Cybersecurity, Technology, and Society

Journal

Entry 1

Why are you interested in cybersecurity technology?

I am interested in cybersecurity technology because technology is becoming, if not already, a part of everyday life. Technology is used in everything from smartphones to smartwatches and automobiles with enough tech in them that you have to take them to the dealership for maintenance because your friendly local neighborhood mechanic does not have the technical background needed to work on these modern automobiles. As someone who has looking to start a second career and whose previous military career was in the field of security and law enforcement, cybersecurity technology is what I am interested in due to my extensive background in security. Throughout the twenty-plus years of my military career, I could see the change in how technology is being used/integrated more and more into security and law enforcement operations. I have seen how the use of Intrusion Detection Systems can enhance security and be an integral part of the operation. For example, cameras at entry control points allow the control center and senior leadership the opportunity the see what is going on and react to situations without having to respond to an area. Also, alarms, sensors, and cameras in some areas can replace an actual person from being posted there continuously, and even the security badges that allow access and entry to areas that once required a guard at an entry control point with a list of authorized personnel.  Now the entry control point and a security guard have been replaced with electronic locks and an access badge, which provides entry to an area that an individual would be authorized to enter.  As I came to the end of my military career, I noticed how technology was incorporated into several different aspects of my career field, from drone support to drone defense (not the big drone aircraft but the small portable ones), and I was interested in pursuing cybersecurity as the subsequent path of an extensive career in security.

Entry 2

Select four other majors offered by ODU and explain how those majors relate to cybersecurity.

Cybersecurity is an of the majors that are offered at Old Dominion University, with there are several different areas of cyber security career field that you can take be a part of.   Additionally, with the change in technology and more items being automated and or connected to the web, cybersecurity is needed in other areas that Old Dominion University offers to major in, like Journalism, Communication, Criminal Justice, and Maritime & Supply Chain Management. Cybersecurity relates to these areas because they all require cybersecurity in some form to help protect the information or systems needed specific to those areas. For example, a Journalism career field will need to protect their articles and the source of their information. Whether the information is stored on the company network or a cloud serves, cyber security is needed to assist in protecting their info. The same can be said for Communications majors for those in the field of Public Relations, like the press secretary for a government official, the protection of highly sensitive and classified information is critical. This type of job will require a work laptop with all types of encryptions and software that require cybersecurity. Maritime & Supply Chain Management has been mentioned along with the nation’s critical infrastructure, and cybersecurity is needed to prevent hackers from changing shipping and supplies destinations or allowing weapons to get into the wrong hands. Finally, Criminal Justice majors like those in law enforcement needed cybersecurity to protect their network but also their files of current cases, cold cases, evidence, and files of cases that were digital that existed before the internet.  As technology becomes integrated into everyday lives like the Internet of Things, cybersecurity is going to be more in demand to protect those systems and personal information these are a few examples of how cybersecurity can relate to other majors offered at Old Dominion University.

Entry 3

Describe four ethical issues that arise when storing electronic information about individuals.

When it comes to storing individuals’ electronic information, there are going to be several ethical issues that arise from the storing of this information. One of the first issues would be privacy and whether or not a company is allowed or has permission to store an individual’s personal private information. However, individuals may offer their information while conducting online shopping or other activities that require them to enter their personal information. In some cases, individuals are not aware that their private information is being kept and stored because the company did not request permission to store their private information. Another issue that arises from the storing of electronic data would be the selling of individuals’ data, is it ethical for a company to sell individuals’ data like Cambridge Analytica who were allegedly that it set up a scheme and obtained data from 90 million unwitting Facebook users for the Trump campaign. Does a company have the right to sell individuals’ data without their permission, and if so, does the individual receive a partial payment? This is like the Name Imagine and Like (NIL) policy that allows college athletes to receive endorsement deals which they could not do so in the past, while the schools and companies like EA sports (with games like NCAA football and basketball throughout the 90s) were making money off of the athletes while the athletes were not getting anything at that time.  An additional issue that has come up would be whose system security, is the systems the data is being stored on secured and able to maintain its security in a world where technology is always changing? That was not the case in Equifax beach.  A hacker exposed a vulnerability in their system and gained access to millions of people’s personal information because the company did not update their security certifications breach. Equifax allowed a security certificate to expire, and a hacker was able to expose the vulnerability in the system to breach their system and gain private data.  The final ethical issue that arises is who is responsible for a breach of personal data, and who is going to be held accountable. Equifax was responsible, and fixed their system vulnerability and settled lawsuits, but there weren’t any fines or penalties from the government. There should be a law or policy for privacy information like the EU’s General Data Protection Regulation which holds companies accountable for situations like Equifax’s.

