CYSE201S- Journal Entries

Week 1 Journal Entries-

Cyberspace Operations

To achieve objectives in or through cyberspace, synchronized actions are to be taken for cyberspace operations. Some of the tasks involved include network security monitoring, digital asset protection, and system vulnerability detection.

Exploitation Analysis

Research into possible vulnerabilities and ways of exploitation is referred to as “exploitation analysis.” It includes a review of defensive strategies, system behaviors research, and entry points analysis.

Mission Assessment

Mission assessment analyzes the outcome and effectiveness of cyber operations with respect to stated objectives. It includes operational impact assessment, identification of areas for development, checking of success metrics, and assessment whether the goals were achieved. This informs strategic adjustments and planning for the future.

Week 2 Journal Entries –

Cybersecurity procedures do the basic scientific ideas have an impact on. Empiricism leaves discipline relying on data analysis and observable evidence to recognize threats and verify safety protocols. Security experts collect data, investigate attack trends, and test defenses using observations from the real world.
Determinism helps to make security measures possible that can predict an understanding of the cause-and-effect relationships involved in cyberattacks and system vulnerabilities. Employing a principle that seems to be obvious—that simpler solutions are often more reliable and far easier to maintain—parsimony sends a message to create good security solutions by avoiding unnecessary complexity.
 Therefore, a strong need for objectivity in both risk assessment and incident response, where organized assessment of evidence and objective analysis of security events are performed. 

______________________________________________________________________________________________________________

Week 3-

The large Data Breach Chronology 2.0, which is a database comprising documents of over 70,000 breaches and the related 25,000 notification letters, researchers can begin to have much more thorough study concerning privacy-related incidents with the supplied information from PrivacyRights.org. Such a dataset also allows researchers to probe the vulnerabilities of specific industries, assess the temporal pattern of breach occurrences, and explore the relationship between business types and security-related incidents, as 49% of registered information brokers in 2021 were marketing businesses. Therefore a collection of breach letters would allow analysts to conduct studies on notification procedures and expose the impacts in various sectors, being more meticulous in sensitive sectors such as higher education, as the website comments on the secrecy concerning digital learning sources. 

PrivacyRights.org

_______________________________________________________________________________________________________________

Week 4- Journal Entry

From a technology perspective of looking at Maslow’s Hierarchy, physiological needs are satisfied with sleep-monitoring apps, meal planning apps, and hydration apps. Safety needs are satisfied by technology in the form of password protection, antivirus software, and home security systems. The belongingness level is shown in social media relationships, online groups, and video conferencing that make us feel close to loved ones and friends. Esteem needs are satisfied by professional networking websites, online rewards, and positive online testimonials. Lastly, self-actualization is attained by online learning websites, creative digital tools, and technology that facilitates personal development and expression. My use of technology on a daily basis corresponds with these levels – from using fitness apps for overall well-being to online learning for self-enhancement, technology has become an integral part of meeting needs through Maslow’s hierarchy.

________________________________________________________________________________________________________________

Week 5- Journal Entry

1.  For The Money: This motive makes the most sense because the money they were offered is a larger amount. thus can help you make money in a short time. 

2. Political:  These people’s motives makes sense but I don’t pay attention to politics  

3. Entertainment: This makes some sense because although he stealing data from LinkedIn and posting it. he was doing it for money so his motive was really for personal gain. 

4.  multiple reasons:  The website says that cybercriminals have many different motives but it all depends on the circumstance that the attacker is in. 

5. recognition: This motive is for personal gain as well as to win an election so to me their motive was valid.

6. Revenge:  this also makes some sense but I feel that some other ways and techniques can be used to help them change their motive. 

7. Boredom: These people’s motive to text children because they’re bored is not a motive that’s a psychological issue.

________________________________________________________________________________________________________________

Week 6- Journal Entry

1.  Legitimate: support.apple.com

      Fake: https://applesupport.com/

Another would be a spoofed Apple support site that has “applesupport.com.co” as a domain name in place of the actual “support.apple.com.” The unfamiliar domain extension on an imitation website is generally a red flag. Furthermore, it might also have an unverified security icon that, upon clicking, does not display any verification information. Furthermore, the site might request personal information that would never be explicitly asked for on authentic Apple support sites.

2. Legitimate: https://www.amazon.com/

     Fake:    http://amaz0n-shopping.com/

The URL of the copy website is similar to the original one but not identical, i.e., instead of using “0,” they use “o” or have some other suffix name, for instance, “.net” or “.com.” Unverifiable contact information is also suspicious. While fake websites provide false and incomplete information, original websites provide accurate and complete contact information with a physical address and customer care number.

