Cybersecurity and the Social Sciences
Journal Entry #1 – The NICE Workforce Framework
The NICE Workforce Framework highlights several areas of work for cybersecurity professionals to specialize in. Though each of these categories appeal to me in some way, a few seem more compelling than others. I am particularly interested in the categories of “Implementation and Operation” and “Protection and Defense.” These categories contain roles that seem interesting because of their focus on analysis and problem solving. Some categories like “Oversight and Governance” instead describe jobs which seem to be more managerial, separate from the technical challenges I imagine are common in other categories, and are thus less appealing to me. Even so, I would certainly not be disappointed to attain a career in one of these areas, as each role presented seems desirable, to some degree.
Journal Entry #2 – Applications of Scientific Principles in Cybersecurity
Though cybersecurity, as a discipline, is more applied than some others, its strong connection to the behavior of individuals and groups means that concepts important to the sciences, including objectivity, empiricism, parsimony, relativism, and determinism, among others, remain relevant. Where scientists must ensure that their research is not influenced by their own biases, cybersecurity professionals must similarly not let their ideas of cybersecurity be dictated solely by personal opinion or simple conjecture, instead basing conclusions and actions on empiric and objective findings. Skepticism further ensures that ideas are rigorously tested and proven before they can be widely accepted, crucial in cybersecurity given the risk of harm to organizations and society as a whole. Both must also keep in mind important ethical considerations, in this case often regarding the privacy and security of individuals, and should stand by certain ethical standards. Relativism, too, is key to cybersecurity. Not only do systems frequently impact other systems, devices and the people that use them heavily impact each other. Societies influence how technology functions, and this same technology can shape social interactions. Other scientific principles, such as determinism and parsimony, are critically important to cybersecurity, as well, prompting discussion of the specific causes of certain harmful behaviors, and promoting simpler explanations for these behaviors, respectively. Each of these principles, of course, are necessary for cybersecurity to function as a discipline, leading to much more effective research and actions than would be possible if these principles were ignored.
Journal Entry #3 – Impacts of Data Breach Information on Cybersecurity Research
Publicly available information relating to data breaches affords researchers the opportunity to study many aspects of breaches that may otherwise be prohibitively difficult or unethical to examine otherwise. As a result, researchers can determine which characteristics of organizations cause them to be most vulnerable, or those that cause them to become the target of more attacks by threat actors. This could be done by examining the number of data breaches that occur among organizations with different traits, such as their location or sector. Publicly available information might also be used to better understand the impacts that data breaches have on society as a whole, given their potential for widespread harm among certain groups. Consequently, researchers may be able to determine which actions are most beneficial in preventing data breaches, or in mitigating their effects. However, this kind of archival research is unlikely to provide much insight into the motivations of attackers, and thus may not paint a complete picture of data breaches as a whole, at least when taken alone. Even so, the available information about data breaches is still a highly valuable resource to cybersecurity researchers when attempting to gain a more complete understanding of data breaches, their causes, and their impacts.
