Week 1 – Journal Entry

It is stated that The Workforce Framework for Cybersecurity, commonly referred to as the NICE Framework, is a nationally focused resource to help employers develop their cybersecurity workforce. It establishes a common lexicon that describes cybersecurity work and workers regardless of where or for whom the work is performed (Nice Workforce Framework for Cybersecurity). 

Furthermore, it is broken down into seven different categories: Oversight and governance, design,and development, implementation and operation, Protection and defense, Investigation, Cyber Intelligence, and cyber effects. Each category is broken down into different specialty areas. If I choose which categories I am most interested in, it would be Protection and Defense, in which the work role protects against and identifies and analyzes risks to technology systems or networks. This includes investigating cybersecurity events or crimes related to technology and networks. Another category that draws my attention is investigation. This work role conducts national cybersecurity and cybercrime investigations, including collecting, managing, and analyzing digital evidence(Nice Workforce Framework for Cybersecurity).

I am also interested in oversight and governance. This work role provides leadership, management, direction, and advocacy so the organization can effectively manage cybersecurity-related risks to the enterprise and conduct cybersecurity work (Nice Workforce Framework for Cybersecurity). As I mentioned above, each category is broken down into different specialties. One specialty that stuck out the most in this category was cybersecurity instruction because it is responsible for developing and conducting cybersecurity awareness, training, and education (Nice Workforce Framework for Cybersecurity). I believe that this career is one of the most critical careers because many people are not aware how just clicking one link can give an intruder all the access in the world to the company just because they choose to open and download a file with the click of a mouse.

Although I did show interest in a couple of different categories, one was one that I was really not interested in. This category was design and development, and their work role was to conduct research, conceptualize, design, develop, and test secure technology systems, including on perimeter and cloud-based networks (Nice Workforce Framework for Cybersecurity). After looking further into this category at each specialty, I could not find a work role that would make me want to continue to stay in that role for an extended period. If I were to choose something, It would have to be something I would like to do for the rest of my life. They say if you do something you love, you will never work a day.

Work Cited

Nice Workforce Framework for Cybersecurity (NICE framework). National Initiative for Cybersecurity Careers and Studies. (n.d.). https://niccs.cisa.gov/workforce-development/nice-framework  

Week 2 – Journal Entry

The scientific principle is broken down into seven different concepts, which are as follows: Relativism, Objectivity, Parsimony, Empiricism, Skepticism, ethical neutrality, and Determinism, In which relativism can be understood to mean that all things are related. (CYSE201S (Module 2) Principles of Social Sciences and Cybersecurity, n.d.-a) For example, the advancement of technology could lead to more cyber-attacks in the future, which will result in crime.

In addition, Objectivity refers to the way that scientists study topics in a value-free manner. Science does not exist to promote an opinion or a point of view. (CYSE201S (Module 2) Principles of Social Sciences and Cybersecurity, n.d.-a). For instance, a lot of data and sensitive information is being leaked onto the internet due to them being hacked. Just because a company sees another company hacking and leaking their important data online does not mean they should do it back.

Furthermore, parsimony means that scientists should keep their levels of explanation as simple as possible (CYSE201S (Module 2) Principles of Social Sciences and Cybersecurity, n.d.-a), Meaning that if someone were to create a complex security system, it would be harder for them to understand, control, and resolve if there was a problem to arise within the system. Empiricism means that social scientists can only study behavior that is real to the senses (e.g., we can touch, see, taste, hear, or smell it) (CYSE201S (Module 2) Principles of Social Sciences and Cybersecurity, n.d.-a). For instance, one way this is related to cybersecurity is through sight because when a hack has taken place, it is seen through their senses.

Furthermore, Ethical neutrality refers to the fact that scientists must adhere to ethical standards when they conduct their research (CYSE201S (Module 2) Principles of Social Sciences and Cybersecurity, n.d.-a). For example, Cybersecurity personnel work with a lot of sensitive data from small companies to major corporations, which is, for the most part, confidential. So, if they were to leak the data, it could lead to severe consequences, such as jail, prison, or even treason.

