Journal Entries
Journal Entry 1:
Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas would appeal the most to you and which would appeal the least.
I am particularly interested in pursuing a career in security and defense, since these professions allow me to directly defend systems and networks. Incident response, vulnerability analysis, and digital forensics are particularly appealing roles since they require actively managing risks, assessing threats, and reacting to cyber events in order to secure vital infrastructure. These topics correspond to my attraction to hands-on problem solving and my ambition to have an immediate influence on cybersecurity. I am less interested in oversight and governance responsibilities, such as cybersecurity policy formulation or program management, because they are more administrative and need less direct technical involvement. While they are important, I am drawn to the more dynamic and analytical parts of cybersecurity.
Journal Entry 2:
Explain how the principles of science [Empiricism, Determinism, Parsimony, Objectivity etc.,] relate to cybersecurity?
Empiricism, determinism, parsimony, objectivity, and skepticism are examples of principles of science that relate to cybersecurity. Empiricism encourages the use of real data and visible facts to ensure that cybersecurity choices and research are evidence-based. Determinism improves understanding of how previous actions or vulnerabilities impact future security threats. Parsimony promotes simple, effective solutions that reduce excessive complexity in security designs. Objectivity offers unbiased research, which is critical in analyzing cybersecurity dangers free of personal or social bias. Finally, skepticism encourages ongoing questioning of existing procedures and structures in order to assess their performance, resulting in improved defense methods. These principles support the creation of beneficial and evidence-based cybersecurity policy.
Journal Entry 3:
Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches? Enter a paragraph in your journal.
Researchers may use data from PrivacyRights.org to investigate data breaches by examining patterns, speed, and influence across businesses and states. The interactive maps and graphs reveal important data on breach locations, types of breach (such as hacking or device theft), and affected industries such as as healthcare and financial services. Despite the difficulty in determining the actual location of breaches due to not enough reporting, the data enables for statistical analysis over time, helping researchers in identifying trends and places most vulnerable to breaches. In addition, by evaluating breach notifications and classifications, researchers may investigate how effectively businesses follow breach reporting regulations and identify holes in public access to breach information across states.
Journal Entry 4:
Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need.
My experiences with technology are strongly related to Maslow’s Hierarchy of Needs. Apps that monitor calories, physical activity, and sleep help technology meet basic physiological demands. Multi-factor authentication and other cybersecurity solutions safeguard my privacy and data for safety. Maintaining relationships with friends and family through social media sites like Instagram and TikTok satisfies the social level. Acknowledgment on social media, like getting followers or comments on my posts, meets the needs of self-esteem. Lastly, self-actualization can be satisfied through online learning environments that help me to gain new artificial intelligence and cybersecurity abilities. In order to address these demands and maximize personal development, technology is essential.
Journal Entry 5:
Review the articles linked with each individual motive in the presentation page or Slide #4. Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7). Explain why you rank each motive the way you rank it.
These motives depend on the attacker and type of attack but I believe this is the best order from makes the most sense to makes the least sense. For money is the most sensible (1) because financial gain drives many cybercrimes. Revenge comes next (2) due to personal motives like image-based abuse causing real harm. Political is third (3) because hacktivists expose surveillance or disrupt political processes. Recognition ranks fourth (4) as some hackers seek fame, like the DDoS attacker craving attention. Multiple reasons (5) follow since many crimes combine motives. Entertainment (6) is less logical but still drives some, like those hacking “for fun.” Lastly, boredom (7) makes the least sense because serious cybercrimes typically require more intent than mere idleness.
Journal Entry 6:
Can you spot three fake websites? [Refer Online Security Blogs, Public Awareness Sites, Academic Resources etc., and cite the source].
Compare the three fake websites to three real websites and highlight the features that identify them as fraudulent.
Protecting personal information requires being able to recognize fraudulent websites. Although they differ somewhat, fake websites frequently imitate authentic ones. For instance, “amaz0n.com” is a fake version of “amazon.com” that uses a typosquatting technique, in which the letter “o” is substituted with a zero. In a similar vein, “paypal-secure.com” pretends to be a genuine PayPal website but adds the word “secure” in an attempt to win users over, while the actual website is still “paypal.com”. Character and domain changes are another typical tactic. For example, “g00gle.net” instead of “google.com” has zeros in place of the letter “o,” and the name changes from “.com” to “.net,” both of which are signs of phishing attempts. Always check URLs for minor changes before entering critical information to be secure.
Reference:
https://www.digicert.com/blog/how-to-identify-fake-websites?utm_source=chatgpt.com
Journal Entry 7:
Review the following photos through a human-centered cybersecurity framework. Create a meme for your favorite three, explaining what is going on in the individual’s or individuals’ mind(s).
I chose photos 5,9, and 12. I tried to copy the image into this text post but the formatting showed an error.
Photo #5
“When the whole squad uses ‘Password123’ and it actually works”
The human tendency to put convenience ahead of security is reflected in this meme. Because weak, simple passwords are simpler to remember, people frequently use them again. In order to balance security and usability, a human-centered cybersecurity strategy would advise businesses to use password management software, multi-factor authentication (MFA), and authentication without a password.