Journal Entry #4 – Technology as it Relates to the Hierarchy of Needs
As newer technology becomes increasingly important to our everyday lives, it is only natural that they become more and more connected to our needs and desires, as laid out in Abraham Maslow’s hierarchy of needs. Computers and other devices can often assist in accomplishing each level of need. Possessing Internet or other network access allows individuals to gain access to the wealth of knowledge and services it has to offer. Payment for necessary goods and services can occur digitally, as many individuals, including myself, have experienced. Thus, computers and Internet connectivity help to fulfill physiological needs, and may almost be considered a physiological need in themselves in the modern era, though many might not go that far. The security and reliability of systems is also an important consideration in meeting the needs of the second level. Most count on these systems to not fail or become compromised, which would largely undermine the myriad of benefits they would otherwise provide. We trust that they remain available to us, so we can rely on them to perform functions necessary for us to be productive. Though I have not personally experienced the compromise of a device or account, I understand the harm that it can cause, as others I know who have experienced it firsthand have described the significant damage that can occur as a result of breaches. With sensitive information often present in our devices, the security of these computers is a high priority. For this reason, the field of cybersecurity is crucial, and will likely remain so for the foreseeable future. Some forms of technology also enable long-distance communication in a way that would otherwise be impossible. Individuals can instantly converse with others, despite the possible distance between them, allowing individuals to establish new relationships and grow existing ones. As a result, groups can form supportive communities which can promote the sense of belonging described in the third level, without the need for physical proximity. Interactions within these online spaces can have a significant impact on one’s esteem, as well, contributing to the fourth level of the hierarchy of needs. In my own experience, I, and the majority of my own friends, often communicate using online applications, enabling friendships with those whose physical distance would otherwise inhibit social interactions. Self-actualization is perhaps the most difficult of the five levels to pinpoint, as it differs between individuals. Some, such as myself, enjoy artistic pursuits which are furthered by certain computer applications, but others may have different activities necessary to attain fulfillment. Computers and other kinds of technology permeate countless aspects of our lives, and so it is not too surprising that technology has become intertwined with the fulfillment of each of our needs.
Journal Entry #5 – Understanding the Motivations of Cybercriminals
There are many possible reasons for cybercriminals to engage in malicious behavior. While some motivations may be at least somewhat reasonable, others relate solely to emotional issues and selfish desires, and would thus likely be seen as unfathomable for the majority of individuals. Some individuals possess political motivations for their behavior. Hacktivists, for example, may see themselves as selfless, seeking to make widespread changes that do not directly relate to themselves. Thus, these people may weigh the perceived benefit of their actions against the damage they might cause. Meanwhile, other individuals or groups might seek the tangible benefits of engaging in cybercrime. These crimes can often provide their perpetrators with large amounts of money, which is part of the reason that cybercrime is becoming increasingly prevalent. While these actions are highly detrimental to others, there is clearly a strong motivation in the case of economic gain. Certain individuals may, instead, be encouraged to participate in cybercrime for social reasons. Being successful in these endeavors may cultivate respect among their peers, which could be highly desirable for some individuals. These people may seek revenge for some perceived wrongdoing, as well, aiming to cause harm to a specific person or group. In these cases, however, engaging in cybercrime makes little practical sense. Respect could be gained in another way, or from different people, while revenge remains generally pointless, perhaps only providing some sense of emotional relief. Some individuals may even engage in cyberattacks or other forms of cybercrime as a form of entertainment. Similarly, some individuals may become victims themselves as a result of boredom, engaging in risky behavior. Because cybercrime and dangerous online behavior are only a handful of countless possible options these individuals have to combat boredom, this motivation does not seem compelling in the slightest. Not only do these individuals not seek any sort of benefit, cybercrime can often cause irreparable damage to others. Engaging in this behavior for enjoyment, then, is certainly objectionable. Finally, it is worth noting that the behavior of cybercriminals can have multiple influences, rather than being prompted by a single guiding motivation. This might compound the effects of each motivation, providing a stronger inclination to commit cybercrimes. Given each of these factors, a ranking of the sensibility of each motivation might look similar to this:
1. Combination of motivations
2. Political motivations
3. Wealth
4. Recognition
5. Revenge
6. Boredom
7. Entertainment
Even so, none of these motivations are truly reasonable. Significant emotional and physical harm can be caused to others as a result of cybercrime, and so there are few circumstances, if any, where it is sensible.