3. Legitimate: https://www.paypal.com/

  Fake: paypa1.com

Usually replicating PayPal’s login page, the fake site can have URLs like “paypaysecurity.com” or “paypa1.com.” PayPal’s website, on the other hand, is “paypal.com.” The differences in URLs are an important indicator of a scam since phishing pages often employ substitutions or misspellings, like “o” being substituted with “0” or “l” being substituted with “1.” The illegal website could also not possess a valid SSL/TLS certificate when both the original and phishing websites have a padlock icon. Certificate details are disclosed when the padlock icon is clicked; a website can be fake if there are too few or inconsistent details.

_______________________________________________________________________________________________________________

Week 7 – Journal Entry

photo #2-  Meeting room 

– Many laptop settings open in a collaborative environment, ensuring risk, data exposures, potential distractions, and shoulder surfing risk. 

– Possible unencrypted communication or shared passwords in a public setting. 

Meme Idea:  ” When you bring cybersecurity awareness to a meeting, but Karen still uses password123′.”

photo #3- VPN on Laptop Screen

• Using a VPN does better secure online activities.
• Could be working remotely, raising concerns about endpoint security and Wi-Fi security.

Meme Idea: ” That feeling when you finally turn on your VPN before connecting to Starbucks Wi-Fi.”

photo #10- Engineer in Server Room 

• The glow of the screen suggests either she is highly focused or she is in a stress-controlled environment
• Working directly with critical infrastructure means security protocols must be strictly followed.     

Meme Idea: ”  Me: I’m just here to troubleshoot. Also me: I accidentally lock myself out of the system.”

___________________________________________________________________________________________________________

Week 8 – Journal Entry

Following Keren Elazari’s deconstruction of hacking scenes in films, I’m amazed at how Hollywood distorts our view of cybersecurity. Hollywood turns agonizing coding into milliseconds of melodramatic keyboard clicking, with spiffy 3D interfaces instead of boring command-line interfaces. While a couple of films like “The Matrix” are deserving of credit for realism (9.5/10!), others make dangerous illusions about the speed and capabilities of hacking. The media has conditioned us to be concerned with sophisticated attacks and not low-key ones, such as password reuse. As Keren’s t-shirt reminds us, “Hackers don’t break in. We log in.” Actual cybersecurity is not a matter of superpower but of patience and taking advantage of human vulnerability—less Hollywood, maybe, but the reality that keeps us secure.

________________________________________________________________________________________________________________

Week 9 – Journal Entry

How did you score? 

– My score was zero

What do you think about the items in the scale? 

-Like addictive behavior assessment, the scale appears to gauge the problem of social media use. Complete Coverage covers the many dimensions of social media overuse, including social consequences (Conflict, Problems) and emotional dependence (Escape, Withdrawal).

Why do you think that different patterns are found across the world?

Social, economic, and technological conditions determine the use of social media and awareness of cybersecurity in various parts of the world. Some societies encourage open sharing, while some value privacy. While developing countries lack infrastructure and sensibility, developed countries have superior cybersecurity infrastructure. Education has an important part to play as increased digital literacy makes cyberattacks less likely to occur. Laws differ; stringent regulations like the EU’s GDPR are more protective. Social networks differ by location, affecting security threats. Areas of cybercrime trends are influenced by threat actors, and psychological motivations influence online activity. All these determinants dictate how people and businesses react to cybersecurity threats.

________________________________________________________________________________________________________________

Week 10 – Journal Entry

L. Col. David M. Beskow and Dr. Kathleen M. Carley’s social cybersecurity article provides a well-informed analysis of new threats in cybersecurity, particularly those that threaten the nation’s social stability. Cyber media like social media and online forums are employed by enemies to spread disinformation, manipulate the population’s emotions, and be a menace to democratic processes, according to the authors. Social cybersecurity is focused on keeping information intact and in harmony with the people, compared to conventional cybersecurity, which has a greater emphasis on system and network security.
The most urgent demand for diverse techniques to address these threats lies among the article’s most important conclusions. The comprehension of how misinformation spreads and influences behavior requires the convergence of sociology, psychology, and cybersecurity to be comprehended. The authors also highlight how artificial intelligence can create and reduce these problems. To design methodologies that enhance digital literacy, detect disinformation, and promote fact-based discussions, governments, military forces, and technology giants must collaborate. This article is pertinent to the present events in the world, where social media deception has been the biggest driver of social and political unrest. It lends significance to the fact that cybersecurity in the contemporary world entails protecting truth and trust in online communications and data protection. Overall, the authors make a compelling case for the recognition of social cybersecurity as an integral component of national security policies.

