Journal entry 1

The most compelling aspect of this field is oversight and governance. I prefer to operate in a
capacity that allows me to advocate for individuals and organizations, rather than engaging in the
technical dimensions of cybersecurity, such as protection, defense, implementation, and
operation. I would rather be the individual who poses critical questions, such as, what
necessitates our actions? And what will be the impact and cost associated with this risk?


Furthermore, I prefer to avoid involvement in the design, development, and investigative
components of the NICE framework, as these aspects are complex in various respects. A
thorough understanding of network systems is essential, including how computers connect to
servers and the measures necessary to ensure the security of both the computers and the servers
involved. The investigation process encompasses intriguing tools and technical skills designed to
extract valuable information. However, it involves a complex sequence of procedures to maintain
data integrity for digital evidence within the chain of custody. It is critical to note that a single
misstep in the chain of custody can compromise the integrity of an investigation.

Journal entry 2

Empiricism is a key approach to cybersecurity, which is heavily data-driven, as it allows
you to present data and facts, rather than relying on assumptions; it provides concrete
evidence. Data collection can help analyze threats, assess security measures, and
inform the development of new strategies to protect systems. Threat intelligence,
pattern analysis, performance metrics, and vulnerability detection are all tools that serve
different purposes, but they all have a common goal. Threat intelligence collects data on
current incidents, vulnerabilities, and attack trends from multiple sources to create a
report on the latest threats. The next one is pattern analysis, which examines patterns,
anomalies, and shifts in attackers’ techniques, skills, and methods. This is signaling new
or evolving threats. The third one is that performance metrics, which are the data
generated by security tools, incident logs, and audit security, provide insight into how
these tools are working to defend against threats. The last one is vulnerability detection,
which involves data generated that indicates which vulnerabilities are being exploited,
which security controls are adequate, and what needs to be changed. These are all
tools that can help with empirical data collection and analysis for the goal.

Journal entry 3

This website provides comprehensive information on data breaches, including where
they occur, when they are reported, annual breach reports, the types of data being
exposed, and high-risk areas for impact in the United States. It also details how
breaches are perpetrated and which companies are most frequently targeted.
Researchers can utilize this information to forecast future data breaches and gain a
better understanding of past breaches. They can also study it to understand when a
company is being attacked and what data is most likely going to be stolen. And what
attack vector are they using to gain access to the system to initiate the attack. These
are all significant points to consider when understanding data breaches and attacks.
Researchers can use annual reports to analyze the yearly impact and identify trends. To
see if the trends will go up or down. They can also examine the data that is most likely
to be attacked at a specific time of year, which can help make a future forecast and
identify trends. Researchers use all of the other points to understand data breaches and
use that information to create a future forecast.