In addition, Determinism as a principle of science means that behavior is caused, determined, or influenced by preceding events. (CYSE201S (Module 2) Principles of Social Sciences and Cybersecurity, n.d.-a). So, if a child grew up watching his brother hack numerous financial institutions and steal people’s money while teaching the younger. In that case, the younger brother might also start hacking different financial institutions.

 Lastly, Skepticism is the principle that all claims should be questioned and critically examined rather than accepted at face value (CYSE201S (Module 2) Principles of Social Sciences and Cybersecurity, n.d.-a). For instance, if someone created a company with a new network and said it was impossible to penetrate, there is no need to run a test. Just because they told you their network was impenetrable does not mean you should try to hack it because they could have overlooked one small detail that a hacker did not.

Work Cited

CYSE201S (Module 2) Principles of Social Sciences and Cybersecurity. (n.d.-a). Reading.

Week 3 – Journal Entry

The International Business Machine Corporation, also known as IBM States, that A data breach is any security incident in which unauthorized parties access sensitive or confidential information, including personal data (Social Security numbers, bank account numbers, healthcare data) and corporate data (customer records, intellectual property, financial information) (Kosinski, 2024). This company has made inroads in advanced computer chips, quantum computing artificial intelligence, and data infrastructure (Kosinski, 2024). They are one of the largest IT companies in the world, operating in over 170, and it has been known that this company has been hacked multiple times. That goes to show that anyone can be hacked.
For instance, Privacyrights.org has reported that the last known data was on January 16, 2025. 72,361 data breach notifications were tracked, 8.16 billion individuals were affected, and 25,725 breach notifications were reviewed (Data Breach Chronology). As stated above, a data breach can leak access to sensitive or confidential information, including personal data (Social Security numbers, bank account numbers, healthcare data) and corporate data (customer records, intellectual property, financial information) (Data Breach Chronology). The website privacyright.org not only shows the last known data breach but also shows numerous other things.
For instance, this website has information from data breaches that have taken place from 2005 until now. This information shows the date the breach happened, the organization that was breached, the breach type, the total affected, the residents affected, the breach location, and the source. The researcher would best be able to utilize this information on the type of organization affected and the method of breach. The organization types include BSF (Financial Services Business): banks, credit unions, investment firms, and insurance carriers. BSO (Other Business): Technology companies, manufacturers, utilities, and professional services. BSR (Retail business): Physical and online retail merchants. EDU (Educational Institutions). GOV (Government and Military): Public administration, government agencies. MED (Healthcare Providers): Hospitals, clinics, HIPPA-covered entities, and lastly, NGO (nonprofits): Charities, advocacy groups, and religious organizations (Data Breach Chronology). 

Lastly, these breach types include Card: Physical payment card compromises (skimming devices, POS tampering). Hack: External cyber-attacks (Malware, ransomware, network intrusions). INSD:  Internal threats from authorized users. PHYS: physical document theft or loss. Port: Portable device breaches (laptops, phones, tablets). STAT: Stationary device breaches (Desktops, servers) and Disc: Unintended disclosers (misconfiguration accidents) (Data Breach Chronology). With this information, which organization is most likely to get attached, and which breach would most likely occur. 

Work Cited

Data Breach Chronology. Data Breach Chronology | Privacy Rights Clearinghouse. (n.d.). https://privacyrights.org/data-breaches 

Kosinski, M. (2024, December 19). What is a data breach?. IBM. https://www.ibm.com/think/topics/data-breach 

Week 4 – Journal Entry

Maslow’s hierarchy of needs, proposed by Abraham Maslow, presents a framework suggesting that human motivation stems from a hierarchy of five fundamental categories: physiological, safety, love, esteem, and self-actualization. The theory posits that as individuals progress through these needs, they experience a greater sense of fulfillment and motivation (Hopper, 2024). 

That said, Technology plays a notable role in helping us achieve every level by just having our cell phones in our phones and access to the internet. However, if that individual were to lose themself with the advancement of Technology, they would instantly be able to locate the device with things such as Find my iPhone or Google Find My Device; in addition to that, they are also able to lock their device and wipe their phone of all their sensitive date with a push of a button. For instance, when I was stationed in Washington, DC, I lost my phone, and thanks to the advancement of Technology, I could lock my phone and track it down to its new location. This right here helps with security and safety.

