Prompt: First, Introduce yourself to your classmates 

Include your major, your class standing (freshman, sophomore…), anything else that you would want us to know

Have you taken an online class before?  

• Have you had an internship?  If so, where?
• Do you have an ePortfolio created?
  • If so, what format do you use – WordPress or WIX
• If you are a senior, when do anticipate to graduate?
• For all, what are your goals after graduation, if known? 

Hello Everyone, 

My name is James Keith and I’m a senior majoring in cybersecurity. I expect to graduate in December, 2025 and currently reside in Central North Carolina. I enjoy traveling, especially flying, in addition to dabbling in different investment opportunities with my free time. 

I’ve taken online courses since my first semester in community college, so I am very familiar with the format. Since I live in North Carolina, I’m actually taking courses from Old Dominion through the ODU Global program, so I will be taking courses online for the remainder of my senior year. 

As of now, I haven’t had the opportunity to participate in an internship program. Still, I’m currently applying to opportunities in the Summer and will hopefully participate in one before graduating. 

Initially, I’ve resisted creating an e-portfolio as my previous courses didn’t require one. However, I have since created one through WordPress and I’m currently in the process of updating it with projects from my past courses. 

After I graduate, I’m unsure what type of cybersecurity position I will pursue. I personally would like to pursue some type of consulting role that would allow me to travel and assist clients, but I’m also open to a more permanent position that focuses on recovery efforts or prevention tactics if the opportunity presents itself. 

Prompt: How does the principle of determinism relate to computer hacking?

Determinism is a scientific principle that states that every behavior, action, or consequence is a result of a preceding event. With computer hacking, determinism can be seen in both the individual who hacked the system and the computer system itself. By analyzing different computer hacks that have happened in the past, a pattern typically emerges that leads to the exploit or the decision to hack a network or system. 

When looking at systems, hackers look for commonalities in how they operate or are designed. Once similarities are discovered, the individual can manipulate or test the system to see if they can find an exploit that can give them root access to the network. Such examples of testing the system include using brute-force attacks against the authentication system, if present, or a buffer overflow attack that can overwhelm the system, allowing arbitrary code to be inserted. 

From a human’s perspective, human errors and poor oversight can lead to computer hacking. Whether clicking on a suspicious link appears to do nothing when, in reality, a virus has been covertly placed on the system or poorly written code is overlooked through quality control checks and used in a program, hackers can use these past events to gain unauthorized access to the system. Moreover, a disgruntled former employee whose access hasn’t been revoked is another example of human-based events that lead to hacks. 

Regardless of the scenarios mentioned above, past events led to successful computer hacks, thus proving the determinism theory correct. Even though free will determines the situation’s outcome, the fact that vulnerabilities exist and are exploited is cause for concern, regardless of the result. 

Prompt: Security breaches are common in organizations, and many of these breaches are caused by human errors. What are some ways to reduce human errors and improve security?

Reducing human errors to prevent security breaches is challenging but attainable with the proper training and security precautions. One of the best ways to reduce human error-related breaches is to provide frequent test cases to employees at random. For example, an IT worker specializing in cybersecurity can send emails with suspicious links that, when clicked, collect information about the device user so that the cyber team can identify specific employees who need additional training. Those who don’t open the email but report it will have passed the test scenario and require no further training. While this method can be seen as unfair, it’s best to test employees when they least expect it, as it simulates real-world scenarios and identifies those who need more training. 

Another example is to have employees complete bi-annual security training by cybersecurity professionals. Most employees are unaware of the level of sophistication cybercriminals are capable of in hiding malicious content in emails, files, or links. Therefore, the company should keep all employees updated on the latest cyber threats and how to identify these malicious content. Additionally, sending out newsletters weekly with the latest security updates can keep employees informed about the latest threats. 

While these examples are great ways to reduce human errors, the organization should have multiple levels of security on all its systems and devices to minimize malicious content getting to the employee. Firewalls, content filtering, and device restrictions on company networks are just a few tools organizations can use to reduce threats to their employees. Even though some malicious content will make it through these protective barriers, well-trained employees should be able to identify and report any probable threats to the cyber team for further investigation. 

Prompt: Post a comment in the discussion board answering the question: ‘Apply the phrase victim precipitation to cyber victimization.‘

Victim precipitation is the effort to identify how a victim’s behavior contributed to their victimization. Essentially, one should identify the causes of victimization and see if improvements can be made to make them safer. 