Journal Entry #6 – Identifying Misleading Websites
There are a number of techniques one can use to identify fraudulent websites constructed to imitate a legitimate one. Given that these websites can never be perfectly identical to their real counterparts in every way, careful examination should allow individuals to recognize most fake websites, given the right knowledge about what to pay attention to. The website pictured below, for instance, may look like the login page for PayPal at a glance, but close examination would reveal that it is not. The key indicator here is the URL. Many fake websites use domain or subdomain names that look somewhat similar to real websites, but are unaffiliated with these websites (The SSL Store, 2018). In this case, the text “paypal.com” in the URL is actually part of a subdomain, with the text following it being the true name of the website. The real PayPal login page, of course, has a much simpler URL. It is also worth noting that, while the URL would suggest that the page is a security alert, the actually displayed page resembles the login page for PayPal. This is, of course, suspicious, further indicating that this website is fraudulent. PayPal’s real login page is also pictured below. The URL is clearly separate from that seen on the phishing page.
Image source: https://www.thesslstore.com/blog/5-ways-to-determine-if-a-website-is-fake-fraudulent-or-a-scam
Similarly, some fake websites will tack on additional words in their URL, swap some words, or change certain characters in the URL into others which are visually comparable (How to Recognize Fake Website Addresses, n.d.). This is the case in the next fake website pictured, made to imitate Citibank’s website. Here, the word “update,” along with a dash, are placed before “citi,” where the real website would lack these. Without prior knowledge of the real website’s URL, these changes may be difficult to spot. Despite this, one could recognize that if this page were real, the URL would likely be “www.update.citi.com” or “www.citi.com/update” instead, with “update” being out of place in its current location within the URL.
Image source: https://connections.oasisnet.org/oasis-connections-guide-to-online-safety/how-to-recognize-fake-website-addresses/
Recognizing other abnormalities in these pages, such as in the page layout, fonts, logos, spelling, grammar, or lack of proper certification, can also help to reveal fake websites, as shown below (BBB Tip: How to Identify a Fake Website, n.d.). This fake website, in addition to having the wrong spelling of “hardware” in the URL, looks somewhat unprofessional for a large company, and much different than the true website for Ace Hardware. Even so, more concrete attributes like the URL can allow individuals to recognize these phishing attempts with much more certainty, and without prior knowledge of a website’s design. While perhaps harder to spot than other differences, examining the URL allows individuals to have a high degree of confidence that a website is fake.
Image source: https://www.bbb.org/all/spot-a-scam/how-to-identify-a-fake-website
References
BBB tip: How to identify a fake website. (n.d.). Better Business Bureau. Retrieved February 22, 2025, from https://www.bbb.org/all/spot-a-scam/how-to-identify-a-fake-website
How to recognize fake website addresses. (n.d.). Oasis Connections. Retrieved February 22, 2025, from https://connections.oasisnet.org/oasis-connections-guide-to-online-safety/how-to-recognize-fake-website-addresses/The SSL Store. (2018). 5 ways to determine if a website is fake, fraudulent, or a scam. Hashedout. Retrieved February 22, 2025, from https://www.thesslstore.com/blog/5-ways-to-determine-if-a-website-is-fake-fraudulent-or-a-scam
Journal Entry #7 – Memes of Human-Centered Cybersecurity
Each of the above memes highlight important aspects of human-centered cybersecurity. The first image shows a leader in an organization largely ignoring and downplaying the impact humans have on cybersecurity. This, of course, can lead to significant vulnerabilities and may promote noncompliance among users. Humans will continue to be the source of many vulnerabilities as long as their behaviors and attitudes do not align with the security of the organization. Simply informing individuals of cybersecurity threats and the proper behaviors will likely not change their actions in the long term as, among many other contributing factors, they may eventually seek to perform their duties more easily, rather than safely, falling victim to security fatigue. The second image demonstrates the prevalence of these issues across most organizations, from the perspective of a group of attackers. Many do not put a great deal of effort in incorporating human factors into their cybersecurity plans. These organizations may benefit from taking the emotions and attitudes of users into account, and seeking the input of psychologists and cognitive scientists. The final meme depicts an organization taking some steps to remedy these issues. Through providing engaging cybersecurity training and focusing on the humans in an organization, along with their mental state and behaviors, these individuals may be able to create an environment less prone to human-enabled errors.
