Week 1: Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas would appeal the most to you and which would appeal the least.

Week 2: Explain how the principles of science relate to cybersecurity.

Understanding, addressing, and enhancing cybersecurity practices all depend on scientific ideas. This is shown through multiple fields within science.

First, empirical observation and experimentation. Empirical observation in cybersecurity entails examining actual threats and occurrences. Security professionals can identify attack trends and patterns by studying data from previous assaults. Through experimentation, experts may examine system vulnerabilities, simulate cyberattacks, and validate security solutions. Examples of these approaches include penetration testing and ethical hacking.

Second, testing hypotheses. When addressing new threats or weaknesses, cybersecurity professionals create theories about possible dangers. To test these ideas, they gather information, keep an eye on network activity, and look at records. Investigators may make assumptions regarding the attack vector in the case of a suspected breach and gather information to support those assumptions.

Third, systematic analysis. The systematic analysis is essential to the management of cybersecurity risks. To methodically find weaknesses and possible threats, experts use organized approaches like risk assessment and threat modeling. This methodical approach makes sure that security efforts are concentrated on handling the most important problems first.

Fourth, data-driven decision-making. Science places a strong emphasis on this concept, and cybersecurity is no exception. Massive volumes of data, including network traffic and log files, are gathered, analyzed, and interpreted by security teams in order to spot abnormalities and handle security issues.

Fifth, continuous improvement. Cybersecurity adopts a similar approach to iterative learning that science does. Cybersecurity procedures change as a result of ongoing analysis of new threats and vulnerabilities. Better security procedures, methods, and technologies are developed as a result of the lessons learnt from earlier breaches.

Fundamentally, the key methodology and approaches in cybersecurity are underpinned by scientific principles, enabling an organized, empirically supported, and adaptable response to the constantly changing panorama of cyber threats.

Week 3: Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches?

On PrivacyRights.org, there is a data breach chronology tab. Here, you can publicly view information about data breaches in the order in which they started. Moreover, you can filter data breaches by brokers and definitions. Researchers can use this tool to quickly find specific information about data breaches. The “Law Overviews” section would be extremely beneficial to understand data privacy laws. This would allow companies to better implement policies within the workforce.

Week 4: Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need.

Similar to human needs constantly changing or evolving, technological needs are the same. In the United States Marine Corps Military Occupational Specialty (MOS) is 0621, Transmissions Radio Operator. My billet in my shop is Radio Chief. Part of my job entails creating communications plans for training exercises.

As Radio Chief, it is my responsibility to ensure all of the radio gear in my shop is maintained and operational for future exercises.

When creating a communication plan, there are many variables at play. The variables for communication plans include dates of operations, gear requirements, gear availability, site sizes, distances between sites, terrain, etc. As I determine the less essential variables, I can focus on the variables of greater importance. 

One of the lower-level needs within my job is determining the dates of field operations. This does not play a big role in determining the equipment we need. 

The upper-level needs would be determining the type of radio assets we use in the field. The type of waveform is equally important and allows me to know what terrain and distance I would need to operate my gear successfully. 

Week 5: Review the articles linked with each individual motive in the presentation page or Slide #3.  Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7).  Explain why you rank each motive the way you rank it.

Entertainment ranks as a 5. The only reason I mark it as a five and not lower is due to the fact that some people steal things for fun and don’t necessarily have justification. Script kiddies, for example, may use specific programs to “feel” powerful; meanwhile, they have no understanding of the code but have fun in the process.

Politics ranks as a 2. This is becoming increasingly common in this generation. Politically targeted attacks are common threats companies face. Hacktivists are a real threat to cybersecurity and are not going away anytime soon.

Revenge ranks as a 2. Revenge porn is a serious problem that happens often. Whether at a college, university or among celebrities, releasing someone’s private, intimate photos is morally wrong. It makes sense why it is a problem because of its reoccurrence and the lack of retribution.

Boredom ranks as a 2. This problem makes sense, as it has been plaguing our youth. Children are very vulnerable online, which poses a significant threat. Pedophiles will use any method to fulfill their sick desires. It’s crucial that parents remain educated and equipped with the right tools to protect their children. This problem makes a lot of sense, which is why I rank it a 2.

