Article Review #1

dwest006 201s

Dawn Weston

October 1, 2023

CYSE 201S_22131

Article Review #1

I reviewed the article entitled ‘Cyberbullying and Psychological Stress among Female Employees.” The topic relates to the principles of the social sciences by addressing a specific group of people (Sociology) and researching how they feel and react to this particular topic (Psychology). 

This article aimed to see if there was a positive or negative effect on cyberbullying in the workplace for females specifically in Saudi Arabia, where there had previously been a lack of research. Their listed hypotheses included: 

  1. Workplace cyber bullying negatively influences the organizational commitment of female employees.
  2. Workplace cyberbullying is positively associated with psychological stress of female employees.
  3. Workplace cyberbullying negatively influences perceived interactional justice of female employees
  4. Perceived interactional justice is associated with job satisfaction.
  5. Perceived interactional justice mediates the relationship between workplace cyberbullying and job satisfaction.

The research methods used were pre-existing, previously validated, questionnaires, from 2016, filled out by women from Saudi Arabia across various companies that previously had not been researched. The women were asked questions related to: workplace cyberbullying, perceived interactional injustice, job satisfaction, psychological stress, and organization commitment. They then analyzed the answers to this survey using scaling tools. There were many different tools and scales that were used to determine evaluate this data such as: Scales: For the variables of perceived interactional justice was derived from the research conducted by Beugre and Baron (2001). The measurement of psychological stress was conducted by modifying the  instrument developed by Banksetal (1980). The measurement of organizational commitment was conducted by modifying the instrument utilized in the research conducted by Mowday et al(1979). The measurement of job satisfaction was conducted by employing the instrument developed by Warr, Cook, and Wall (1979). And the variables were assessed using a 5-point Likert scale. The Tables for analysis were generated using Statistical package for the Social Sciences (SPSS) and the hypothesis testing was conducted utilizing structural equation modeling (SEM).

Women in Saudi Arabia are already a marginalized group of people. There have historically been stricter rules that they’ve had to abide by over their male counterparts, such as not being allowed to travel or get an education without the approval of a man. Therefore women existing in the workplace in Saudi Arabia makes them a smaller and even more marginalized group. 

The findings of the study proved their hypotheses: that cyberbullying has a negative effect on female employees. It affects their mental health, leading to stress and anxiety. It affects their physical safety: they feel physically unsafe. It affects their workplace performance: it has a negative effect on their daily work tasks and gives them a decline in performance. And ultimately they do not want to work at an organization that does not protect them. 

Reference: 

https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/161/61

Journal Entry #5

dwest006 201s

Review the articles linked with each individual motive in the presentation page or Slide #3.  Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7).  Explain why you rank each motive the way you rank it.

1. Money-Money makes the most sense to be because money drives almost everything. If you are smart enough and in need, cyber crimes such as credit card fraud, could be an easy way to make money. This could supply you with food, or maybe help you get your feet on the ground and start a business.

2. Multiple Reasons- I would almost put this at number one, and imagine that it is as close to one as I can get it. The reason that I put money over it is because I don’t feel that there needs to be any other motive to money other than “I need money right now to live.” However, if we are talking about all other crimes, I believe they are all motivated by multiple things. I don’t think you can only want recognition or only want revenge. There is always more to it.

3. Political- I believe politics can be a very motivating factor for a lot of people. After Trump was elected, the country went through a lot of political division and when people have such a strong stance on one side or another it is very motivating to do everything in your power to get people on your side, or to “wake them up” and see your point of view.

4. Revenge- This article spoke about revenge porn, and while I think people that commit this crime are completely unhinged and immature, I do think revenge is a strong enough motivating factor to want to commit any sort of revenge crime.

5. Recognition- This is a very plausible motive for committing a cyber crime, but i feel like it doesn’t happen that often. The article talks about a guy launching a ddos attack on a political website so he could draw likes to his twitter page. While I do believe people that are able to do something “tricky” would like to brag about it, they normally do it anonymously and I dont believe it is ever the only motivating factor.

