Sage Publications.
Pigou, A. C. (1920). The economics of welfare. Macmillan and Co.
References Bowling alone | Proceedings of the 2000 ACM conference on computer
supported cooperative work. (n.d.). ACM Conferences.
https://dl.acm.org/doi/10.1145/358916.361990
——————————————————————————————————————–
Module 11 Journal Entry 2
The research conducted by Sridhar and Ng (2021) delves into the world of bug bounty
programs, a cybersecurity strategy. Their study sheds light on how these programs can be
beneficial, for companies of all sizes and industries challenging some assumptions about their
value.
One interesting discovery is that hackers show price inelasticity with their motivation not solely
driven by money but by factors like reputation or altruism. This means that companies don’t
always have to offer bounties to attract hackers as shown by an elasticity range of 0.1 to 0.2 in
the study.
Furthermore the research reveals that a company’s revenue or brand status doesn’t significantly
influence the number of vulnerability reports received. This equal opportunity for cybersecurity
talent benefits companies that may struggle to hire in-house security experts. However certain
sectors like finance and healthcare receive reports possibly due to risks associated with
vulnerabilities exploitation, in these industries.
The research findings suggest that the implementation of programs does not lead to a
decrease, in reports to current ones indicating that the market is still open. This discovery holds
importance for decision makers and platform providers such as HackerOne as it backs the
expansion of bug bounty initiatives.
While the study provides valuable insights, it also highlights the complexity of these markets.
The authors’ model explained less than half of the variation in reports received, indicating that there are still unidentified factors influencing the effectiveness of bug bounty programs. This
underscores the need for further research to fully understand and optimize these policies.
References
Sridhar, K., & Ng, M. (2021). Hacking for good: Leveraging HackerOne data to develop
an economic model of Bug Bounties. Journal of Cybersecurity, 7(1), tyab007.
https://doi.org/10.1093/cybsec/tyab007
——————————————————————————————————————–
Module 12 Journal Entry
After reading Andriy Slynchuks piece, about activities on the internet I am struck by how easily
one can unintentionally violate online laws. These activities, such as using streaming platforms
or torrents have become so commonplace that many individuals overlook their ramifications.
Something that catches my attention is the disparity between what many internet users perceive
as morally acceptable and what’s actually lawful. For example utilizing copyrighted images
without authorization or extracting audio from YouTube clips may appear harmless. They
constitute breaches of intellectual property rights. It serves as a reminder that our digital
behaviors carry consequences in the world.
The segment discussing cyberbullying and trolling holds relevance in todays social media
environment. It is essential to recognize that our online interactions are governed by the ethical
norms as face, to face conversations.
I was taken aback to discover that using someone Wifi without permission is illegal. I have done
this in the past without thought. Now I view it as a form of theft. The article offers guidance on safeguarding oneself especially stressing the importance of using VPNs and being cautious when sharing personal details. Nonetheless it is disconcerting that such extensive precautions are necessary to ensure our security and confidentiality.
After reading this article I feel more conscious of the impact my online presence can have. The
legal consequences associated with internet activities. It serves as a reminder to be cautious and accountable, in how I navigate the web and to stay updated on regulations and ethical
standards, amidst the changing technological landscape.
References
List your References in APA Format Below
Slynchuk, A. (2021, June 1). 11 Illegal Things You Unknowingly Do on the Internet.
Clario.https://clario.co/blog/illegal-things-you-do-online/
——————————————————————————————————————–
Career Paper
Introduction
Cybersecurity experts play a crucial role in safeguarding organizations against digital threats.
While technical skills are fundamental, incorporating social science principles is essential in this
field. This study explores how cybersecurity professionals apply social science research and
theories in their work, focusing on the impact of cybersecurity on marginalized communities and
society as a whole.
Understanding Online Behavior through Social Science
In the realm of cybersecurity, analysts heavily rely on social science concepts to understand
and predict behavior online. Social engineering, a significant concern in cybersecurity, is deeply
rooted in sociological insights. Analysts need to grasp how cyber attackers manipulate
vulnerabilities like trust and authority bias to breach systems (Wongkrachang, n.d.).
Conflict Theory in Cybersecurity
The application of conflict theory, which examines social structures through power imbalances,
holds significance in the field of cybersecurity. Analysts must assess how power dynamics
observed in society manifest themselves in cyberspace. For instance, cyber attacks sponsored
by governments often reflect geopolitical tensions and struggles for dominance between nations
(Pavlova, 2020).