Journal Entry #8 – Impact of Cybersecurity’s Media Portrayal
The portrayal of cybersecurity in the media often differs from how cybersecurity operates in reality. Often, cybersecurity and hacking are shown as complex and thrilling activities, filled with jargon that most would not understand. Individuals may attack others or defend themselves from intrusions in a very active way, with these characters displaying a great deal of skill with their devices. While some of these characteristics may have a basis in reality, many are highly dramatized to provide a more thrilling experience to the audience. Consequently, these depictions can be harmful, to an extent, with their inaccuracies serving to instill fear in others while providing a misleading view of cybersecurity. This is particularly important as the information gained from films, television shows, and other forms of media may be the only knowledge about cybersecurity many people may have, and thus greatly influences society’s perspective about cybersecurity and threats to information systems. These depictions could make good security posture seem unattainable for most individuals, or make attempts to defend against attackers appear futile and purposeless, when this is certainly not the case. In fact, there are a great deal of actions that almost anyone can take to protect themselves. The impact of films and other media in this way further highlights the ability of social forces to shape the way in which different systems, including those related to cybersecurity, function.
Journal Entry #9 – The Social Media Disorder Scale
The Social Media Disorder scale can be used to identify problematic levels of social media use. Personally, I scored a one out of nine, only answering “yes” to the question asking whether the individual frequently plans on using social media. The scale, then, would indicate that my use of social media is normal. Even so, I believe the scale may possess some issues. For one, it does not take into account all contextual information of one’s use in each question. The question about conflict, for example, may not be comparable among different individuals, as it relies on their family and friends having similar opinions and perspectives. Where one person’s parents or friends may find even a small amount of social media use to be unacceptable, another’s family or peers may see no problem with them using social media for several hours each day. Similarly, if one is able to profit off of their social media use, it is reasonable that they would often think about it and desire to use it more. Despite this, some of the questions, such as those related to persistence, withdrawal, and displacement, would certainly be helpful in indicating potentially damaging behaviors. Thus, while some of the items in the scale might help provide a better understanding of one’s use, it is important to evaluate each specific individual and their motivations carefully before coming to conclusions about whether they are using social media to a harmful degree. It is also notable that social media is used at different levels and in different ways across countries. Societal and cultural differences among separate regions likely play a major role in this. These include possible differences in the proliferation and dependence on technology around the world. Of course, nations with a greater focus on technology, and therefore more devices, would likely possess a higher level of social media use. Those with a more recent adoption of network-enabled devices, which allow for social media, would likely see fewer people using social media applications and websites. There is also something to be said about the level of access permitted by governments. Some governments have a greater control over media ecosystems within their borders, implementing state-run social media applications while prohibiting others. Similarly, characteristics about a population, such as its cultural values or age, might also play a role in encouraging or discouraging the use of social media. Language barriers may also prevent those in some regions from making full use of social media, as well. Each of these factors show just how important culture can be to our behavior, thus providing important insights into how we can best use culture to support cybersecurity.
Journal Entry #10 – Influence Campaigns and the Need for Social Cybersecurity
The article “Social Cybersecurity: An Emerging National Security Requirement” argues that information wars or influence campaigns are a significant threat to society as a whole, as they manipulate the beliefs and views of populations (Beskow & Carley, 2019). This can cause people to hold different beliefs and engage in different behaviors which may be to the benefit of the groups or states that participate in this activity, while detrimental to the nations these individuals are a part of (Beskow & Carley, 2019). Overall, I largely agree with each of the points the article makes. The kind of societal and cultural changes prompted by online information wars are in no way insignificant, and can lead to noticeable changes both nationally and globally. This has commonly even led to disputes over relatively basic facts, or attempts to encourage these disputes. Working off of provocative, misleading, or outright false information can clearly pose a danger to the ability of individuals, and in some cases countries, to function properly. Even if only a small subset of people gain values or beliefs that conflict with those of others, they may be less inclined to work with others. These effects can be easily seen in the current political landscape of the United States, with two major parties that are, in many ways, almost alien to one another. Political division is exacerbated by online echo chambers, promoting and reinforcing ideas among individuals. This can be attributed, at least partially, to the influence campaigns of certain groups online. Consequently, it is certainly reasonable to suggest that finding ways to mitigate the impacts these influence campaigns can have through social cybersecurity is a highly important task, both to ensure the safety of individuals and society in general.