6. Entertainment- I believe that people that are new to hacking or committing cyber crime do it for entertainment – or to see if they can actually “pull off” the crime. However, this article speaks about a man who pulled millions of user accounts and its data off of Link’d in, bragged about it on a forum, and said he did it for fun. I refuse to believe that someone does a crime that big just for fun- and obviously that wasnt the only factor because ‘recognition’ was tied in.

7. Boredom- This article, in my opinion, made zero sense. It said that kids get bored go online and then by posting, are subjected to cyberbullying or basically sex offenders. This is kind of victim-blaming. Every other reason spoke about the reasons a cyber criminal commits an offense, and this one is regarding the victim.

Journal Entry #3

dwest006 201s

Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches? Enter a paragraph in your journal.

The PrivacyRights website gives researchers detailed insights into *reported public* data breaches within the United States over the course of 17 years. These data breaches are broken down by type of breach (example: Hack) and type of organization (example: Government) as well as location. Researchers can narrow down what location the most people have been affected, what organizations have been hit the hardest, and how often they occur. Another helpful addition to the site is the break down of laws state by state. This gives researchers more information on what is allowed vs what isn’t in regard to cyberlaw.

Journal Entry #2

dwest006 201s

Explain how the principles of science relate to cyber security.

Relativism, objectivity, determinism, parsimony, ethical neutrality, skepticism, and objectivity are the scientific principles that relate to the social sciences and thus cyber security.

Relativism means that all things are related to each other such as how technology drives the development of cyberspace and thus new types of crimes and security issues arise.

Objectivity refers to how topics are studied without a point of view involved, this way the only influence on an outcome is data. As it relates to cyber security, some fields may be asked to study subjects such as terrorists promoting their material online. Its important to keep an objective stance and not let feelings influence a decision.

Parsimony means that an explanation should be kept as simple as possible. (and thats what i’m doing here!)

Empiricism says that social scientists can only study behavior which is real to the senses. This basically means that we cant inform our understanding of the cyber field from opinions but rather data.

Ethical Neutrality is exactly what it sounds like- scientists must adhere to ethical standards when conducting research ie. protecting the rights of the individual.

Skepticism means not accepting an answer or solution based on feelings or info that was passed down from another person, but rather based on pure data.

Determinism means that everything is influenced by a preceding event. This basically means that every event is already planned out and no one has free will. It’s the absence of choice. However in the social science world this becomes a little harder to explain as if you were to ask the question of “why is someone a hacker” you could argue that they had no choice, everything in their life led to that moment. Or, you could say, this person had free will and infact did have a choice.

Journal Entry #1

dwest006 201s

Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas would appeal the most to you and which would appeal the least.

Cyber Investigation and Digital Forensics appears to be the most interesting areas of the NICE Workforce Framework. I enjoy learning about people and why they do what they do and digital forensics and cyber investigation seems to combine that along with “capturing the bad guy.” Seems pretty rewarding. Least appealing is Vulnerability Assessment and Management, based on my experience if you work for a bigger company with a lot of assets, this seems like a never ending job. There are almost always issues with assets being out of date and constantly vulnerable; very tedious work for not a lot of reward.

Journal #6

dwest006 IT/CYSE 200T

How do engineers make cyber networks safer?

In 2018 1,244 successful data breaches were reported and 446.52 million records were exposed as a result causing businesses to lose 7.91 million dollars. Did these companies have an experienced engineer on staff? Most likely not. 

There are many different types of engineers that work on computers/computer systems and make them safer: cyber security engineers, network security engineers, and system security engineers. They all roughly do the same thing: create security procedures and systems that prevent intrusion and utilize tools to make systems secure and more functional. In other words- they make stuff secure and hard to reach. 

