Journal Entry #1
The areas that appeal to me the most is Oversight and Governance (OG), Design and Development (DD), Implementation and operation (IO) and Cyberspace Intelligence (CI). OG appeals to me because it focus on the managing role to center directions of the organization; I often find myself in a leadership position when in a work environments so I tend to embed in my career. I aspire to be a cloud solution architect some day; therefore structuring designs and development cloud based environment conduct a vast part of what I will do in my career: researching and designing certain security measures to seek a more secure posture of cloud computing systems for costumers. Implementation and operation is another area that I appeal towards simply because of the importance in ensuring effective and efficient technology systems performance and security. Cyberspace Intelligence is the find appeal of the framework I find most appealing; cyberspace is the more of the processing and analytical area of work and I very active in my career now when it comes to analyzing information. Infestation and cyberspace effects are the least appealing areas to me and personally I don’t find them to be far fetch from what I seek towards in my career, I simply just prioritize these areas more less than the others.
Journal Entry #2
The principles of science relate to cybersecurity by providing separate in depth social sciences the different approaches regarding cybersecurity. This is also a great way of enhancing peer review methods, it helps to validate research information. Ethical Neutrality is a great example that helps scientist conduct research that adheres to the ethical standards. In the lens of studying ethical neutraility; it helps to creates numerous social science data in exploring ethical issues in cybercrimes. Determinism is another social science that helps explain the ways in how behavior is influence by the events of certain things. This helps in understanding the phycological mindset as to why cybercriminals commit the crimes that they do.
Journal Entry #3
Researchers can find this information useful to study data breaches using analytical resources. For example, researchers may take note of breaches that are happening in the most common geographical areas. After gathering data about these certain areas and states, research and further detail the specific data systems being breached. Learning this pattern may allow the researcher to seek necessary implementations per system to increase security measurements. Another facet that researchers could pursue is cyber law. Knowing that states have different laws can also play a role in the skewed differences in certain data breaches. Recognizing these laws could result in legislation involvement and the passing of new laws regarding the cyber environment. In conclusion, using this source of information can help researchers differentiate common data breaches to implement new patches to mitigate issues.
Journal Entry #4
Physiological needs is a very connecting level for me and my family. The necessities and life essentials such as groceries being delivered to our home. The evolution of technology has allowed for us to have the option to have food deliveries by the clicks of a few buttons. Safety and security is another major use for me, I have cameras that can be viewed at any time from an application that is associated to the camera. Love and belonging, the abilities to facetime loved ones from Digital devices who are around the world is extremely important to me and has become a daily use. Self esteem, viewing the lens of successful individuals on application such as youtube or tiktok has increased my self esteem and motivated me to remain focus at acquiring my goals in life. Actualization ties into self-esteem personally by the use of how technology is integrated. I have often used technology to seek creativity and greateer purpose for things in life.
Journal Entry #5
Money is the number one motive that I feel makes the most sense simply because the world revolves around money and because simple attacks can lead to literally millions or large sums of money from a few clicks, attacks many to learn or attempt to do such. Political is the runner-up motive for me, I feel that elections that are manipulated through cyberattacks are led by individuals who want a certain economic stance that they feel is best for the world. Multiple reasons are the third motive I think makes the most sense and that is because an attacker may want to take from someone while humiliating them. With that being said, revenge is my fourth-ranked motive. Revenge in the sense of a national attack, for example, if Russia issues as cyber attack as they have done plenty of times already, why not retaliate out of revenge? That sense is the most logical reasoning as to why one would, aside from personal conflicts. Recognition is the fifth motive ranked for me; I think hackers who hack for attention purposes are typically doing it to make a stand for something or make something known to the public anonymously. Entertainment is the sixth motive, and I can understand how hacking is a skill and a hobby for many. Breaching into a complex system can cause an adrenaline rush and that logically speaking seems ideal for someone capable of doing to indulge in. Boredom is the 7th ranked motive for me and I can not come up with many logical reasons that make sense as to why hackers hack without them simply doing it just to stay busy or keep them occupied.