In addition, with just having that cell phone in their hand or even a computer, they can stay in contact with numerous friends, family members, and coworkers, thanks to apps and websites such as Myspace, Facebook, Instagram, YouTube, vine, and even LinkedIn. This helps bring belongingness and love needs. 

Furthermore, these different platforms allow anyone and everyone to express themselves creatively and organically, which allows them to grow a strong online reputation. This will allow people to follow their journey and help them build self-esteem while accomplishing and crushing goals.

Lastly, YouTube and numerous apps, such as Preply, are some of the biggest platforms that help with self-actualization needs. These YouTube channels and apps can help further your professional development and continuously teach you new skills, such as changing your car oil, cooking, writing a resume, and developing your career path. The list goes on and on. I am saying this because I am a living, walking testament to all the things discussed above that happened to me in life.

Workcited

Hopper, E. (2024, May 14). Maslow’s hierarchy of needs explained. ThoughtCo. https://www.thoughtco.com/maslows-hierarchy-of-needs-4582571  

Week 5 – Journal Entry

It is stated that Cybercrime is any illegal activity carried out using computers or the internet (Cybercrime,n.d). They operate worldwide, motivated by money, personal gain, and sometimes politics (Cybercrime,n.d). As I was reviewing these seven articles, I noticed different motives for each article, for which I have ranked which one makes the most sense to the least. First, there are multiple reasons to be ranked number 1 because it could be all the other motives, such as political, money, revenge, recognition, entertainment, and even boredom.

Secondly, there are political reasons because we all know politicians are willing to have an advantage over the person they are running up against. If they can do that by hacking their computers to get sensitive information on the two releases to the public, such as blackmail, or by making them pull out, they will.

Thirdly is money, because everyone wants money, even politicians, major corporations, or even us as people. Some people are willing to do anything to get it, even if it means a life of crime, while others are willing to stay on the straight and narrow.

Fourth is revenge because maybe that politician you exposed has ruined their life, so now they are trying to do the same to you. Alternatively, even if the company information you stole caused the company to go under, the only thing on their mind is how you ruined their life, and now they want to seek revenge in every way possible.

Fifth is recognition; in this day and age, mainly due to social media, everyone wants to be recognized, especially hackers, when someone else takes credit for what they are doing, so that is why they make up Alis or nicknames to get that recognition.

Sixth is entertainment; they might just be bored of hacking someone’s Myspace or Facebook account, so now they are seeking something more entertaining, such as hacking the CIA website, because it would be more challenging and bring excitement to their life to cure the boredom, they are receiving from doing small time hacks.

Last but not least, boredom is one of the least motivated reasons to commit a cybercrime, especially without a rhyme or reason. As seen above everyone has a different motive for the things they are doing in life, and some might find there reason to make more sense then the other, but at the end of the day it is still wrong.

Work Cited

Cybercrime. ICE. (n.d.). https://www.ice.gov/about-ice/hsi/investigate/cybercrime#:~:text=Cyber%20criminals%20operate%20all%20around,gain%20and%20sometimes%20even%20politics. 

Week 6 – Journal Entry

It is stated in this week’s PowerPoint that Experts have noted that “Internet deception is most perilous when the deceiver has constructed an environment (e.g., website) that engenders trust and assurance in the relationship between the consumer and the deceiver” and “A high level of trust makes the consumers less sensitive to risk considerations.” (Grazioli and Sirkka L. Jarvenpaa, 2000). Over the years, hackers have created and used fake websites to place viruses on your computer, steal sensitive data, or steal money from the individual. With that being said, the best way for a person to notice this is to look for correct spelling in the URL, poor website design, outdated features on the website, excessive pop up offering free prizes in order to steal card information or even asking you to download a file. When searching the web for fake websites, I came across the following listed below. The image on the left is the fake PayPal account, where hackers use social engineering to create a fake PayPal website to steal a person’s username and password. Usually, these fake emails are sent in email form, but lately, they have also been sent via text. As seen below, the actual website has a real PayPal URL address, while in the fake one, the URL is a completely spell.