Depending on the organization an engineer can utilize things such as Virtual Private Networks, patch management, firewalls, Intrusion detection systems, Intrusion prevention systems, and even alerts to keep a system safe. 

Refs:

https:// (www) .aureon.com/network/security/why-your-business-needs-experienced-network-engineers/

(https) ://hc.edu/science-and-engineering/degree-programs/ug-major-cyber-engineering-bs/what-does-a-cyber-security-engineer-do/

What is the overlap between criminal justice and cybercrime? How does this overlap relate to the other disciplines discussed in this class?

The overlap between criminal justice and cybercrime is a prominent one. Criminal justice refers to the laws, procedures, institutions, and policies at play before, during, and after the commission of a crime. Cyber crime is criminal activity that either targets or uses a computer, a computer network or a networked device in its commissioning. 

Due to advancement in technology, criminals no longer need to physically put a gun to a victim and rob them. They can effectively do the same thing from behind their computer across the country, just with a couple clicks of a mouse. Now they’ve stolen someone’s identity and drained their bank account. A cyber crime has been committed, now what can a victim do to get justice? That’s where criminal justice comes in. The police use digital forensics to collect proof and eventually charge a suspect with a cybercrime. 

Refs:

https:// (www) law.cornell.edu/wex/criminal_justice

(https) ://usa.kaspersky.com/resource-center/threats/what-is-cybercrime

Journal #5

dwest006 IT/CYSE 200T

1.  How can you tell if your computer is safe?

Have you found that when you are looking for a file in your computer, that it has gone missing? Does your computer freeze and the fan begin to whirl up when performing a simple function such as opening Notepad? When you look at the details of your files do you see that the “last modified date” is not consistent with the last time you modified it? Have you been unable to access your files until you pay 10 million in bitcoin? If your answers to these questions are “yes” then your computer is not safe. 

But what if the answer is “no”? Does that mean you’re in the clear? Well not necessarily. There are tools on the market that you can use to answer this question. If you are using a Windows computer, it most likely has Windows Defender built in. It “provides real-time malware detection, prevention, and removal with cloud-delivered protection.” Meaning, it will tell you if there is malware installed on your device and will remove it for you. If you are using a password manager, such as Google or Nordpass, they typically have a report that will tell you if your passwords are weak or have possibly been compromised. 

So you’ve done all of these things and your computer appears to be safe. Now what? Keep it that way- ensure your passwords are complex, utilize two factor authentication, continually run your antivirus software, ensure you are up to date on updates and patches, and make sure only those who need access to your computer have it!

2. Describe three ways that computers have made the world safer and less safe.

What is a computer? A computer is an electronic device that manipulates information, or data and has the ability to store, retrieve, and process data. By this definition a lot of things are considered computers that you may typically not think about. 

3 ways computers have made the world safer:

  1. The apple watch has a feature that lets the wearer know if they are having a heart attack. Or maybe a person has fallen during a hike and requires emergency services. The latest apple watch has a feature that can indicate an emergency event has occurred and will notify the respective emergency services to come to your location for help. 
  2. Data encryption and cloud backups have allowed for your important files to remain safe from hackers and recovered if a physical event such as a fire occurs.
  3. The military uses Missile defense systems to indicate if a missile attack is about to happen and can lock onto the target and stop it.

3 ways computers have made the world less safe:

  1. People are more vulnerable to identity theft nowadays than they were 60 years ago. Someone can simply send you an email with a link, and suddenly with one click, your life has changed for the worse. 
  2. Modern cars such as Teslas run on computers and electricity, making them susceptible to being hacked.  
  3. Advanced technology means advanced warfare. Cyberwarfare is just another method that a country’s adversary can use to disrupt an economy, military, or to spy on its citizens. 

Journal #4

dwest006 IT/CYSE 200T

What are the costs and benefits of developing cybersecurity programs in business?

