Journal Entry 1
When it comes to the NICE Workforce Framework for Cybersecurity, the Oversight and Governance or Investigation category would be my favorite. I think I would do well in a management position, which explains why I lean more towards the Oversight category. The Investigation category also interests me a little as well. I think that the whole investigation process sounds quite cool. The category that interests me the least is Implementation and Operation. I do not like the maintenance side, so that is most likely why this category does not pique my interest at all. The category that piques my interest the most would definitely be Oversight and Governance.
Journal Entry 2
The following principles all play an important role when in cybersecurity. All of these principles play a role when it comes to protecting our data. Empiricism is based on evidence-based decision-making. The evidence I speak of is based off of data analysis and vulnerabilities that are found. Determinism is based around finding the root cause of cyberattacks. Parsimony focuses on trying to simplify security systems so that they are easier to understand. The principle of parsimony also emphasizes efficiency. Objectivity makes sure that any and all decisions are made with no bias whatsoever. By incorporating the following principles, we can adapt and protect against potential threats.
Journal Entry 3
The information that is available on PrivacyRights.org holds very valuable information that provides researchers insight into the world of data breaches. With all of this information, researchers can learn information that helps them practice to protect against data breaches. Researchers will track the frequency of breaches over time, study the certain types of data that is commonly attacked, and find trends in cyber attack methods. They learn how to learn from breaches and how they vary across different industries and regions. By doing these things, they are offered opportunities to assess how well certain security measures work. Overall, this information helps researchers create new policy recommendations, improve current breach detection methods, and make the public more aware of the risks of cyber attacks.
Journal Entry 4
Maslow’s Hierarchy has five main levels: Physiological needs, safety needs, love and belongingness, esteem needs, and self-actualization. I believe that we can link all of these levels to our experiences with technology. Physiological needs can be fulfilled by ordering food online or tracking your sleep cycle through an app or smartwatch. We find safety in cybersecurity tools like multi-factor authentication. Love and belongingness can be linked to messaging applications that allow us to maintain relationships with people without having to be with them at all times. Esteem can be shown through websites like LinkedIn, where you can show off all of your accomplishments. Lastly, self-actualization can be shown in online courses or something else like a coding project.
Journal Entry 5
I rank money as number one. Financial gain is usually the primary motivation through most cybercrimes. Revenge comes at number two. Lots of crimes derive from personal disputes or grudges that people have against others. Political would be ranked at number three. Political cybercrimes are hurt a lot but are not as common. I would then rank recognition at number four. Some people have a desire for attention. “Entertainment” would be ranked at number five. I just do not see many people putting themselves in the spot of potential risk for mere entertainment. “Multiple Reasons” would be at number six. Multiple reasons is very general so I would just leave it at six. Lastly, I have “Boredom” at number seven. I feel like boredom is such a weak motive compared to something like financial gain. Of course, there probably has been somebody who has committed crime because of boredom, but I feel it would be very uncommon.
Journal Entry 6
Having the ability to spot fake websites is very important in our current world. Scams are everywhere, so we need to be vigilant. Fake sites often have small changes in URLs so that it is hard to spot the difference. For example, one would use “paypa1.com” instead of the real “paypal.com” (Army Cyber Command). These websites might also not have HTTPS or the little lock icon in the address bar, which real sites always have (DigiCert). Another thing that fake sites like to do is ask for TOO much information. A real site would not ask for your full social security number. Fake sites also sometimes look poorly designed. These are all very important things to look for when using the internet.
Resources:
1. Army Cyber Command: https://www.arcyber.army.mil/Resources/Fact-Sheets/Article/3301745/fraudulent-websitesLinks to an external site.