Recognition ranks as a 7. This situation seems wildly off-the-wall and not common. Most want-to-be criminals are not running for office. With this young guy being so young and a script kiddie, I wouldn’t consider him a serious threat or a hacktivist. He’s just a poser who happened to run for office.

For money, I rank it as 4. Depending on the cybercriminal, maintaining a low profile would be very likely. Other times, very popular cybercriminals have publicly known whereabouts and live their everyday lives in exile. This situation makes sense, but not for every scenario.

Multiple Reasons ranks as 2. Hackers of all flavors have their justification. Whether it’s to steal money, hurt somebody’s career, spread fear, or stop a political candidate, every hacker has a reason for their work. It makes a lot of sense that the catalyst behind every cybercriminal is a particular skill set and psychological issues.

Week 6: Can you spot three fake websites and compare the three fake websites to three real websites, plus showcase what makes the fake websites fake?

The first website I found was ABCnews.com.co. This website is a knockoff of ABC’s official website. The second website I found was Breaking-CNN.com. This website was used to spread fake news over the web and was impersonating CNN’s official website. The last website I found was bizstandardnews.com. This website is trying to impersonate an Indian English-language daily newspaper called Business Standard. This website is satirical in nature and does not host any factual news articles.

Week 7: Review the following ten photos through a cybersecurity human systems integration framework. Create a meme explaining what is going on in the individual’s or individuals’ mind(s).

Week 8: After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity

Unfortunately, the media is portraying cybersecurity in a Hollywood style. Real cyber concepts are included in famous movies, but most of the attacks rely on fake methods. If anything, the media portrays cybersecurity flaws in a fictitious manner. We need an accurate portrayal of cybersecurity to help the general public understand the severity of good operational security. A good step in the right direction would include a weekly news section that’s dedicated to giving operational security advice.

Week 9: Complete the Social Media Disorder scaleLinks to an external site..  How did you score?  What do you think about the items in the scale?  Why do you think that different patterns are found across the world?

I scored 3/9 questions listed. I think the items in the scale are worth asking. Some of these address severe problems that can have long-lasting effects. Moreover, due to technological advancements, I think different patterns are found worldwide. Go to any third-world country and look at how happy children are, and the decrease in mental health problems. It’s worth noting that, excessive social media usage without maturity could lead to problems in children’s early development.

Week 10 – Journal Entry 10: Read this and write a journal entry summarizing your response to the article on social cybersecurity

A new area of national security called “social cybersecurity” has significant effects on both conventional and unconventional warfare. Its main goal is to comprehend and predict how human behavior, social repercussions, and political ramifications will alter as a result of cybermedia. Unlike traditional cybersecurity, which mostly targets information systems, it involves employing technology to affect human behavior and society.

With actors manipulating global ideas and beliefs at the speed of algorithms, information warfare has become an end in and of itself, shaping the battlefield at all conflict levels. The Russian information blitzkrieg serves as an illustration of how information warfare is strategically employed to undermine alliances, national consensus, and faith in institutions.

Political science, sociology, communication science, and other social sciences are combined with computer methods like network analysis and machine learning to form the multidisciplinary discipline of social cybersecurity. It aims to comprehend and counteract the use of cyberspace information operations to manipulate society.

The article talks about how information warfare has changed over time and the difficulties brought forth by decentralized information flows and technological impact. It presents a number of social-cyber techniques, including network manipulation, smoke screening, hashtag latching, and misdirection. Bots are emphasized as force multipliers, and they are essential for disseminating false information, quelling opposition, and controlling social media.

The significance of comprehending social cybersecurity is emphasized in the conclusion as a means of protecting against external exploitation of internal vulnerabilities. It urges the military to contribute to the advancement of American ideals and the creation of laws that permit moral behavior in the information sphere. The paper emphasizes the necessity of an interagency effort, pertinent policies, and a multidisciplinary approach to address the issues brought about by the information blitzkrieg in the contemporary information environment.

Week 10 – Journal Entry 11: Watch this video.  As you watch the video, think about how the description of the cybersecurity analyst job relates to social behaviors.  Write a paragraph describing social themes that arise in the presentation.