Developing a cybersecurity program for your business is one of the most important things you can do. 68 percent of small business have incurred at least one cyberattack, protecting against these are crucial to the security of a company’s data and money.  However, not all losses can be attributed to an attack, human error can often lead to data leaks and end up costing the company. For this reason, it is important to have an incident response plan developed which, depending on the size of the company, may require hiring a response team to assist in recovery.

According to IBM’s “Cost of a Data Breach Report”, the average cost of a company to a data breach in 2019 was $392,000. Cyberattacks cost businesses $5,000 in lost business opportunities and $23,000 in downtime in addition to professional services. This is not to mention how much confidence you could lose in your already established customer base. Upon review of the most popular antivirus, a business can expect to pay on average $30 for coverage on 5-10 devices. Does your business want firewall protection? A business can expect to pay between $5-8$ per user per month for endpoint detection and $9-$18 per server per month. Of course, the prices go up depending on how much protection a company wants, there is no “one size fits all”. On average a company can expect to spend about 10% of their annual IT budget on cybersecurity.

So what happens if a company has purchased its protection but for some reason, whether it be cyber attack induced, user error, or a physical equipment issue, data is still lost? This is where the incident response plan will kick in. If your cyber security plan already included backups and recovery costs, then your incident response shouldn’t be costly. However, if your company ends up needing to hire an incident response firm to assist in recovery efforts, costs range between 30k and 150k.

Its probably looking, based on this reading, that the benefits are good but the costs seem high, and you’d be right. However, the costs aren’t as high as the $3.9 million that your company could lose to a data breach!

Ref: https://www.thales-ld.com/the-costs-of-developing-a-cybersecurity-program-for-your-business/

https:// (www) security.org/antivirus/cost/#:~:text=Antivirus%20software%20costs%20anywhere%20from,costs%20around%20%24100%20a%20year.

https:// (www) ibm.com/reports/data-breach

https:// (www) marconet.com/blog/cyber-incident-response#:~:text=1.,a%20loss%20you’re%20facing

Journal #3

dwest006 IT/CYSE 200T

How has cyber technology created opportunities for workplace deviance?

What is deviance? Workplace deviance refers to “voluntary behavior that violates significant organizational norms. As a result, it threatens the well-being of a company, its employees or both.”

There are a number of ways cyber technology has opened the door for workplace deviance such as using company resources for employees gain, remote work, and access to critical information.

With technology advancing, workers, especially in the cyber field, are able to perform functions at a more efficient rate. Meaning, if they are working a 9-5 job it is almost guaranteed that all eight hours are not spent working. With that time, employees now have the opportunity to utilize the technology at work for non-work related activities such as checking their social media or watching a video on Youtube. I mean, right now I am typing this while at work. This is a very common occurrence and while it doesn’t appear outright malicious it is still considered workplace deviance.  

Due to the COVID pandemic in 2020 a lot of companies shifted to a remote work environment. While this has a lot of benefits for both the company and the employee, it also opens the door for deviancy. Workers could now fabricate when and how long they were working. The bosses and coworker eyes were no longer on them, so people could pretend they were working when in fact they were out at a store or at the gym. Products such as a ‘mouse jiggler’ became popular because they could be placed on your work computer’s mouse and prevent your computer from going ‘idle’ and allowing others to see that you weren’t actually at your computer working.

Nowadays with every company operating online, if there are not proper procedures inplace, an employee could have access to critical information related to the company or PII/PHI related to a customer’s health. This information could be used in unethical ways if so desired, with the employee using the information for personal gains such as when to buy or sell company stock or even identity theft. Its important for companies to utilize proper security protocols to prevent this from happening.

Refs:

Refs:

https://www.researchgate.net/profile/Meena-Scindia-Chavan/publication/353212626_Millennial%27s_Perception_on_CyberloafingWorkplace_Deviance_or_Cultural_Norm/links/60fbc005169a1a0103b20f94/Millennials-Perception-on-CyberloafingWorkplace-Deviance-or-Cultural-Norm.pdf