Journal #6
Website one will be Amazon
Legit: https://www.amazon.com
The image above shows the fake website or what we also know as an spoofed web address. What makes this website fake is the “x”, amazon”x”.com. This website will not direct a user to the legitimate amazon.com website. This address will direct the user elsewhere; which is whatever the website is designed or coded to be. This is typically written with malicious code that has the ability to gain sensitive information from the user upon contact on the site or after entering credentials.
The second website will be Facebook
Legit: https://www.facebook.com/
The image shows a fake url web address that leads to a non legitimate facebook website page. This is a fake web address that is likely used to scam users in some sort of way judging how their is a identity format of username and password.
The third website is Walmart
Legit: https://www.walmart.com/
This image shows a clear fake web address that is not walmart.com. It also displays Walmart web page in a different layout as well, clearly showing that it is fake.
Above shows three legit website as well as well as their fake website versions. This assignment illustrates the importance of reviewing sites you visit to verify the legitimacy of them These fake websites can be very dangerous can lead to stolen credentials and other sensitive data.
Journal #7
1.
This photo is represented as a meme of a dog demonstrating the simplicity of gaining access to someones digital device. Dogs obviously have no sort of sense of intellect to navigate through technology devices such as the iPad in the photo. With that being said, it goes to show that not all vulnerabilities are exploited by some genius getting through loop holes. Many people lack basic cybersecurity skills such as no passwords or weak passwords sets leaking PII. This is a major vulnerability that can easily be exploited by anyone with basic knowledge such as a, dog. In this particular photo, the dog is shocked by their ability to get into the device with such ease.
2.
This photo is represented as a meme of a person sitting with a laptop device at the edge of a wall facing the view of a city. This meme demonstrates how the entire world is interconnected by digital networks, which can each be controlled by a single device. In the lens of a human centered cybersecurity framework, it is necessary to integrate RBAC over management groups that can mitigate the risks of one single person harming an entire system. In this particular photo, the person is realizing that he could gain control of entire enterprises at the disposal of a laptop.
3.
This photo is a meme by showing how the person holding the phone has become so lost in their interest on social media, causing them to lose focus in safeguarding their personal information. In the photo the person is using the instagram app that shows various posts, dogs, people, food etc. Each of these are ways that people can be lured into getting their data stolen in some way. For example, Identity fraud on social media is a common way that people are tricked into giving up their person information; hence the picture of the guy.
Journal #8
I feel that media influencers typically use layers of complexity as a way for viewers to see what cybersecurity looks like from a technical point of view. Although, media influencers make the process of exploitation as something that is done quickly. That is a misunderstanding of the speed of hacking and the measures of cybersecurity that media influencers portray in movies. The type of hacks that are seemingly being done in these movies take a ton of time. Depending of the specific hack obviously dictates that level complexity which align with the time taken to complete the hack. Often times hackers are in groups and together these hackers work to exploit the vulnerability at hand.
Journal #9
I scored 1/9: trying to spend less time on social media but failed is the only answer I selected. I don’t find social media much of a distraction for when it comes to completing what I need to on a daily basis. Although, there are often times where I have freedom to utilize social media and I indulge into it with a conscious thought of an hour max but disregard that limit depending on how entertained I am. I feel that the items on the scale are valid. Social media is growing more and more a part of our daily lives and It can become irresistible and mentally damaging; therefore, it is vital to manage social media usage. I think that different patterns are found across the world because the dictation of how digitally interconnected a country is. America is extremely interconnected in which results will be skewed towards high scores on the scale, wheres a country like Japan. Studies have found that average social media use in Japan is drastically lower than many other countries.
Journal #10
Social cybersecurity is discussed in this article as a new area of national security that will have strategic implications, particularly in future conflicts. The article dives into the landscape of how state and non-state actors may manipulate cyber-mediated shifts in social dynamics, political results, and human behavior which is the target of social cybersecurity. It seeks to safeguard society’s fundamental traits in an information environment mediated by cyberspace. The article also discusses how technology has changed the battlefield at all levels of conflict by making it possible to manipulate global opinions and ideas at previously unheard-of speeds. Information is becoming a vital weapon for both attack and defense in information warfare, which has historically been associated with “hybrid” conflict. This change is emphasized by Russia’s viewpoint, where top officials claim that conflicts are already raging in the information space and are not only proclaimed publicly. In conclusion this article overviews the ways that social cybersecurity is used and the relationship between warfare.