2. DigiCert: https://www.digicert.com/blog/how-to-identify-fake-websitesLinks to an external site.
Journal Entry 7
Journal Entry 8
I found this video very interesting because of how inaccurate some of these movies actually are. Some of the examples from movies were actually quite realistic and included strategies like phishing, which we see all of the time. Other examples included hackers automatically getting into very secure systems with ease, which just isn’t realistic at all. Another thing I found interesting was how hackers will usually always focus on the easiest targets first, which is smart, of course. Some people are not vigilant whatsoever online, and this makes them very easy targets for these hackers. Simple mistakes like making easy passwords or even re-using passwords for multiple different platforms can make you quite an easy target.
Journal Entry 9
I have never really had a problem with social media. I do use it, but I don’t love posting much at all. I feel quite weird showing people my whole life. I answered “no” to every single question on the Social Media Disorder Scale. I believe that the items in this scale are all definitely good ways to see if someone really is addicted or not. The video showed a man who overshared his life on social media. He made himself the perfect target for the hacker in the video. Oversharing on social media will never be a smart idea. Posting small parts of your life won’t hurt, but there is definitely a limit that should not be crossed.
Journal Entry 10
The article “Social Cybersecurity, An Emerging National Security Requirement” spoke about how open societies are quite vulnerable to online manipulation. Social media is one of the worst grounds for online manipulation. Countless amounts of people get heavily influenced by other people on social media. The BEND Model is when people hijack trending topics or use bots to spread misinformation. Social Media is obviously one of the most common spots to see the BEND Model live and in action. This article mainly speaks about the need for governments and military leaders to understand social cybersecurity and educate people on how to identify misinformation.
Journal Entry 11
This video speaks about multiple different things. It speaks about work-life balance, networking, economic opportunity, etc. She spoke about the importance of networking. Networking is an incredibly important skill in our day and age. Sometimes success is not all about your skill but also about your ability to build relationships with others and knowing the right people. She also says that cybersecurity is a field with very high-demand, yet very low competition. This really does show the potential for success within the field, especially if one were to learn how to network correctly. With technical skill and networking skill, you are bound for success.
Journal Entry 12
This letter can be related to two different economic theories. These theories are the transaction cost theory and the information asymmetry theory. I am applying the transaction cost theory because the breach creates more costs for the customers and the company itself. I am using the information asymmetry theory because the company knew about this breach a while in advance. Then, when it comes to social science, Risk society theory and conflict theory can be applied. Risk society theory is applied because our modern technology increases the potential of risks (cybercrime in this context). We then have conflict theory, which is applied because this breach emphasizes the power difference between the company and the customer.
Journal Entry 13
This article talks about policies that pay people for finding weaknesses in a company’s cybersecurity system. These people are called Ethical hackers. This article emphasizes how important these bug bounty policies have become in the cybersecurity field. These companies are using people just as advanced as the hackers who may try to attack them to find these vulnerabilities. These policies have become very effective for all companies, no matter the size. These policies are very smart because they are basically running simulations to see if their security measures will work or not. Overall, the ethical hackers are going to be around just as advanced as the cyber criminals are.
Journal Entry 14
The five most serious things we do are cyberbullying, collecting data about children, illegal searches online, faking your identity, and using unofficial streaming or torrent services. Cyberbullying is very serious and can lead to extremes, like suicide. Collecting data on kids puts them at risk and is very illegal. Illegal searches are obviously unacceptable and should not be tolerated. Using a fake identity is usually used to hurt other people through acts like scamming, which also should not be tolerated. Using illegal streaming services does not seem that bad, but these things people are watching are copyrighted and could also lead to viruses.
Journal Entry 15
I believe this man’s journey into the field of digital forensics was quite inspiring. He started out in accounting, and then eventually was able to join the first national digital forensics team in Australia! Digital forensics is most definitely related to the social sciences. They are related because both are about people and how they work. Digital forensics investigators have to look into things like human behavior and motives to analyze certain situations and/or evidence. The man in the video shared a case study where understanding how employees used their devices and networks was very important. This is just one real-world example of how digital forensics and social sciences are related to each other.