Journal Entry 1

Based on the Workforce Framework website, one area that could help me with my career is to work for the government of cybersecurity. I can help maintain the Defensive Cybersecurity role because they are responsible for analyzing data collected from various cybersecurity defense tools to mitigate risks. Executive Cybersecurity Leadership, monitors the workplace to ensure everything runs smoothly and I have a quick and reactive mind to keep track of everyone. Secure Project Management requires cybersecurity to be built into projects to protect the organization’s critical infrastructure and assets, reduce risk, and meet organizational goals. The way I would rank each of the following “Work roles” that would mostly appeal to me is Defensive Cybersecurity, being the best out of the three, by being a working role for creating programs to protect any devices. Executive Cybersecurity Leadership is second, because it would require me to operate at a fast pace to manage people and my work at the same time. I would lastly prefer but still think a good working role is Secure Project Management because it will require me to build a lot of projects to protect and reduce attacks that could steal data.

Journal Entry 2

The principle of science relates to cybersecurity because they are fundamental to cybersecurity as they guide how threats are analyzed, mitigated, and prevented. So, examples are empiricism, determinism, parsimony, and objectivity. Empiricism, which emphasizes knowledge through observation and experience, is crucial in cybersecurity because security professionals rely on real-world data, such as network logs, attack patterns, and system behaviors, to identify vulnerabilities and develop solutions. Determinism, the principle that events have specific causes, underlies cybersecurity incident analysis and forensic investigations. Cyberattacks, malware infections, and security breaches do not occur randomly; they have identifiable causes that can be traced through digital forensics. Parsimony, or the preference for simplicity in explanations and solutions, is essential in cybersecurity when designing security protocols, incident response strategies, and risk assessments. Overly complex security systems can introduce unnecessary vulnerabilities and increase the likelihood of human error. Objectivity, which demands unbiased and evidence-based conclusions, is critical in cybersecurity decision-making. Security professionals must rely on data-driven assessments rather than assumptions or subjective opinions when evaluating risks, vulnerabilities, or the effectiveness of security measures. Together, these scientific principles provide a structured and rational approach to cybersecurity, ensuring that defenses are built on rigorous analysis, predictable patterns, streamlined solutions, and impartial assessments.

Journal Entry 3

This material can be used by researchers to analyze trends in data breaches, pinpointing typical vulnerabilities and attack methods over time. You will be able to evaluate different types of organizations that are most affected some researchers can check to see which industries are vulnerable and gauge the strength of various security measures. For example, data will allow you to determine how breaches can affect some consumers, that is, how often their personal information has been stolen and corrupted. Researchers can also analyze changes in breach patterns over time to determine how these events correlate with shifts in policies and practices that influence data security over time. This information would formulate better methods for preventing future breaches while mitigating cybersecurity vulnerabilities.

Journal Entry 4

Based on Malsow’s Hierarchy of Needs, there are three categories starting from basic needs, “Physiological needs” and Self-actualization needs; the three categories are broken up into five parts. On the lower part of the chart we have physiological needs for people that relate to technology are phones, iPads or computers to meet a need to have devices in hand. For “Safety needs”, people can place passwords or download a safe plan to their device to protect it from viruses or cybercrime. Next is “Belongings and love needs”, be connected with your loved ones, like your friends and family over the phone or laptop to be able to talk over social media and a call, plus while they are far apart they can be able to communicate with them. Next on the list is “Esteem needs”, in a way for people to recognize the new model or know how to work out a device better than anyone else, and being able to showcase the work like for example if some were to have a digital piece of art they would want to be recognized for it. Last on top of the chart is Self-actualization, which can vary in different ways with technology like getting the new model phone that you have always wanted or just having a phone that already completed the perilous needs from Maslow’s Hierarchy of needs.

Journal Entry 5

Having gone through the articles related to each motive for cybercrime, I rank these motives from 1 (most sensible) to 7 (least sensible), providing reasons for each ranking.

Of the highest rank, money is clearly the most reasonable motive for cyber crime. The link explains how cybercriminals spend their proceeds, pointing to the obvious link between financial gain and cybercrimes like hacking, fraud, and scams.
Second, I offer high ranks to political motives. Hacktivism is another form of cybercrime that is well-documented and becoming increasingly common, whereby an individual or group undertakes an electronic assault to establish a political statement or find a legitimate intervention.
Third, retribution is a cause of great connivance too: again, revenge porn, where individuals operate on digital platforms to deliver punishments on others. Revenge is simmering within the walls of personal conflict and immaterial concerns; it is a true and humane drive for the cybercriminal.
Fourth in the ranking is recognition. Some people indulge in cybercrimes in order to get recognition or fame, especially among certain subcultures of hackers who may perform a DDoS attack in a flirtation with media attention or ascent in societal status. This article on Bradley Niblock exemplifies recognition as a motivation in the course of politically motivated or high-profile cyberthreats.
Fifth, entertainment is a dubious motivation behind cybercrime. While some people may commit certain minor infractions for entertainment, and with cases of personal amusement, such as LinkedIn scraping, such acts generally are not thought-provoking nor obvious in their potential for organized cybercrime.
Sixthly is boredom. While boredom can certainly drive individuals to engage in somewhat less serious cybercrimes (cyberbullying or online harassment, for example), it is generally viewed as a less serious reason for committing crimes.
Lastly, yet another moderate category, according to the various causes hackers resort to crime, suggests there are several factors behind this kind of activity in an approach that encompasses money, politics, recognition, and, of course boredom.