Photo #9
“Me trying ‘0000’ before actually typing my real passcode… just in case I’m a genius hacker.”
This demonstrates security carelessness and predictable user behavior. Although attackers depend on these predictable options, many people believe that their basic passcodes are impossible for others to figure out. To lessen the stress of memorizing, a human-centered strategy would encourage the use of context-aware security or biometric authentication in addition to educating people about strong passcodes.
Photo #12
“When you realize the ‘secure system’ you built can be hacked by someone guessing ‘admin’ as the username and password.”
This highlights the disconnect between technical security measures and human control in the real world. Because they assume users to adhere to security best practices, developers and IT teams occasionally fail to notice fundamental vulnerabilities. Secure defaults, easy-to-use authentication procedures, and frequent security audits to identify such mistakes before they become vulnerabilities are all encouraged by a human-centered approach.
Journal Entry 8:
Watch this video and pay attention to the way that movies distort hackers.Hacker Rates 12 Hacking Scenes In Movies And TV | How Real Is It? – YouTubeLinks to an external site.
- After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity
The way hacking is portrayed in movies and television shows is often exaggerated, which influences viewers’ perceptions about cybersecurity. In numerous scenes, hackers write frantically, causing green code to pop up on the screen, quickly compromising systems. However, in real life, hacking requires time, trial and error, and research. Typing quickly and utilizing slick visuals are not enough. While some films do a good job at social engineering, they frequently make it seem too simple or overly dramatic. People may get wrong impressions about how cybersecurity threats operate as a result of this. It may also cause them to undervalue actual dangers. People could take cybersecurity more seriously and choose better online safety options if media portrayals of hacking were more realistic.
Journal Entry 9:
Social media and cybersecurityLinks to an external site.
Complete the Social Media Disorder scale Download Social Media Disorder scale.
How did you score?
What do you think about the items in the scale?
Why do you think that different patterns are found across the world?
I took the SMD scale test and scored a 4, which means my social media use is in the “risky” range. I was not too surprised. I catch myself thinking about social media a lot, and sometimes I use it to escape stress. There have been times when I ignored other activities just to keep scrolling.
The questions in the scale made me reflect on how much time I spend online. While social media helps me stay connected, it can also be distracting. I know different cultures and lifestyles influence how people use it, which explains why patterns vary worldwide.
Looking at my habits, I want to be more mindful. Setting small limits and using social media with more intention might help me create a better balance.
Journal Entry 10:
Read this and write a entry summarizing your response to the article on social cybersecurity
The social cybersecurity article provides detailed analysis to the evolving security environment in our modern digital era. It makes clear how important technology is in enabling threat actors to take advantage of the decentralized structure of information flow. The threat actors engineer the information to cause societies as fragmented, institutions as disbelieved, and destabilized through the tactics of misinformation, bots, and manipulation of the network. The adversaries are then are able to disintegrate social cohesion even in the absence of physical proximity.
The article introduces the BEND model, which stands for bend, exploit, neutralize, and dominate. This model effectively illustrates how manipulation in cyberspace can weaken societal values and influence perceptions. It also draws attention to the vulnerabilities of open societies that prioritize free speech, making them more susceptible to disinformation campaigns. With the internet having shifted information control from the mainstream media to social media, fact-checking and combating disinformation has also become very important. This environment gives opponents the means to disseminate misinformation quickly and increase their reach.
In addition, the article addresses the role of artificial intelligence and bots in information operations. The tools are utilized to rapidly spread propaganda, quiet opposition, and shape social networks with minimal human monitoring. Because of the privacy of the internet and the use of automation, it is challenging to track the origin of attacks, which helps criminals evade detection.
The article persuasively highlights the need for social cybersecurity policies to protect open societies from damage. It maintains that political and military leaders are forced to respond to the dangers of information warfare on the internet and maintain the trust of the public. This requires a multidisciplinary approach, including raising public awareness and creating adaptive policies.
Overall, the article makes a compelling case for social cybersecurity in today’s information-driven society. The article is well in line with the perspectives contained in the preceding reading, stressing the importance of knowing how to undermine trust as well as to influence behavior with cyber activities. The value of a defensive approach against social cyberthreats while maintaining social integrity is the main topic of this reading.
Journal Entry 11:
Watch this videoLinks to an external site.. As you watch the videohttps://www.youtube.com/watch?v=iYtmuHbhmS0Links to an external site., think about how the description of the cybersecurity analyst job relates to social behaviors.
Write a paragraph describing social themes that arise in the presentation.
A lot of social aspects that show the interaction between cybersecurity and human behavior come to light in the video about the job of a cybersecurity analyst. One major issue is the necessity of cooperation between different teams, demonstrating how social contact and cooperation are crucial in countering cyberthreats. Cybersecurity analysts must effectively explain complicated technical topics to stakeholders who are not technical, emphasizing the value of interpersonal skills in connecting departmental differences. The video also highlights how human behavior is important for security, especially when it comes to analyzing user behavior and spotting dangerous activity patterns like phishing assaults that prey on trust. Employees at all levels must share responsibility for protecting digital assets, which is another clear indication of the necessity for a collective, cautious culture. The idea that cybersecurity is not only a technological problem but also one that calls for community-wide cooperation and an awareness of human characteristics that could result in vulnerabilities is reflected in this.