Reference
Beskow, D., & Carley, K. (2019). Social cybersecurity: An emerging national security requirement. Army University Press. Retrieved March 27, 2025, from https://www.armyupress.army.mil/Journals/Military-Review/English-Edition-Archives/Mar-Apr-2019/117-Cybersecurity/b/
Journal Entry #11 – Cybersecurity Positions and Social Themes
Multiple social themes are present in Nicole Enesse’s video presentation about the cybersecurity analyst job title. One appears to be communication. Part of a cybersecurity analyst’s responsibilities may be to communicate with other users who may not be as technically inclined, bringing awareness about cybersecurity issues and encouraging safe behaviors. Communication and teamwork are necessary to effectively prevent and respond to attacks, should they occur. Social skills and behaviors such as these are thus required of cybersecurity professionals, including cybersecurity analysts. Another theme within the video relates to social structures and one’s network. Social connections with others may be necessary to either get hired in a specific organization or to prove one’s competence in their work. These connections can also allow individuals to gain experience in cybersecurity without necessarily being employed by an organization. One’s social groups, then, may be important to their job prospects, enabling them to obtain knowledge and relationships which are beneficial to their career. Cybersecurity, in general, bears a strong connection to the people in an organization, including their behaviors, perspectives, and relationships. It is not surprising, then, that social themes arise in discussions about various cybersecurity positions, including cybersecurity analysts.
Journal Entry #12 – Economic and Social Science Theories in the Context of a Data Breach Notification
The sample data breach notification shown bears at least some relation to several theories within the social sciences, including economics. Rational choice theory states that individuals will act in the way that ensures the greatest benefit for themselves. Thus, organizations decide how their systems will operate and how much they will spend on cybersecurity. The organization depicted made the decision to outsource their website to another company, perhaps to reduce costs, meaning that they did not have full control over its security (SAMPLE DATA BREACH NOTIFICATION, n.d.). Both organizations described may or may not have put the appropriate amount of effort into securing customer data. The existence of the data breach notification at all can also be tied, in a way, to laissez-faire economic theory, which claims that the government should only intervene in the economy to protect certain rights of individuals. This relates to the data breach notification in that the notification itself may be required by governments in order to inform those whose data has been acquired, and in that intervention and investigation is only done after the incident has occurred, rather than to prevent attacks from happening in the first place. The sociological conflict theory may also offer some insight into this kind of data breach. Though the company described was responsible for protecting the data of their customers, their customers face the brunt of the damage caused by the release of their sensitive information. Consumers and corporations, then, may be on unequal footing in some cases when it comes to issues related to the use of sensitive data. Lastly, the psychological reinforcement sensitivity theory might be used to better understand the attack itself. Based on the information presented, it seems like the attack described would have been carried out to gain access to payment card information (SAMPLE DATA BREACH NOTIFICATION, n.d.). Thus, the attackers likely sought the monetary benefits of engaging in this activity. It is possible that a high level of impulsivity or reward interest prompted this behavior, where others would be deterred by the potential consequences of these actions. Each of these theories can help to provide more insight into the causes and impacts of incidents such as the one detailed in this notification.