Entry 4

Compare cybersecurity risks in the U.S. and another country.

The internet has made the world seem smaller as more things are connected. Now, you do have to fly from country to country to conduct face-to-face meetings, it can be done over the internet with several different apps available to use. Hackers operate in the same manner; they don’t have to leave their locations and can attack anywhere in the world while keeping their location and identity anonymous.

Cybersecurity risks are not just local anymore they are international and increased over the years due to the increased use of technology and the integration of technology into our daily lives, from smartphones, homes, and watches to the IoT. Soon, life will be like that car commercial with Kenan Thompson, where he comes home and has a conversation with all his kitchen appliances. However, we are not there yet, although there are several risks the U.S. cybersecurity. The risk the U.S. face are to same risks that other some of the other countries face.  For example, the top cybersecurity risk to the U.S. in 2023 is Ransomware, Misconfigurations, and Unpatched Systems, and Credential Stuffing which is when someone uses stolen credentials from their access user accounts at another organization. These cybersecurity risks to the U.S. are the same top risk to the U.K. in 2023.

There are similar cybersecurity risks that some countries share, and there is some risk that might be exclusive to a specific country, it’s based on the current resource and assets a country has and what the attacker wanted. However, each country may have similar cyber risks, and the manner which they approach that risk is based on their NSS. However, it is also important to communicate and work with other countries and allies when dealing with cyber-attacks because some cyber-attacks are sophisticated like Stuxnet so it will take communicating with other countries, governments, and private agencies to identify the next Stuxnet.  

Entry #5

Use the letters of the word CYBERSECURITY to list legal ways to make money in cybersecurity.

Cybersecurity engineer

Yacht GPS software that is secure

BAE Systems / Senior Cyber Security Engineer

Evaluate / Compliance

Risk management

Security architect

Executive Cyber Leadership

Cyber Operations

Utility company / Network Specialist

Responding to Incidents / Responds to crises to mitigate immediate and potential threats

IT Project Manager / Cyber security or telecom

Technology R&D

Youngsoft – Cybersecurity Governance Analyst

Entry 6

How has cyber technology created opportunities for workplace deviance?

This is a tough question to answer with a straight yes or no.  On the one hand, I would say no, it has nothing to do with creating opportunities for workplace deviance because the use of technology is a tool for people to use, and the user is responsible for how they use it. However, on the other hand, I can see how cyber technology could create opportunities for workplace deviance. For example, an employee gets reprimanded and set home, and they decide the go on a rant on social media about how bad their job is, their supervisors and bosses are useless. The next day that individual gets fired for what they posted on social media. While I was in the military, we had to brief our subordinates to be careful of what they post on social media because it could be used against them, resulting in non-judicial punishment or a court martial. Another example would be the individual that uses cyber technology to constantly IM people, chatting about the game instead of working or constantly asking other co-workers if they want to go out or playing practical jokes like the one when you open it, a siren goes off , your screen is filled with the same repeating message which is also playing on you speakers saying, “You’re watching porn.” So, how has cyber technology created opportunities for workplace deviance? I think it doesn’t create opportunities, it is a tool that makes workplace deviance easier and more convenient to do, but the people are the ones who have a choice to use it or not. Cyber technology didn’t make people choose workplace deviance, they decided to do that on their own. Most organizations have policies and guidance the employees have to follow; if they decide not to follow them, it is their choice.