Journal Entry 6

None is more reliable than the other fact-checking sites, which cover all the bases of the obvious fake ones. However, Snopes, FactCheck.org, and PolitiFact stand out among other reliable, fact-based websites because of their different commitments to fact-checking a claim, debunking such misinformation, and giving well-researched explanations with support from credible, reliable sources.

Fake or misleading ones like Real Raw News, Before It’s News, and The Onion (although satirical) deliver misinformation or fictional reports. These sites’ comparative features, getting in contrast with credible ones, reveal key differences that mark their fraudulent nature.

One of the main differentiators between the real and fake fact-checking sites would be source transparency. While reputable ones like FactCheck.org attribute verified contexts from official reports or recognized experts and content from official sources, aids reached by sites like Real Raw News often lack verifiable sources-a common problem being the use of anonymous insiders. For horror stories coming up from Real Raw News about some government conspiracy, they may invoke “an unnamed Pentagon official” providing absolutely no evidence, while articles in FactCheck.org would refer to government documents, expert analyses, and direct accounts from officials.

Another striking difference lies in their editorial standards and corrections. Real fact-checking websites will have defined editorial standards, will correct themselves whenever they are wrong, and will live by ethical journalism codes. PolitiFact gives a label like “Pants on Fire” to a claim that is outright wrong and updates its article whenever new information shows up. Before It’s News, on the other hand, prefers user-generated content with near to no moderation, allowing for wild rumors to sprout from the drumbeats of anchoring.

Journal Entry 7

In this image the individual is experiencing some trouble with how her computer is set up. The
computer screen is wide open for everyone around her to see, where it would be better for her
to have a privacy screen to prevent anyone from looking at her screen. This image also relates
to Human-centered by applying some framework to the computer to give it a privacy screen for
better protection over you data.

A great way for Human-centered cybersecurity to be used in helping this individual is by training
the workers to be able to recover their data to prevent any loss in anything or it might lead to
ineffective in modifying end-users behavior due to their training. As shown in the image or
meme we have an individual who was hacked by someone to steal all of there data as shown
on the screen all there data is be wiped.

I created this meme to show another individual opening up her phone to be surprised of her
pictures being missing. This person has never set up her password for Human-centered
cybersecurity to act, because there was no protection being placed on the device and it can
cause a problem to where there train in have the individual have some security over there
device be placed to ensure there protection against hackers.

Journal Entry 8

After watching the video “Hacker Rates 12 Hacking Scenes In Movies And TV | How Real Is It?”, I was reminded of how the media distorts hacking and cybersecurity. Films and television series often portray hacking as glamorous, in a matter of seconds. They create the impression through the use of spectacular graphics in their depictions that make it look like hacking is easy and all you have to do is click and write a few lines of code, when in fact it is far from it. One of the biggest deceptions is the speed at which hacking is shown in film. The hacker in the movie can crack constantly changing techno-magic in just a few seconds, clicking on things in a few moments or writing a few lines of code in cyberspace, as they go through the dark web. What happens in reality with cybersecurity breaches is much more laborious and time-consuming, with cumbersome planning, and upper limits to patience. Exploiting vulnerabilities requires working for an extensive amount of time, and sophisticated hacks usually require time-consuming ways of acquiring sensitive information and performing great precision in the hacks.

Journal Entry 9

According to my responses, my score was 3 on the social media scale, indicating that I have risky usage. I do not see a severe problem with my social media use, but there is evidence that it may interfere with my life in small ways. For instance, becoming preoccupied with social media and at times using social media to disengage or escape my negative feelings are red flags for dependency. However, since I do not have withdrawal symptoms and I am not in conflict with others over my social media usage, I likely do not have a serious problem with social media. I feel the items within the scale do a good job of capturing different aspects and features of social media usage. It reflects emotional dependence (escape, withdrawal) behavioral issues (persistence, displacement), and social issues (conflict, deception). The scale works to define possible overuse or addiction in social media by evaluating the emotional & behavioral aspects involved.

Journal Entry 10

The article “Social Cybersecurity: An Emerging National Security Requirement” discusses how information warfare has evolved into 21st-century warfare. It notes that social cybersecurity is a new domain that attempts to define and counter cyber-mediated changes in human behavior and social structures as it relates to political stability in the United States. Social cybersecurity identifies an important distinction from traditional cybersecurity emphasizing how it is not merely protecting information systems; instead, the emphasis is focused on hacking the human condition through technology by changing perceptions, beliefs, and social cohesion. The proposition indicates that the battlefield has shifted and information and different types of psychological manipulations can produce tactical or strategic results lacking the need for traditional warfare. The fascinating variable discussed in the article is when state and nonstate actors manipulate information to erode trust in institutions, erode unity in society, and weaken rivals without even firing a shot. For example, Russia has leaned into this type of operation, studying prior conflicts, and technological developments in the social media space.