As a Cybersecurity analyst, you possess a great responsibility. Being a cyber analyst, you have to educate people on safe practices. This means helping people avoid social engineering attacks. This responsibility includes thinking about cyber attacks with intense critical thinking.

Week 11 – Journal Entry 12: Read this sample breach letter “SAMPLE DATA BREACH NOTIFICATION” and describe how two different economics theories and two different social sciences theories relate to the letter.

Economic Theories:

Economic Asymmetry of Information: The information in the letter illustrates the idea of information asymmetry in economics. The organization was not informed of any real abuse of client information at the time of the breach; this information was discovered much later. The difficulties arising from information asymmetry in the digital economy are best shown by the delay in identifying the breach and informing the impacted consumers. In order to preserve market efficiency, timely and correct information is crucial, according to economic theories around information asymmetry.

Market Failure (Economic): The possible compromise of consumer data and the data breach are related to the economic theory of market failure. In this instance, the breach of clients’ financial and personal information disrupts the market’s usual operation. Negative externalities, in which the company’s costs of the data breach are not entirely covered by the impacted consumers in the form of possible identity theft or fraud-related expenses, may arise from this market failure.

Social Sciences Theories:

Social psychology’s concept of trust and social capital is discussed in the letter, which highlights the value of trust between the business and its clients. The breach compromises the social capital that exists between the company and its customers. The breach warning emphasizes how the occurrence might damage customers’ faith in the organization, in line with social psychology theories that highlight the importance of trust in society interactions. Restoring this confidence is one of the most important parts of the company’s response to the breach.

Crisis Communication (Communication Studies): The manner in which the business notifies its clients about the data breach is consistent with communication studies ideas on crisis communication. The cautious handling of information during a crisis is reflected in the delayed notification owing to ongoing investigations. Theories from the social sciences that deal with crisis communication place a strong emphasis on the necessity of openness, concise messages, and providing solutions to lessen the impact on those who are touched by the crisis.

Week 11 – Journal Entry 13: A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company’s cyber infrastructure.  To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using their penetration testing skills.  The policies relate to economics in that they are based on cost/benefits principles.  Read this article.  and write a summary reaction to the use of the policies in your journal.  Focus primarily on the literature review and the discussion of the findings.

The usefulness and implications for businesses using bug bounty programs as a cybersecurity tactic are examined in this article. It starts by showing how the absence of vulnerability disclosure protocols (VDPs) causes enterprises to be skeptical of vulnerability reports from outside researchers, which has the chilling effect of preventing firms from knowing about possible cybersecurity blind spots. It is observed that opinions on bug bounty programs are changing, with the US Department of Homeland Security supporting VDPs and businesses becoming more involved in bug bounty marketplaces.

The literature study highlights the benefits of bug bounty programs, stressing their ability to find defects in a company’s code base and give freelance hackers a place to work, particularly for startups that lack the resources to hire top talent. However, the paper points out a lack of empirical research in the bug bounty sector, emphasizing the necessity for studies to prove causation and comprehend how different factors affect bug bounty initiatives.

The extensive dataset from HackerOne, which spans public and commercial programs from August 2014 to January 2020, is described in the methods section. The study aims to identify the characteristics that affect the quantity of legitimate reports that bug bounty programs get. A two-stage least squares (2SLS) regression technique is employed to address endogeneity, along with narrative instruments and delayed instrumental variables.

The discovery of hacker price insensitivity, with an estimated elasticity ranging from 0.1 to 0.2, is one of the major results. The paper makes the case that bug bounties may be beneficial to businesses even with tight budgets. The study also casts doubt on the idea that a company’s prominence and scale substantially influence the number of bug reports, highlighting the need for bug bounties for smaller, less prominent businesses.

An examination of industry impacts shows that banking, retail, and healthcare firms receive fewer bug reports than those in other sectors. This might be because of differences in the ease of monetizing vulnerabilities and the internalization of costs. The article also mentions that the amount of reports that current bug bounty programs get is not statistically affected by the introduction of new programs.

The article’s conclusion acknowledges the study’s shortcomings, especially the fact that factors like report severity and scope were left out. Because only 40% of the observed data variance can be explained by the existing regression model, it highlights the necessity for more study to gain a deeper understanding of bug bounty markets.