Entry # 7

What are the costs and benefits of developing cybersecurity programs in business?

Cybersecurity has become more critical today due to the increasing amount of technology incorporated into everyday life. With these increasing technologies like the Internet of Things and more items interconnected to the web, more potential threats come. Businesses need to be able to mitigate these threats with a cybersecurity program. Several costs and benefits come with developing a cybersecurity program in the industry. Considerable benefits come with having a cybersecurity program, such as protection against cyber-attacks, which have increased over the past years. A cybersecurity program provides protection of digital business assets and data and aids in the prevention of attacks such as ransomware. It also improves trust with its clients by knowing that the business is focused on protecting its digital infrastructure. Along with developing a cybersecurity program, the cost of implementation varies based on the needs of the business and how they want to structure the cybersecurity program. For example, if they wish to use an in-house cybersecurity department or, depending on the size of the company, they may outsource their needs to a UTM, which will manage businesses’ cyber security needs through a cloud base system. So, these are some of the decisions that our company has to consider when implementing its cybersecurity program, along with the overall cost of staffing, maintenance, and outsourcing to a cloud-based system or a hybrid system. Additionally, there is also the cost of not having a cybersecurity program which could cost the business more money in losses and fines, if there was a breach and personal private data like the Equifax breach, along with the damage to their reputation, and the loss of trust from the public.  Cybersecurity is crucial today due to the increasing amount of technology incorporated into everyday life and the potential threats that come with it. Businesses need to implement a cybersecurity program to protect their assets and data, maintain the trust of their clients, and prevent potentially devastating financial and reputational losses. Individuals must also protect their personal information and digital identity from cyber-attacks.

Entry #8

How can you tell if your computer is safe?

It is difficult to tell if a computer is safe because of the daily threats we face. It is estimated that there are over 100,000 viruses released each week which adds concern to you’ll start off if your computer is safe. Although it’s difficult to determine if your computer is secure, some things can be done to help mitigate threats to your computer system, such as using antivirus software.  Antivirus software installed on your computer can help detect and remove malware that may harm your system, ensure that your antivirus software is up-to-date, and regularly scan your system for viruses. Additionally, keep the computer’s software updated. Some updates include security patches that can fix vulnerabilities that hackers can exploit. The Equifax data breach was because of an expired certificate, and hackers exploited that vulnerability.  Next, use strong, unique passwords for all your accounts and change them regularly. Using a strong and unique password also includes Wi-Fi access points. Wardrives are attackers who drive around looking for wireless LANs (WLANs) to intercept. Removing your networks from public view will help to keep wardrivers from gaining access to your network. There are firewall protection and VPNs to add to protect your computer. Some vendors now include VPNs and firewalls along with their anti-virus products. Finally, ensure that you back up your data. Regularly backing up your data is a vital step to protect your data from data loss due to malware, hardware failure, or human error. There are several ways to back up your data, like a cloud-based backup service or an external hard drive to store your data. Some vendors like Norton provide backup service as part of their service when you purchase their products. It is difficult to tell if your computer is safe even if it is not on a network, but following the above tips can help you mitigate some risks to your computer that will make it safer than it would be without those tips. However, staying vigilant and aware of the latest threats is crucial to protect your data and privacy from cybercriminals.

Entry #9

Describe three ways that computers have made the world safer and less safe.

Computers have had a significant impact on our lives, making things easier, faster, and more efficient. Here are three ways computers have made the world safer. The thing that comes to my mind when I think of how computers have made the world safer is security.  The use of computer technology to monitor public spaces and detect potential security threats. For example, surveillance cameras and facial recognition software can help law enforcement agencies to prevent crime and identify suspects. Also, Law Enforcement (LE) vehicles have PCs, allowing them to access real-time information instead of calling it in and waiting for a response from dispatch.  Security doesn’t just benefit LE; smartphones, with their videos and social media post, doorbell cameras, and home alarm systems, have made the world safer.  GPS is another way that computer technology has made the world safer. The use of GPS and other location- technologies have made it easier to locate individuals in distress and provide them with prompt assistance. Additionally, GPS, satellites, and drones have made the world safer by being able to identify and take out a target with pinpoint precision, limit casualties and avoid unnecessary losses on a battlefield. However, there are also downsides to the increased use of computers.