Peer Networks and Cyberbullying
An understanding of peer networks and their impact on behavior is essential for cybersecurity
experts when addressing issues like cyberbullying. Knowing how online communities function and influence behaviors, whether fostering or combating harmful actions, is crucial for
developing effective cybersecurity measures (Wongkrachang, n.d.).
Protecting Religious Communities Online
Cybersecurity experts need to be aware of the targeting of religious communities online. It’s
crucial to grasp the vulnerabilities these groups face and create customized security plans. For
instance, religious institutions could be at risk of hate crimes or misinformation campaigns,
necessitating specific cybersecurity precautions (Pavlova, 2020).
Urban Cybersecurity Challenges
The concept of “Cities and Cybersecurity” is increasingly relevant as urban areas become more
technologically integrated. Cybersecurity analysts working with smart city initiatives must
consider the complex interplay between urban infrastructure, population density, and digital
vulnerabilities (Khatoun & Zeadally, 2017).
Sociological Lens in Cybersecurity
Analysts must view cybersecurity through a sociological lens, considering how social structures
and institutions influence digital security. This includes understanding how different societal
groups perceive and interact with technology, which can inform more effective security policies
and education programs (Wongkrachang, n.d.).
Protecting Marginalized Groups and Societal Impact
Cybersecurity analysts play a vital role in protecting marginalized groups from digital threats.
This involves recognizing the unique vulnerabilities of marginalized communities in cyberspace,
developing inclusive security strategies that address diverse needs, and advocating for equal
access to cybersecurity education and resources (Pavlova, 2020). On a broader societal level,
cybersecurity analysts contribute to maintaining the integrity of critical infrastructure that society
depends on, protecting democratic processes from cyber interference, and fostering trust in
digital systems, which is crucial for social and economic development.
Conclusion
The role of a cybersecurity analyst extends far beyond technical expertise. By integrating social
science principles, these professionals can develop more comprehensive and effective
strategies to protect individuals, organizations, and society as a whole from evolving cyber
threats. The interdisciplinary nature of this field highlights the importance of a holistic approach
to cybersecurity that considers both technological and social factors.
Sources:
Khatoun, R., & Zeadally, S. (2017). Cybersecurity and privacy solutions in smart cities. IEEE
Communications Magazine, 55(3), 51-59. https://doi.org/10.1109/MCOM.2017.1600297CM
Pavlova, P. (1970, January 1). Human rights-based approach to cybersecurity: Addressing the
security risks of targeted groups. Peace Human Rights Governance.
https://phrg.padovauniversitypress.it/2020/3/4
Wongkrachang, S. (n.d.-a). Cybersecurity awareness and training programs for racial and
sexual minority populations: An examination of effectiveness and best practices. Contemporary
Issues in Behavioral and Social Sciences.
——————————————————————————————————————–
Module 14 Journal Entry
Today I spent some time reflecting on Davin Teos TEDx talk discussing his journey, in
forensics. It struck me how closely connected this field is to social sciences like criminology and
sociology. Teos progression into forensics is quite intriguing. Starting off as an accountant with
an interest in IT he stumbled upon an opportunity within Australias early national digital forensic
scene. This non traditional path underscores the nature of forensics merging technology, law
and investigative practices. What particularly intrigued me was how Teos work intersects with
concepts. His investigations often delve into analyzing behavior in realms unveiling patterns of
deviance and exploring the impact of technology on social dynamics. For instance his case
study involving a torrent site within an IT department exemplifies how subcultures can emerge
within organizations – a principle in organizational sociology. Furthermore Teos work delves into
realms by tackling cyber threats, fraud cases and even instances of death threats. His
investigative approach aligns with theories such as routine activity theory, by identifying
vulnerabilities exploited by cybercriminals.
The advancements, in technology within this field. Transitioning from disks to terabyte drives.
Also mirror societal shifts and their influence, on criminal activities and investigative methods.
Teo’s career path demonstrates the importance of adaptability and continuous learning in our
rapidly changing digital world. It also shows how diverse backgrounds can contribute to this
field, suggesting that the future of digital forensics might benefit from even more interdisciplinary
approaches, perhaps incorporating more explicit sociological and criminological training.
Overall, Teo’s talk reinforced for me how digital forensics serves as a crucial bridge between
technology and the social sciences in our increasingly digital society.
References
List your References in APA Format Below
Digital Forensics: Davin Teo: Tedxhongkongsalon. YouTube. (2015, December 9).
https://youtu.be/Pf-JnQfAEew?si=aBTJXC26cuRvsQur