Journal Entry 12:
Read this https://dojmt.gov/wp-content/uploads/Glasswasherparts.com_.pdfLinks to an external site. sample breach letter “SAMPLE DATA BREACH NOTIFICATION” and describe how two different economics theories and two different social sciences theories relate to the letter.
In terms of economics, rational choice theory argues that people and organizations choose what will benefit them the most at the lowest cost. Because it was more convenient or less expensive, Glasswasherparts.com probably decided to employ an outside platform provider in this instance, which allowed them to save money and run more effectively. Even the choice to wait to inform consumers about the breach might be justified as a way to cooperate with law authorities and prevent panic or damage to reputation. On the other hand, Marxian economic theory emphasizes how, in order to preserve control and make money, individuals in positions of power frequently take advantage of those who lack them, like consumers. This idea relates to the breach since the business and its platform supplier profited financially from consumer transactions while poorly protecting client data. Customers are therefore left to handle the consequences, which include deactivating cards, keeping an eye on accounts, and being concerned about identity theft.
From a social science perspective, conflict theory argues that groups in society fight for resources and power, and that these conflicts frequently result in inequity. In this instance, the hack exposes how businesses put profit and control ahead of client protection, demonstrating an obvious gap between the company’s strength and the vulnerability of each individual customer. In contrast, structural functionalism sees society as a network of interconnected components that cooperate to preserve stability and order. When a single part of the system malfunctions, such as when a company fails to secure consumer data, it causes disruption that impacts the entire system. The breach interfered with the regular operation of consumer-business trust. It is possible to interpret the notice letter as an attempt to regain customer trust and restore order, both of which are necessary for the marketplace to run properly. When taken as a whole, these ideas help in explaining not only the possible cause of the breach but also its effects on both people and society as a whole.
Journal Entry 13:
A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company’s cyber infrastructure. To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using their penetration testing skills. The policies relate to economics in that they are based on cost/benefits principles. Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=trueLinks to an external site. and write a summary reaction to the use of the policies in your journal. Focus primarily on the literature review and the discussion of the findings.
The economics of bug bounty markets, in which ethical hackers are rewarded to find vulnerabilities in the infrastructure of a company, are examined closely in this article. The study, which is revolved around HackerOne data from 2014 to 2020, indicates the supply of hackers is unresponsive to prices. Therefore, financial rewards are not the primary motivation. The study also demonstrates that program age, industry type, and company size significantly influence the number of disclosed vulnerabilities. Although bug bounty programs work well for a diverse set of industries, the study holds that to accurately assess program effectiveness, unmeasured variables like problem severity are essential. This indicates the need to include more comprehensive measures, such as bug criticality, in future bug bounty studies.
Journal Entry 14:
Andriy Links to an external site.SlynchukLinks to an external site. Links to an external site.has described eleven things Internet users do that may be illegal. Review what the author says and write a paragraph describing the five most serious violations and why you think those offenses are serious.
According to Andriy Slynchuk, utilizing unofficial streaming services, using torrent services, disclosing private information about others, using copyrighted photographs, and bullying or trolling are the top five online infractions. Because they either violate intellectual property laws or compromise personal safety and privacy, these violations are serious. Users who illegally watch or download copyrighted content risk legal repercussions and deny creators and businesses of their rightful revenue. Unauthorized use of copyrighted photographs constitutes theft of another person’s creation and is particularly damaging in commercial or professional settings. Sharing someone else’s address, passwords, or private images is a serious privacy violation that can have real-world repercussions like harassment or identity theft. Lastly, cyberbullying and trolling can lead to long-term emotional distress and, in severe situations, criminal prosecution. These acts demonstrate how important it is to act morally and lawfully when using the internet.
Journal Entry 15:
Digital Forensics | Davin Teo | TEDxHongKongSalon
– YouTubeLinks to an external site.
Watch this video and think about how the career of digital forensics investigators relate to the social sciences. Write a journal entry describing what you think about the speaker’s pathway to his career.
In Davin Teo’s TEDxHongKongSalon talk, he illustrates how his path to a career in digital forensics was dictated by a specific combination of interest, namely commerce and social sciences. Although he initially studied business, technology curiosity and human behavior observation led him down the line of digital forensics. Teo stresses that a focus on observing human behavior and motivations is crucial when performing digital crimes investigation. This is where the social sciences come in because analyzing digital evidence often requires understanding human behavior, decision-making, and social contexts. His journey demonstrates how the convergence of technical and social science knowledge can address intractable issues in the online sphere. Teo’s career also illustrates that forensic science is not just about the discovery of technical evidence but understanding the broader social context behind people’s digital tracks. His lecture reminds us that career paths could be altered with the blending of multiple disciplines and that understanding people’s behavior is essential in fields like digital forensics. This cross-disciplinary approach energizes the research process and broadens the scope of solving problems in the Age of the Internet.