The use of computers has also less safe in some ways, like cybersecurity threats. The increased use of computers has also led to a rise in cyber threats such as hacking, phishing, and identity theft. Cybercriminals can exploit vulnerabilities in computer systems to steal sensitive information, bank accounts, credit card numbers, social security numbers, and identity theft. Also, social media has become a place for cyberbullying, harassment, and hate speech. The computer provides anonymity, and the internet has made it easier for individuals to engage in harmful behavior without consequences. Finally, with the rise of automation and artificial intelligence, computers have replaced many workers, leading to job losses and economic uncertainty. Computers are replacing skilled workers/craftsmen with stores like Ikea and their computer-designed modular furniture and this is an issue people are facing.

While computers have made our lives easier and more convenient, they have also created new challenges and risks. The development of new technologies must be accompanied by measures to protect against potential risks, such as cybercrime, cyberbullying, and the replacement of the labor force and skilled workers.

Entry #10

How do engineers make cyber networks safer?

Cybersecurity has become increasingly important as technology continues to improve and cyber threats become more sophisticated. Cyber networks are especially vulnerable to attacks, requiring engineers to take measures to make these networks safer. There are several ways that engineers can make cyber networks safer. First, implement authentication measures: One of the most vital ways to secure a cyber network is through strong authentication measures. Multi-factor authentication requires users to provide multiple forms of identification, such as a password and a biometric scan, before gaining access to the network. This ensures that only authorized personnel can access the system. Encryption is another essential way to protect a cyber network. By encrypting data, engineers can make it much more difficult for cyber attackers to access sensitive information which can only be decrypted by authorized parties with the appropriate decryption key. Next, ensure software and hardware are updated Engineers should regularly update software and hardware to protect cyber networks against the latest threats. The Equifax breach was due to an expired certificate. Updating software and hardware for known vulnerabilities improves overall security, reducing the risk of a cyberattack. Also, Train users because it’s not the job of the engineers to keep the networks safe.  People are the most vulnerable/easy targets for attackers through fishing scams, social engineering, or complacency (using public wi-fi or writing down their password and leaving it in plain view).  Engineers can make cyber networks safer by providing comprehensive training to users. This training should include recognizing potential cyber threats, using the network safely and responsibly, and what to do if they suspect a security breach. Engineers play a crucial role in making cyber networks safer by implementing robust security measures, regularly updating software and hardware, and providing comprehensive training to users. These are a few things they can do to make cyber networks safer. By taking these steps, engineers can help protect against cyber threats and ensure the network remains secure.

Entry #11

What is the overlap between criminal justice and cybercrime? How does this overlap relate to the other disciplines discussed in this class?

The intersection between criminal justice and cybercrime has become ever more important over recent years as more cybercrimes are being committed.  There are some overlaps that are similar, like crimes that can be committed online or physically, like fraud, theft, and harassment. There are several crimes that are specific to cybercrimes, but where it overlaps with criminal justice is that you need that criminology mindset to understand why a crime occurred, what motivated that crime, and if it’s going to happen again, similar to the phrase “Go old fashion police work.” The use of the social science principles of Sociology, Psychology, along Criminal Justice to aid in finding out why a crime occurred and how to prevent it is part of the overlap between criminal justice and cybercrimes. Some cybercrimes should be looked at like you would a physical crime like it is the first time that it happened, the type of victim/s, and if the criminal is working alone or in a group. The social science principles of Criminal Justice, Sociology, and Psychology will help answer those questions as they do for physical crimes. Additionally, the intersection between criminal justice and cybercrime involves the use of tools and techniques to investigate and prosecute cybercrimes. For example, digital forensics is a component in identifying and analyzing electronic evidence in cybercrime cases. This requires specialized training and expertise in digital technology and forensic analysis. Furthermore, the laws that govern cybercrime are constantly evolving. This includes understanding the various international treaties and agreements that address cybercrime and cooperating with law enforcement agencies in other countries to investigate and prosecute cross-border cybercrimes. The intersection between criminal justice and cybercrime highlights the importance of interdisciplinary collaboration in addressing this growing threat. By combining the principles of criminal justice, sociology, psychology, and digital forensics, law enforcement agencies can better understand the motivations behind cybercrimes and develop strategies to prevent future cybercrimes.

