Journal Entry #1 : Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas would appeal the most to you and which would appeal the least.

Reviewing the areas referenced, I believe that my interest gravitates me most towards Protection and Defense. The reason for this is mainly digital forensics. I have a love for cybersecurity and I’m fascinated by how our networks in the United States are best defended from the constant threat of hackers and cyber terrorists trying to gain access to our various frameworks. The United States has very vulnerable areas such as healthcare, infrastructure (i.e. Power grids, water plants) and everything is so dependent on technology and being centralized that it can provide an easier target for people looking to gain access. Cyber investigations seems the least appealing to me because It can be a very fine line to teeter on when it comes to privacy concerns and the kind of data needed to conduct cyber investigations thoroughly to catch the perpetrator.

Journal Entry #2: Explain how the principles of science relate to cybersecurity.

I believe that Parsimony relates to Cybersecurity in that it adheres to a few variables rather than taking into account a large amount of variables, reducing the margin of error. However, I believe that this does not apply to all aspects of Cybersecurity, such as Cyber Investigation because there sometimes are many factors to consider, especially when taking human factors into account because they become very complex. Empiricism is related to Cyber Security in that all data is measured and recorded, allowing researchers to reach conclusions via their statistical data rather than their own opinions. Relativism is a great example of how Cyber security is related to social science because there is a certain interrelation between technology and society. Technology tends to evolve as society begins to develop and advance their research, while the same can be said that society tends to grow as technology develops and becomes more advanced.

Journal Entry #3: Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches? Enter a paragraph in your journal.

Researchers have a plethora of ways to find information on data breaches. One of the ways I found from privacy rights.org was analyzing the various definitions of data breach, certain keywords, what kind of information was obtained (I.E biometric information, medical information, Gov. issued IDs). This method allows researchers to analyze the content and see in what ways mitigation efforts can be increased to combat data breaches. Another way researchers use information from privacyrights.org is to formulate a relationship between breaches. To expand on this, Researchers make note of where and how a breach occurs, what information they may have been after, and when studying another breach down the road, that information may be useful to establish a connection or pattern in data breaches.

Journal Entry #4: Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need.

Starting from the bottom, we have physiological, which ties into my technology experience through my basic understanding of computers and how they need to be kept up with to run efficiently at a fundamental level. Next, Safety, this involves me knowing that my antivirus is up to date and regularly scanning my computer for potential threats. Belonging, this relates to me using technology for joining social media groups to find community of like-minded individuals to discuss shared experiences or even different opinions on something. My experience with Esteem in the technological realm stems from finding something that rewards me such as putting time into learning a video game and becoming proficient at it. Lastly, Self-actualization to me appears in the experience of helping those less familiar than me with technology about how to access new information or show them certain functions to ease everyday life.

Journal Entry #5: Review the articles linked with each individual motive in the presentation page or Slide #4.  Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7).  Explain why you rank each motive the way you rank it.

#1 making the most sense is for money, because being in a desperate financial situation can make a person feel like a cat backed into a corner and therefore try something risky like conduct a cyber attack on an organization. #2 is recognition because everyone wants to have a legacy and build a reputation amongst their community so it is a strong motivator. #3 we have political motive, due to how strongly people may feel about their candidates and they may commit a cybercrime under the false pretense they are doing the world a favor. #4 has to be revenge for me, because when emotion is caught in the mix, cyberattacks can be fueled by anger or hatred and lead to some reckless or irreparable damage. #5 Entertainment, due to seeking a thrill out of committing a crime, even cyber and wanting to test their limits as a hacker. #6 is multiple reasons because hackers have deep psychological issues which dictate how they behave and what motivates them to commit these cybercrimes, they may be purposeful, or just because they have the ability to. #7 coming in last is boredom, I don’t believe this is a good reason to commit a cybercrime, however, some hackers believe they have nothing else to do and find easy targets with known vulnerabilities, so they ask themselves, why not?

Journal Entry #6: Can you spot three fake websites and compare the three fake websites to three real websites, plus showcase what makes the fake websites fake?

Fake website #1: Paypal, there are a few things to note here that tell me this website is fake. Firstly, the domain name. It is not the original paypal domain and is attempting to pass as paypal in order to lure consumers to enter their login info. Secondly, the logo has design issues as in it is a lower quality image which makes sense for scammers because they dont have access to the actual website logo.

Fake website #2: Amazon, here the most obvious thing with this fake website is the URL. It creates a slight grammar error in the URL that may not be super noticeable to the unsuspecting customer. It does have a convincing logo so the scammers are trying to distract consumers away from the incorrect URL.