Reference
SAMPLE DATA BREACH NOTIFICATION. (n.d.). https://dojmt.gov/wp-content/uploads/Glasswasherparts.com_.pdf
Journal Entry #13 – The Efficacy of Bug Bounty Policies
Bug bounties, the topic of the article “Hacking for good: Leveraging HackerOne data to develop an economic model of Bug Bounties,” seem to be a highly beneficial tool for organizations in helping to mitigate vulnerabilities within their systems and infrastructure. These bounties provide an incentive for individuals to bring vulnerabilities to the attention of the organization without exploiting them. This seems particularly important because no matter how much effort is put into an organization’s cybersecurity, it is unlikely that every single vulnerability will ever be identified and addressed by its employees alone. The use of bug bounties, then, can help to ensure that critical vulnerabilities are found and mitigated before they can be exploited by threat actors, which would likely bring real harm to the organization. The cost of these bug bounties, too, seems to often be far less than the overall loss to the organization that might occur if these vulnerabilities were to be leveraged by a malicious individual or group, with the article determining that these programs cost an average of $85,000 each year (Sridhar & Ng, 2021). One of the most notable insights in the article, to me, is that even small businesses can gain significant benefits from bug bounty programs, given that the amount of payment for reports and popularity of the organization had little impact on the number of reports received (Sridhar & Ng, 2021). While bug bounties, of course, cannot fully replace other kinds of controls, I believe them to be a worthwhile component of an organization’s security plan, whether that organization be a relatively small business or a major corporation, as evidenced by the article’s findings.
Reference
Sridhar, K., & Ng, M. (2021). Hacking for Good: Leveraging HackerOne data to develop an economic model of bug bounties. Journal of Cybersecurity, 7(1). https://doi.org/10.1093/cybsec/tyab007
Journal Entry #14 – Common Illegal Activities Online and Their Severity
There are many activities individuals engage in on the Internet that may be illegal. I would argue, though, that the most serious of these illegal acts are those which have the capacity to inflict physical and mental harm, or could substantially undermine the privacy and safety of others. Consequently, I believe that of the acts laid out in Andriy Slynchuk’s list, the worst violations would be bullying and trolling, illegal internet searches, sharing the passwords, addresses, or photos of others, recording VoIP calls without the consent of other parties, and collecting information about children (Slynchuk, 2021). Bullying and trolling can have many serious emotional and even physical consequences for their victims, and illegal internet searches may enable the user to engage in other dangerous criminal acts, depending on the information sought, so these two seem to be the most harmful of the acts identified. Collecting information about adults without their consent, and of children overall, alongside releasing sensitive information about individuals publicly can clearly lead to a lack of privacy and security for these individuals, and can thus be highly damaging. Releasing sensitive information can directly lead to monetary damages, too, if this information can be used to access their accounts on websites or applications. Though these five activities are certainly important to consider, many other illegal activities can be just as damaging. Each activity highlighted by Slynchuk, and the many illegal acts that are not, generally merit at least some effort dedicated to their mitigation.
Reference
Slynchuk, A. (2021, June 1). 11 Illegal things you unknowingly do on the Internet. Retrieved April 9, 2025, from https://clario.co/blog/illegal-things-you-do-online/
Journal Entry #15 – Understanding the Connections Between the Social Sciences and Cybersecurity Through Careers
Davin Teo’s presentation, beyond providing valuable insight into the work of digital forensic investigators, details the career path that led to him eventually obtaining this job. Initially, Teo was an accountant, but also performed IT duties in his workplace, later enabling him to work as a digital forensic investigator in a different organization. At a glance, this may seem like a strange sequence of job choices. However, while the day to day tasks of each may appear different, I believe both lines of work, accounting and digital forensics, share many of the same underlying challenges and principles. Both involve managing the information of other people, and examining data to find critical details, whatever that may be. The requirements of both to work with other people, and understand their actions, are particularly relevant, in that they demonstrate their mutual connection to the social sciences. To me, Teo’s presentation only further highlights that the social sciences are, truly, inseparable from cybersecurity in many ways.