Entry 12

How does cyber technology impact interactions between offenders and victims?

Cyber technology has dramatically impacted interactions between offenders and victims, creating new avenues for criminal activity and new challenges for law enforcement. The increase in digital communication platforms, social media, and other online interactions has made it easier for offenders to reach their victims while providing new openings for victims to report crimes and seek help. However, these same technologies have also made it easier for offenders to remain anonymous and avoid detection.

The increase in online harassment, cyberbullying, and other forms of digital abuse is one of the most significant impacts of cyber technology on interactions between offenders and victims. Social media platforms, messaging apps, and other online communication provide offenders with a powerful tool for targeting and tormenting their victims, often with little fear of reprisal or punishment. In some cases, offenders use false identities or anonymous accounts to hide their identities.

However, cyber technology has also provided new opportunities for victims to report crimes and seek help. Online reporting procedures, such as anonymous hotlines and web-based reporting systems, can make it easier for victims to report crimes without fear of retaliation. Social media and other online platforms can raise awareness about criminal activity and connect victims with support groups and other resources. There are commercials that advertise websites for victims and also online mental health resources to help with emotional issues so victims don’t have to feel like they are alone.

Cyber technology has both positive and negative impacts between offenders and victims. While it has enabled new forms of criminal activity and made it easier for offenders to target and harass their victims, it has also provided new opportunities for victims to report crimes and seek help. To address the challenges presented by cyber technology, law enforcement, and other stakeholders must continue to develop innovative approaches and tools for preventing and responding to cybercrime.

Entry 13

How should we approach the development of cyber-policy and -infrastructure given the “short arm” of predictive knowledge?

The development of cyber-policy and infrastructure is a critical aspect of modern governance as the reliance on digital technologies continues to grow. However, one of the key challenges in this area is the “short arm” of predictive knowledge, referring to how fast technology advances and that it overtakes our ability to predict future cyber threats. It is essential to adopt a dynamic and flexible approach to cyber-policy and -infrastructure development. First, a proactive approach should be taken, acknowledging the fast-evolving cyber landscape. We should not solely rely on predictive knowledge, policy and infrastructure should be designed to be scalable. It should allow for updates as new technologies emerge and cyber threats evolve. Secondly, recognizing that cybersecurity is not just a technical issue but also involves legal, economic, social, and ethical aspects. Policymakers, technologists, legal experts, economists, and other stakeholders should work collaboratively to address the complex challenges of cybersecurity. Furthermore, international cooperation and coordination are crucial in addressing cyber threats effectively. Policymakers should engage in international forums, such as the United Nations, to promote standards for cybersecurity. Finally, public commitment and education should be prioritized in cyber-policy and -infrastructure development. The public plays a vital role in ensuring the success of cybersecurity efforts, and their awareness and participation are vital. Educating the public about cyber threats, safe online practices, and the importance of cybersecurity can help build a more cyber-aware society against cyber threats. The development of cyber-policy and -infrastructure should take into account the “short arm” of predictive knowledge by adopting a proactive, multidisciplinary, internationally coordinated, and public-engaged approach. By adopting flexibility, collaboration, and awareness, we can better navigate the rapidly changing cyber landscape and effectively address the challenges posed by cyber threats.

PDF Embedder requires a url attribute