PayPal Fake Website Example

For the second image, below is the fake Apple customer service website. This website uses SEO poising techniques to manipulate search engine reports. For instance, on the Google results pages for keywords like “iPhone not charging,” l will lead Apple consumers to click on the link with little thought of it being a fake. The hackers do this to convince the upset Apple consumer to call the fake customer support number to be assisted to steal card information or convince them to buy services or products that are not needed. If you look closely at the image, the URL is incorrect URL, and the Apple web design is wrong, although it looks a little like the original Apple website

Apple Fake Website Example

A third fraudulent website that looked real was the Netflix images posted below. With this scam, the hacker usually sends a fake Netflix email stating they could not validate the user’s billing information. If you look closely, there is no sender’s email address. In addition, it also states that it is a suspicious notification. In addition, if they did click on the link, they will be sent to another suspicious website where it asks them for their username and password. As I stated before, the URL is entirely wrong.

A screenshot of a netflix subscription Description automatically generated
A screenshot of a computer Description automatically generated

Week 7 – Journal Entry

Photo #17

A person sitting at a table with a computer Description automatically generatedThis meme relates to Human Center Cybersecurity because Human Center Cybersecurity understands that we are one of the most vulnerable regarding security, so they want to make it easier to understand and highly effective to individuals on all levels. With him being in a café his laptop has a VPN installed when he connects to outside networks

Photo #3

person using macbook pro on white table This is another image of a gentleman utilizing a VPN; it automatically connects to a VPN when he is utilizing an untrusted network, which makes it people-friendly because it connects automatically. A VPN helps simplify secure work, protect people in public, enhance privacy, and reduce tracking.

Photo #9

person holding iPhone Lastly, this image shows the auto-lock feature that most phones utilize nowadays. Usually, when a phone is left by itself, the auto lock automatically locks a person’s phone when it is left unattended for the set time of either 30 seconds, 1 minute, 2 minutes, etc. This helps me minimize human error, such as forgetting to lock their phones. This also helps reduce the risk of having sensitive information stolen

Week 8 – Journal Entry

Bruce Schneier once said, “Hollywood portrays hackers as either heroes or villains, rarely showing the complexity of real-world cybersecurity. When it comes to social media, movies, or even the news, they can have a significant impact on an individual life. With that being said, the media can have both a positive and negative influence on cybersecurity. For instance, the media, social media, and even movies can promote awareness by informing everyone about threatening cybersecurity breaches, data breaches, and hacking incidents that have taken place. In addition, that can encourage people to use multi-factor authentication, stronger passwords, and avoid suspicious emails. Although these are a few positive influences, there are also negative influences, such as putting out misinformation. Alternatively, even blaming the wrong individuals. Lastly, the media also tend to exaggerate some cyber-attacks that take place, which causes people to panic. For instance, back in 2021, a ransomware took place on the Colonial Pipeline by the hacker group Darkside. When the news spread like wildfire, it caused everyone in the United States to panic, which caused gas prices to increase, and people to panic buy. Which caused multiple gas stations to run out of gas. If the news had not exaggerated what had occurred, it would not have caused people to panic and start to stockpile gas like it was the end of the world. So, personally, the media has a negative and positive influence.

Week 9 – Journal Entry

Social Media Disorder (SMD) is a nine-item scale that measures problematic social media use, which includes preoccupation, Tolerance, Withdrawal, Persistence, Displacement, Problems, Deception, Escape, and Conflict. These questions are based on the past 12 months, in which you add up the number of yes answers. A score of 1 or lower indicates normative social media usage, 2-5 indicates risky usage and 6-9 indicates problematic usage. After completing the assessment, I scored a 0-9, and the reason for that is that I rarely use social media due to the negative influences, time consumption, false information, and painting a false narrative. If I had taken this assessment back in media or high school, I would have scored between 2-5 in the middle.

This assessment can vary depending on an individual’s culture or where they live in the world. Some countries, such as China, North Korea, Iran, Cuba, and Brazil, impose strict limitations or prohibit access to social media platforms. In addition, there are some places and people who have limited or no access at all to technology, the internet, or even electricity. With that being said, there score would be much lower than those who does have access to these items.

This is a fantastic assessment, especially for those who think that their kids, family members, friends, or even themselves rely heavily on social media.