Fake website #3: Shein, this clothing store website is fake because they are attempt to phish. They are offering a deal that is too good to be true. An example of this is receiving $750 just for submitting a product review along with the “limited time bonus” to entice consumers and give them FOMO. There is also no contact or about us page to reach out to the company with any questions.

Journal Entry #7: Review the following ten photos through a human-centered cybersecurity framework. Create a meme for your favorite three, explaining what is going on in the individual’s or individuals’ mind(s).

Meme #1: When cybersecurity can be hard to explain to people not familiar with the topic, so the presenter uses hand gestures to help bolster confidence and pretend they are conveying the subject much easier with the use of hand gestures.

Meme #2: Feeling very smart and aware after just completing cybersecurity awareness training so I know what to look for in regards to suspicious online behavior while browsing my phone. 

Meme #3: After just completing cybersecurity awareness for the company and one of the first emails I open contains phishing characteristics that I just signed off on knowing how to identify. 

Journal Entry #8: After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity

I believe cybersecurity is thought to be this really complicated concept of digital screens with numbers flying across them and access denied or granted flashing in red or green respectively across the screens. At least, this is how movies make CyberSecurity seem. The media takes what little understanding the majority of people have on the topic of CyberSecurity and warps it in a variety of ways. One example is the speed in which hacking into a system may occur in a movie. It takes mere seconds or minutes to hack into an encrypted system in a movie, while in real life, It can take days or weeks of planning and execution to hack into a network or server. Also, the media depicts cybersecurity through all these flashy visuals that prompt big letters on the screen or all these numbers gliding across the movie screen in black and green. However, the reality of it is that most of this work is done through text-based commands and is usually run through thousands of black and white lines of texts which are not visually appealing and would not entertain an audience. Another idea I believe is mislead by the media is the idea of “hacking” can sometimes be portrayed as guessing someones password correctly, when in reality it is pretty difficult to access someones password by brute force, with cybersecurity systems nowadays requiring at the bare minimum a certain number of characters, no basic phrases allowed, and special characters.

Journal Entry #9: Complete the Social Media Disorder scaleLinks to an external site..  How did you score?  What do you think about the items in the scale?  Why do you think that different patterns are found across the world?

Using the DSM scale, I scored a 3 out of 9 and found that the items in this scale are largely accurate and I couldn’t help but think of others around me and how they would score on this scale. I know I use social media as a sense of entertainment and escape from the realities of life that can stress me out from time to time such as school and work. However, I believe social media uses differ around the world because as it has become a largely adopted form of entertainment around the world, other countries use social media for work and to conduct their business. According to the Global Digital Report, Over 60% of internet users in countries such as Indonesia, Columbia and South Africa use social media for work compared to just 27% in the UK & US. I also believe that in recent times, Social media used to spread awareness around the world and conduct individual journalism on topics not covered globally in depth, such as the conflict in Israel and Gaza right now, as well as countries that are starving but no media outlet is covering.

Journal Entry #10: Read this and write a journal entry summarizing your response to the article on social cybersecurity.

While traditional Cybersecurity tends to focus on the prevention of disrupting technology or
accessing data without authorized access, Social Cybersecurity focuses more on humans using
technology to hack other humans and social institutions. They seek to disrupt the trust that is harbored
by these institutions such as the media and political elections. There is an integrity that is upheld along
with values which strengthen our society. However, social cybersecurity relies on protecting that
integrity and preventing individuals or groups from exploiting the functionality of these social
institutions. Information warfare is quickly becoming the most prevalent form of war and it is waged
globally. As an example, Russia’s general Valery Gerasimov in 2013 stated that Information Warfare is an
important aspect of Russian warfare now. Gerasimov stated that “the Arab Spring and the U.S.-led
coalitions in the Middle East relied heavily on resources other than conventional military forces to shape
events, especially information operations. Military forces were only introduced at the last minute as a
coup de grâce”.

Journal Entry #11: think about how the description of the cybersecurity analyst job relates to social behaviors.  Write a paragraph describing social themes that arise in the presentation.

A cybersecurity Analyst must understand social group dynamics and understand their clients. Knowing how educated and trained the people they have been put in charge of defending from cyber attacks and malicious attempts is one way in which this position relates to social behaviors. This assists Cybersecurity Analyst with creating a more profound defense against cyber threats. Also, monitoring the network for any suspicious behavior requires a Cybersecurity Analyst to first recognize what normal and suspicious behaviors look like in their line of work, understanding when something is out of the ordinary within their network and communicating that to the proper authority. Cybersecurity Analysts are also in charge of testing their firewalls and ensuring they have a robust defense against malicious users and being able to put themselves in the position of cyber attackers to understand what approach they would take to hack into the Analysts company.