________________________________________________________________________________________________________________

Week 11 – Journal Entry

After consideration of the YouTube video of careers in cybersecurity analysis, some social themes come to the forefront. Networking and involvement in one’s community are promoted as being important aspects of career advancement, though the presenter finds it difficult to achieve. Geographic mobility and matters of lifestyle are concerns in various cities with disparate cultural environments (from the fast-paced culture of New York City to more laid-back environments such as Atlanta). The discussion of shifting workforce trends, especially how the lack of competition in cybersecurity presents a flawless bargaining table for improved pay and improved conditions of work, is brought to the forefront. Work-life balance choices are also brought up, referencing the breakdown of a high-paying graveyard shift job offer due to interests. There is a suggestion of new career paths, going against the conventional education expectations by having work experience and certifications replace bachelor’s degrees. Finally, community work as a way of career building is promoted with the potential for offering technical expertise to churches or not-for-profit organizations as a means of obtaining experience.

________________________________________________________________________________________________________________

Week 12 – Journal Entry

Analysis of Sample Data Breach Notification Through Economic and Psychological Theories

The sample data breach notice is in line with several economic and psychological principles. Economically, information asymmetry can be viewed as the firm possessing superior information regarding security weaknesses compared to the customers’ knowledge at the time of buying decision-making. The company hiring a “platform provider” using transaction cost economics is one example of how companies balance the benefits of concentration against coordination costs—with a lack of adequate security management. The theory of risk perception is psychologically revealed in the temporal (delayed) and frame (being “unaware of any actual misuse”) use by the notification to attempt to control customer impression. The letter applies the theory of repair of trust to attempt to fix the broken relationship by highlighting response behaviors and providing concrete steps for customers to shield themselves.

________________________________________________________________________________________________________________

Week 13 – Journal Entry

After reviewing this journal article about bug bounty economics, I’ll summarize my reaction with a focus on the literature review and findings discussion.

The authors’ synthesis of Hacker One’s bug bounty platform effectively crosses several disciplines. Their literature review integrates supply and demand economics theories with software engineering principles. By integrating knowledge from security experts like Alex Stamos and Mårten Mickos, they construct a robust theoretical model for understanding this cybersecurity job economy. For businesses thinking of setting up bug bounty programs, the study is enlightening. Perhaps the most significant revelation is that price insensitivity among hackers (0.1–0.2) translates to non-monetary factors encouraging participation. This implies that small firms with less money can get involved in bug bounties. Further democratizing access to security resources, the study also reveals that reported vulnerabilities received are not affected significantly by company size or brand worth. There were distinct contrasts between the financial and retail sectors, recipients of fewer reports. This likely stems from criminals being able to take advantage of vulnerabilities in those sectors more so. Program age also came into play; there were fewer older program reports. 

https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true

________________________________________________________________________________________________________________

Week 14 – Journal Entry

Five Most Serious Online Legal Violations
In the context of illegal online activities, the main serious misdemeanors include the use of unofficial streaming websites and torrenting services, which directly harm the satisfaction of official websites and weaken intellectual property rights. Identity theft is another severe discourtesy since it can destroy a victim’s financial and emotional life while perhaps facilitating another crime. Cyberbullying and trolls are worthy of attention because they can jeopardize the psychological lives of vulnerable individuals, sometimes with tragic consequences, including self-harm. Finally, sharing unique knowledge of different individuals without permission (such as dealing with otherwise confidential photographs) constitutes a serious breach of privacy, which may lead to stalking, harassment, or even worse. The preceding five undertakings warrant particular concern; therefore, they either directly harm a person (emotionally, financially, otherwise through seclusion offences), or they sabotage the financial foundation facilitating the establishment of inspired industries, with a result that extends beyond the virtual kingdom of sources of income and personal security.

https://clario.co/blog/illegal-things-you-do-online

________________________________________________________________________________________________________________

Week 15 – Journal Entry

The video offers a compelling view of the career of a digital forensics expert. What strikes me most about the speaker’s career path is how haphazard it was—he started as an accountant who “tinkered with computers” before walking into a chance in digital forensics that redirected his career. His career progression is a classic example of how technology careers evolve in a non-linear fashion instead of in a straight line. Without formal digital forensics training (grudgingly admitting there weren’t specialized courses “back in my day”), his accounting background was well-suited to useful analytical skills that easily translated to digital investigation work. The social science connection is deep-seated—digital forensics is not purely technical work but entails knowing human patterns of behavior, organizational dynamics, and social context. In his case study of his corporate torrent site, the investigation revealed organizational culture problems in the IT department. This illustrates how digital forensics tends to bring out social phenomena (group behavior, power relationships, organizational norms) in addition to technical evidence. What I value in his account is how he discovered his “niche” through nurturing inquisitiveness instead of adopting a predetermined vocational path. It reminds me that interdisciplinary educational trajectories can help construct innovative professional stances that accommodate technology with awareness of human action.

________________________________________________________________________________________________________________