All things considered, the essay offers an insightful analysis of bug bounty programs, emphasizing the advantages they may have for businesses of all kinds and sectors. Focusing on empirical data and recognizing research gaps add to the continuing discussion over how well bug bounty schemes improve cybersecurity.

Week 12 – Journal Entry 14: Andriy Slynchuk has described eleven things Internet users do that may be illegal. Review what the author says and write a paragraph describing the five most serious violations and why you think those offenses are serious.

The author begins by discussing the illegality of using unlicensed streaming sites. It is made clear that it is illegal to view premium sports material, TV episodes, movies, or music videos online for free. The author highlights the risk that these services might represent, especially in terms of compromised personal data. She notes that if these platforms have previously been used to acquire film content, there’s a chance they could also take users’ personal information.

Second, the author draws attention to the illegality of downloading unlicensed versions of music and movies using torrent networks. In addition to being considered unjust to content providers, this behavior is clearly forbidden. The significance of upholding intellectual property rights is emphasized by focusing on the violation of copyrights held by the content creators.

The author then talks about the improper usage of photos on the internet in the third infraction. Using a picture without the required consent, payment, or attribution is illegal unless it is in the public domain. In order to emphasize how important it is to respect ownership rights, the author emphasizes the idea that every image or photo on the internet has an owner, who might be a company, a photographer, or another artist.

Fourthly, the author explores the illegality of disclosing another person’s password, address, or picture without that person’s permission. It is made clear that it may be unlawful to post someone’s address online or take images without their consent, particularly if the intention is to inflict harm. The author clearly explains the consent requirements for photography by drawing a contrast between public and private settings.

The author then discusses the fifth infraction, which is the pervasive problem of trolling and cyberbullying. Legislation against cyberbullying is mentioned, along with possible legal and criminal repercussions. The author emphasizes the significance of appropriate and moral online behavior by pointing out that applications now have the power to take action against users who participate in such activity.

Week 14 – Journal Entry 15: Watch this video and think about how the career of digital forensics investigators relate to the social sciences. Write a journal entry describing what you think about the speaker’s pathway to his career.

I had the chance to learn more about the intriguing field of digital forensics today by listening to a speaker describe their professional trajectory. The complex interplay between the social sciences and the discipline of digital forensics was what most surprised me.

The speaker’s professional journey was an engrossing story that illustrated the complex tango between technology and human behavior. It became clear from their accounts of their experiences that their training in the social sciences gave them a special perspective on digital forensics. Understanding the reasons and subtleties of human behavior in the digital sphere was more important than just interpreting lines of code or examining digital artifacts.

This convergence became even more apparent when the speaker talked about how social sciences and computer forensics work together to solve cybercrimes. Finding digital footprints and finding technological gaps weren’t the only tasks at hand; another goal was deciphering the narratives that people had created in the virtual world. Their capacity to understand the psychology of cybercrimes and the motivations behind people’s digital transgressions demonstrated the significance of social sciences in this subject.

The speaker’s journey also demonstrated how dynamic the digital world is. Cybercrimes’ techniques and motives change along with technology. It was clear that digital forensics investigators needed to adjust and comprehend these shifts from a social standpoint. It got me thinking about how important it is for experts in this sector to have a thorough understanding of the sociological and psychological aspects of cyber activity in addition to their technical expertise.

My thoughts were further enhanced by the ethical issues that the speaker’s experiences raised. The ethical conundrums that arise in digital forensics were highlighted by their emphasis on the duty that comes with managing sensitive digital evidence, taking privacy issues into account, and guaranteeing a fair legal procedure. It reaffirmed the notion that, in the quest of justice, competent decision-making requires a strong basis in the social sciences.

To sum up, my investigation into the interaction between digital forensics and social sciences has greatly increased my understanding of how intricate this topic is. The speaker’s trip demonstrated the mutually beneficial link that exists between a grasp of technology and a comprehension of human behavior in its complexity. It has motivated me to consider the multidisciplinary approach to combating cybercrimes and the changing role of social sciences in influencing the direction of digital forensics in greater detail.