Journal #11
The first social theme I recognized from this video is how the geographical location of a job will dictate the salary of a job. For example in the video the highest paid entry level jobs retain in area like New York and DC. Each of these places have a higher cost of living which balances the salary employee make there. Another social theme is reputation which is a cornerstone of cybersecurity, and it is a social theme that is critical in the relationship between organizations, users, and security professionals. As a cybersecurity analyst, one must work to have a reputable resume that ensures that systems and data are protected from unauthorized access and cyberattacks.
Journal #12
Market Failure is a economic theory that relates to the letter because when a market failure occurs there are negative externalities that impact individuals who did not participate in the cause of the breach. Much like the users of the website www.glasswasherparts.com, malware was on the third party vendor to that website which made users PII vulnerable. Another economic theory is the transaction cost economics, developed by Ronald Coase. This theory looks at the in costs involved in transaction market which increase from the moment of the attack. In this case, the company is dealt with cybersecurity costs and customers face the additional cost in card replacement and/or potential identity theft. Social Contract theory is a social science that pertains to this letter hence the trust between the company and the customer. Since the company did not uphold their end on data protection, based off the terms of agreement it is ethically responsible for them to be compensated or supported. Social Capital Theory is another social theory that relates to the letter by the trust contributing to the functioning of the organization.
Journal #13
My immediate reaction to the VDP policy is to be an advocate for. I think that any business that is cross platform over the internet should invest in red team ethical hackers. This investment reinsures the security of the network and data. It also assure costumers of the commit of the company to do such. I think that any business that reaches a certain level of costumers should be required to abide by incorporating the VDP. This would force companies to budget wisely with the promise of constant monitoring and analyzation of cyber attacks. I think this requirement would better posture the cyber space of organizations cybersecurity.
Journal #14
The first most serious violation is sharing passwords, addresses, or photos of others. Sharing passwords is the easiest way to get your information hacked. This can result into having your more sensitive information stolen and access to financial gains. Sharing addresses to just anyone is not advised, this can put lives in danger. Sharing photos without the consent of the person is an offense and can lead to their image being spread across the internet and being seen by people they don’t want to be seen by. Each of these offenses are violations and should always be deemed wrong/illegal. Bullying is unacceptable and should be forbidden over the internet. Many victims to bullying have took their lives and this is enough to warrant consequences for those who convicted of doing so. Although trolling is form of sarcasm it is still unacceptable and can be perceived as bullying or even threatening depending on what the user is trolling about. I feel that the degree of the trolling should dictate the penalty deserved. Faking your identity online is another sever violation that I think should never be handled lightly. This misleads people into being scammed and often hurt; it should always be illegal to do so. Recording a VoiIp call without consent is definitely a violation of privacy and it breaks trust when one can be mentioning sensitive information. This is certainly a violation that should remain a illegal in the legal system. The last violation I think is very serious is using other people internet network. Other than the use of public networks; one breaching into other people’s private network is wrong. This can cause low latency upon the person’s network and/or result to further malicious actions regarding the entire network.
Journal #15
The speaker has a upbringing of career paths that equipped him well into becoming a digital forensics specialist. Beginning his career he started as an accountant which he acquired skills like critical thinking, analytical reasoning and attention to detail. Also, dealing with numbers often requires diligent analysis and management, all which is needed in being a digital forensics professional. As an accountant the speaker dealt with various aspects as a digital forensics employers would. Within his time being an accountant, he took the opportunity to assist with IT work. The realm of IT work helped the speaker with the digital aspect and handling of technology. He mentioned too that he was familiar with networking therefore, he was a great candidate for the position. The aforementioned helps to demonstrated how well prepped the speaker was into joining the digital forensic field. As time progressed the speaker gained more expertise in each of the field he was in and later on a new opportunity in digital forensics opened up for him. The separate fields of being an accountant and IT specialist, both intertwined well into him being in the position he is in today. I feel that the speakers pathway is a true testament in trusitng the process of your career and staying patient for the right opportunity. Often times we get to certain things that will later set us up for what we are truly meant to do; judging from the story of the speaker I feel he experience just that.