Journal Entry #12: Read this https://dojmt.gov/wp-content/uploads/Glasswasherparts.com_.pdfLinks to an external site. sample breach letter “SAMPLE DATA BREACH NOTIFICATION” and describe how two different economics theories and two different social sciences theories relate to the letter.

In this sample breach letter, I’ve identified that structural functionalism theory can relate to it in the sense that deviant behavior being the cyber attackers placing malware and stealing card information from customers, that is an unacceptable behavior in our society and is punishable by law. Also, the social learning theory can be applied to this letter because while the first time, an individual gives their payment information to a company to complete a transaction, they are susceptible to fraud. However, now they have experienced the act of fraud, they will be much more cautious about how they trust and will do a little more research on whether the companies use third party vendors to secure certain information such as their payment data. In regards to economic theories, I’ve found that the laissez-faire theory can be applied here to note that in the letter, law enforcement asked for the notification to clients that their information was stolen be delayed to allow the investigation to progress. However, this government involvement proves to also hurt the consumers because they are now allowing the hackers to have more time to access their stolen information. Another economic theory I found that is comparable to this letter is the economic theory in itself. Where a conflict has arisen in this letter, both the company whose clients information was stolen, along with the law enforcement trying to take a peaceful approach of investigating the malware, promotes peace within the society and the general welfare of those who were affected.

Journal Entry #13: A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company’s cyber infrastructure.  To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using their penetration testing skills.  The policies relate to economics in that they are based on cost/benefits principles.  Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=trueLinks to an external site.  and write a summary reaction to the use of the policies in your journal.  Focus primarily on the literature review and the discussion of the findings.

Learning about bug bounties and how companies invite hackers to try and find vulnerabilities within a developers application and report it to them was interesting. This took me down a rabbit hole later researching how hacking can be ethical and used for good to help exploit bugs early on and prevent information from being accessed maliciously later down the road. In the findings of this experiment, It was found that the majority of the bounties all began as private for developers to test their codes and see the number of bugs that could be found, and then began to go public once they felt they needed more vulnerability reports. Also, it was found in the experiment that hackers motives are not necessarily motivated by money. Some hackers seem to gain experience and others seek to gain reputation and exposure to these kinds of bug identification programs, so they become price sensitive which is a positive for the industry because some of these developers don’t have the abundant resources to offer hackers for their findings. All in all, I was positively shocked to know that bug bounties is a thing and that not all hackers are malicious.

Journal Entry #14: Andriy Links to an external site.SlynchukLinks to an external site. Links to an external site.has described eleven things Internet users do that may be illegal. Review what the author says and write a paragraph describing the five most serious violations and why you think those offenses are serious.

1. Using copyrighted images is one of the more serious internet violations because every image has an owner, and using their image without permission can lead to the violator being sued for infringement. While many people commit this violation, it is easy to get caught and the damage can be serious.
2. Bullying and trolling is another serious violation because it can have very damaging consequences on the victim. This can lead to them committing suicide. There are also laws governing online bullies from how serious this problem has become and the violator can be prosecuted if found bullying victims online.
3. Identity fraud online is a serious violation on the internet because It can negatively affect the victims credit, get you sued for debts that are not yours, or even put the victim in a very damaging position by pretending to be them. There are several laws regarding identity theft and a lot of jail time involved.
4. Collecting information on children goes against the children’s online protection act and can have severe consequences. That data can be sold to malicious users and they can take advantage of the children’s private information. Another serious violation relating to this is taking out loans or putting a child’s name on property unknowingly.
5. Sharing passwords or photos of others is a very serious online violation because someone is explicitly sharing private information or private photos of someone without their consent, which can be reproduced and damage the life in several ways of the victims. There is also criminal offenses that fall under this category and therefore punishable by law.

Journal Entry #15: Watch this video and think about how the career of digital forensics investigators relate to the social sciences. Write a journal entry describing what you think about the speaker’s pathway to his career.

 After watching this video on Mr. Teo, I learned that He brings more than 20 years of forensic technology, electronic discovery and IT audit experience to numerous national and international corporations, government bodies and regulators. Mr. Teo specializes in digital investigations and electronic discovery matters. His primary areas of expertise are fraud investigations, electronic discovery, misconduct investigations, intellectual property theft investigations, dispute matters and data recovery requests. He has an impressive list of certifications that have helped mold him through his career choices. I think it was a great idea for him to get the certifications that he got within his field because they helped him stand out above the competition and work his way up to a prestigious career path.