Journal Entry 11

Nicole Enesse’s video on the cybersecurity analyst role draws attention to multiple social issues common in the cybersecurity realm. One of these is trust, as cybersecurity analysts secure data and systems that people and organizations rely upon for security and privacy. Trust is inherently tied to social behavior when individuals use trusting technology; confidence in a digital system influences the likelihood of disclosing information or social engagement. Another social issue is the interdisciplinary relationship between economics and cybersecurity; financial motivation results in not only cyberattacks but also the motivation to implement security measures. Cybersecurity analysts do risk assessment/analysis, which necessarily requires an understanding of human behavior—how individuals and organizations react to risks, willingness to comply with security policies, and vulnerabilities to manipulation (e.g., phishing scams)—and risk management. Human behavior is also an important part of cybersecurity due to flaws in cybersecurity systems; social engineering takes this to the next level, hackers, and attackers intentionally exploit these psychological and social behaviors to access resources without permission. These create a connection to social science, which supports the understanding that cybersecurity and protecting one’s digital assets is ultimately not solely technology-based, and also understanding and influencing how humans engage.

Journal Entry 12

Analyzing the “SAMPLE DATA BREACH NOTIFICATION” letter through economic and psychological theories demonstrates how the theories explain both the firm’s actions and the likely actions adopted by its affected customers. From an economic perspective, an important part of the dynamic is transaction cost economics. Transaction cost economics explains costs incurred when making transactions (exchanging), including the costs of protecting customers’ sensitive data. In the context of the incident, the company incurred transaction costs associated with bulk notification to customers, implementing cybersecurity measures to minimize potential damage, and coordinating with law enforcement, further transactional costs of doing or continuing business and confidence with their customer base. Depending on the specifics of the breach situation, the company needed to juggle the associated costs of protecting customer data and minimizing breach impact and the benefits of the reasons for requiring security for the platform and possible customer confidence. From a psychological science perspective, considering cognitive dissonance theory helps explain how customers may feel after the notification of the breach. Cognitive dissonance occurs when an individual experiences discomfort from holding competing beliefs or attitudes. A customer may have trusted the company with their data

Journal Entry 13

In the piece “Hacking for Good: Leveraging Hacker One Data to Develop an Economic Model of Bug Bounties,” authors Kiran Sridhar and Ming Ng examine the economic analysis and effectiveness of bug bounty programs (BBP) to compensate ethical hackers, who are security researchers, to uncover bugs or vulnerabilities in a company’s digital infrastructure. Their study uses a large dataset derived from Hacker One to understand some of the contributing factors when considering how many valid bugs an organization will receive as bug reports. The literature review includes a conversation about advocating the theoretical benefits of BBPs, particularly, the way organizations can uncover security vulnerabilities they were previously unaware of, referenced by the idea that “given enough eyeballs, all bugs are shallow.” The use of BBPs leverages a global community of television (or freelancing) researchers who bring diverse skill sets and perspectives to bear. The literature review also featured a discussion of the difficulty in recruiting talent in the cybersecurity space, particularly for small and medium-sized enterprises (SMEs) who may not have the resources to have an in-house security professional. Bug bounty programs provide the opportunity for these organizations to tap into the skills of freelance researchers.

Journal Entry 14

Based on the eleven examples of potentially illegal online activities listed in this article, the five gravest potential violations are unofficial streaming services, torrenting copyrighted material, cyberbullying and trolling, faking a person’s identity online with intent to commit a fraudulent act, and illegal Google searches. Unofficial streaming and torrenting create inequity for content creators by stripping them of their artistic rights and profits, which can put users at risk for malware or loss of their data. Additionally, illegal Google searches surrounding topics such as child exploitation or weapon creation are unjustice, and if reported to authorities by Google or other stakeholders, could result in law enforcement investigations and charges for the user. Engaging in these behaviors is above and beyond casual using the internet and can have the potential for serious ethical, legal, and often loss of personal freedom implications.

Journal Entry 15

After watching Davin Teo’s TEDx talk on digital forensics, I was struck by how his career path exemplifies the intersection between technology and the social sciences. Teo, a Managing Director at Alvarez & Marsal, leads the Forensic Technology team across Asia, bringing over 20 years of experience in digital investigations and electronic discovery. ​What stood out to me was how Teo emphasized the importance of understanding human behavior in digital forensics. He highlighted that digital forensics isn’t solely about technical skills; it also requires a deep comprehension of psychological principles to interpret digital evidence effectively. Teo’s journey illustrates that a background in social sciences can provide valuable insights into the motivations and behaviors behind digital crimes, enhancing the effectiveness of forensic investigations.