Week 10 – Journal Entry

Social Media Disorder (SMD) is a nine-item scale that measures problematic social media use, which includes preoccupation, Tolerance, Withdrawal, Persistence, Displacement, Problems, Deception, Escape, and Conflict. These questions are based on the past 12 months, in which you add up the number of yes answers. A score of 1 or lower indicates normative social media usage, 2-5 indicates risky usage and 6-9 indicates problematic usage. After completing the assessment, I scored a 0-9, and the reason for that is that I rarely use social media due to the negative influences, time consumption, false information, and painting a false narrative. If I had taken this assessment back in media or high school, I would have scored between 2-5 in the middle.

This assessment can vary depending on an individual’s culture or where they live in the world. Some countries, such as China, North Korea, Iran, Cuba, and Brazil, impose strict limitations or prohibit access to social media platforms. In addition, there are some places and people who have limited or no access at all to technology, the internet, or even electricity. With that being said, there score would be much lower than those who does have access to these items.

This is a fantastic assessment, especially for those who think that their kids, family members, friends, or even themselves rely heavily on social media.

Week 11 – Journal Entry 10

Social Cybersecurity An Emerging National Security Requirement is written by both Lt. Col. David M. Beskow and  U.S. Army Kathleen M. Carley, PhD This article states that Social cybersecurity is a newly developing area of focus subdomain of national security that will influence every tier of future military operations.”, shaping the dynamics of both conventional and irregular warfare, leading to significant strategic outcomes.” (Beskow, D. M., & Carley, K. M, 2019). Social cybersecurity “is a developing scientific field dedicated to the focused on the science to characterize, understand, and forecast cyber-mediated changes in human behavior, social, cultural, and political outcomes, and to build the cyber-infrastructure needed for society to persist in its essential character in a cyber-mediated information environment under changing conditions, actual or imminent social cyber-threats(Beskow, D. M., & Carley, K. M, 2019). The advancement of technology is one of the keys that allowed both state and non-state to influence the worldwide discussion, changing the dynamics of warfare across tactical, operational, and tactical domains (Beskow, D. M., & Carley, K. M, 2019).

In addition, they also discussed traditional cybersecurity. Traditional cybersecurity involves humans using technology to “hack” technology, while social cybersecurity involves using technology to “hack” other humans. With that being said, with the advancement of technology, there are trying to understand how the DOD and our military leaders can protect our or national security because it influences both traditional military operations and irregular tactics, with significant implications for national security strategy.” I can say that while serving in the military, they do need to focus more on technological warfare because, yes, we all make mistakes such as leaving our computers unlocked while going to the restroom, leaving our CAC card out in the open, or even losing our wallets with our CAC card in it, even logging on to someone else unsecured wifi. All it takes is someone with a high clearance level to have one of these things happen, and it could impact the government because who knows what credentials and sensitive information that person has had stolen.

Work Cite

Beskow, D. M., & Carley, K. M. (2019, March). Social Cybersecurity an emerging national security requirement. Army University Press. https://www.armyupress.army.mil/Journals/Military-Review/English-Edition-Archives/Mar-Apr-2019/117-Cybersecurity/b

Week 11 – Journal Entry 11

It is stated that a cybersecurity analyst must protect an organization’s or company’s data from outside cyber-attacks on their system by constantly monitoring their networks for potential weaknesses and placing protective measures in place. In addition, their key social themes, such as trust and responsibility, are the main focus of their social theme due to them being responsible for safeguarding everyone’s data. Also, they must have a high social awareness and be able to adapt to future cyber-attacks due to their constantly evolving. That is why continuous education helps promote a culture of digital responsibility and awareness. Which is why I stated they must be fully alert and able to adapt. With these jobs handling sensitive data, they must consistently uphold high ethical standards and display integrity and ethical judgment through their decisions. Lastly, Nicole Enesse also discussed numerous job opportunities in cyber security, which are constantly growing, show an increase in dependence on technology, and emphasize the vital need for talented professionals to safeguard our digital future. 

Week 12 – Journal Entry 12

In the world that we live in today, there is theory after theory after theory. Richard Feynman once said: It does not matter how beautiful your theory is; it does not matter how smart you are. If it does not agree with the experiment, it is wrong. In which Economic Theory is defined as the study that aims to develop methods to meet the basic human needs of everyone and contribute to resolving conflicts of interest without violence, ultimately promoting general welfare and peaceful transformation of conflicts in society (Economic theory) and social science theory is a systematic explanation that relates to a specific aspect of life, providing a viewpoint or perspective that helps understand observed facts and laws within the social sciences domain (Social science theory). After reading the document, I discussed a data breach that involved people buying products from a website called glasswasherpart.com. This incident occurred in 2016 from February through December, allowing the hackers to access the customer card payment that was on file. The hackers accessed the company server and gained sensitive information such as the customer’s name, address, and card numbers. With that being said, if we look at this from an economic point of view, consumers will no longer trust that company, which will cause a financial loss to the company. In addition, looking at it from an asocial science standpoint, it would cause people to be suspicious of numerous different digital platforms

Work Cites

Economic theory. Economic Theory – an overview | ScienceDirect Topics. (n.d.). https://www.sciencedirect.com/topics/social-sciences/economic-theory 

Social science theory. Social Science Theory – an overview | ScienceDirect Topics. (n.d.). https://www.sciencedirect.com/topics/social-sciences/social-science-theory#:~:text=A%20social%20science%20theory%20is,within%20the%20social%20sciences%20domain. 

Week 12 – Journal Entry 13

This article discussed how many firms remain cautious to get involved with ethical hackers, especially in the absence of vulnerability disclosure policies (VDPs) (Sridhar and Ng,2021). The policy gap created a unsettling result where researchers are hesitant to report bugs due to legal risks. This is an issue directly addressed by new government mandates, such as the Department of Homeland Security’s directive requiring federal agencies to implement VDPs (Sridhar and Ng,2021). These policy references provided a strong framework for understanding the developing legitimacy of bug bounty programs. The author was able to policy shifts to broader changes in corporate and governmental attitudes toward cybersecurity, making a considerable case for the standardization of these programs.

Work Cite

Sridhar, K., & Ng, M. (2021, March 12). Hacking for good: Leveraging HackerOne data to develop an economic model of Bug Bounties. academic oup. https://academic.oup.com/cybersecurity 

Week 13 – Journal Entry 14

Hannelius once said, “Illegal downloading, digital cheating, and cutting and pasting other people’s stuff may be easy, but that does not make those activities right.” This article discusses numerous illegal online behaviors, and the five that stood out most to me were Legal liabilities and questionable ethical implications. The first was torrenting copyrighted content because it unlawfully uses protected content, preventing the designers and businesses from obtaining the compensation they owed. Secondly, accessing or streaming content from unofficial or pirated websites. It is illegal and inhibits allowing the individual accessing the pirated website to be attacked by malware and online scams. In addition, it has been reported that Pirated video material gets over 230 billion views yearly ( Spajic,2024). Thirdly, if an individual decides to share copyrighted photos without permission, whether on social media such as Facebook, Instagram, TikTok, or Tik, the person can end up in a lawsuit and copyright infringement. Fourthly, in a record, phone calls without the other person knowing can violate the wiretapping law(Legal Information Institute). Lastly, stealing individual Wi-Fi without knowing it is also considered theft of services and is prosecuted under cyber security law. With that being said,  these violations are severe, not only because they can put an individual in legal trouble but also because they invade people’s privacy, their ownership, and online activities

Work cite

Legal Information Institute. (n.d.). Wiretapping. Legal Information Institute. https://www.law.cornell.edu/wex/wiretapping 

Spajic, D. J. (2024, February 6). Piracy is back: Piracy statistics for 2025. DataProt. https://dataprot.net/statistics/piracy-statistics 

Week 15 – Journal Entry 15

After watching the YouTube video on TED Talk about “Davin Teo, Digitial forensics, I learned that that Digital forensics is the process of collecting and analyzing digital evidence in a way that maintains its integrity and admissibility in court(Badman, 2025). With that being said, some of the reasons it relates to social science because there is also a connection between psychology, sociology, human behavior, and social patterns. Mr. Davin, study why people commit cybercrimes, and not just how they are able to do it. His path leading up to where he is now resonates with me because it shows abilities such as sympathy, ethic, and understand people behavior are equally as important as technical skills in cyber security.

Work cite

Badman, A. (2025, April 15). What is digital forensics?. IBM. https://www.ibm.com/think/topics/digital-forensics