When answering the prompt above, it’s essential to understand how the victim contributed to their victimization. Did the victim engage in cyberbullying, provoke hackers (intentionally or unintentionally), or participate in illegal activities that hurt another individual who wanted retribution? Was the precipitation passive, such as using weak passwords, clicking on malicious links, or sharing excessive amounts of personal data online? These questions need to be answered truthfully to understand why the victim was victimized in such a way that caused them harm. 

Cyber victimization is deeply troubling, primarily when the offender has accessed personal information. Leaking sensitive videos, images, banking details, and other personal data can devastate an individual’s public image and reputation. They could lose their jobs, spouses, and families if compromising information is released, prompting the victim to contemplate the unthinkable. Furthermore, with the rise of A.I. platforms and digital technology, deepfake videos and images can create the illusion that an act occurred when it did not.

Even though answering the questions above can help explain victim precipitation, the attacker is solely to blame. They are the ones who took it upon themselves to destroy another individual’s livelihood for a payday or personal satisfaction. While the chances of being caught and prosecuted depend on the sophistication used to hide their true identity and digital tracks, the victim is left to pick up the pieces of a now-broken reality. 

Prompt: Identify which theories you think best explain cybercrime and discuss what you like about that theory. 

In my opinion, cognitive theories, such as the neutralization theory, best explain cybercrime. The neutralization theory suggests that individuals who commit crimes know right from wrong but rationalize their behavior before committing it. Examples include the following:

• Criminals believe that nobody will be hurt by their actions. 
• The victim of the attack deserved to be targeted. 
• The criminal isn’t responsible for how they behaved. 
• The crimes committed will build their reputation within a group, elevating them above others. 
• Law enforcement or intelligence agencies commit actions that aren’t entirely legal without repercussions, so criminals should be able to do the same. 

Criminals use these rationalizations to support their actions. While other theories have valid points, such as the psychodynamic theory, which holds that early life experiences influence behavior as individuals age, cognitive theories like the neutralization theory are the main factors criminals acknowledge after committing cybercrimes. Further, all individuals, regardless of their past, have hesitancy instincts that kick in when we consider embarking on acts that we know aren’t legal or right. People have the right to make their own decisions, and because of this, we must deal with the consequences should these actions result in legal prosecution. Ultimately, a culmination of psychological problems and theories can be a factor as to why cybercriminals commit crimes. It is my belief, however, that every individual is free to make their own decisions, so I think cognitive theories, such as the neutralization theory, best explain cybercrime. 

Prompt: Using the following link, watch the video about the “human firewall”:

https://www.youtube.com/watch?v=BpdcVfq2dB8

Pay attention to what the biggest risk of cyber threats are. 

After watching the video, post an entry in the discussion board describing what you think about the “human firewall.” 

In my opinion, the “human firewall” is the safeguards that individuals put around their personal information. Whether it be their SSN, bank/debit/credit account numbers, account passwords, or other personal information shared on social media platforms, the individual controls what information is kept to themselves and what is shared with others. Essentially, they are taking the place of an actual network firewall that determines what information is kept in and what’s let out. As shown in the TedX video referenced, the free coffee and pastry scheme, in exchange for following the shop on Facebook, allowed experts to dig up extensive personal information from their profile and a web search. While it is scary to witness how much personal information can be found in just a few minutes with basic information, people can control how much of their personal information is available online. 

While finding personally identifiable information online is easy, removing it isn’t easy. Deleting information off the web is challenging due to the complexities that make it up. From the personal side, paying for a data protection plan like Aura is helpful as it monitors websites for your information and automatically requests your data to be deleted if it’s discovered. Though these services can’t delete data from every website, they can help reduce the amount of personal data available. From a business angle, frequent training by organizations is helpful as it allows cyber professionals to share how threats, such as phishing or whaling, target employees and what steps they can take to identify and report such threats. Further, simulated test cases can help determine which employees need additional assistance based on how they handle the situation. 

Overall, the “human firewall” is only as good as the individual who controls it. Identifying oneself as a cyber threat is challenging, as sharing personal details on social media is common. What’s even more difficult is to refrain from sharing such information on social media profiles or with others. Just like a digital firewall blocks and allows only permitted IP addresses and ports, a human firewall should restrict the amount of data being shared to only the essentials. By enforcing such restrictions, an individual can reduce the overall amount of PII accessible to cyber threats. 

Prompt: Using the following link, watch the video about a 12-year-old hacker:

https://www.youtube.com/watch?app=desktop&v=7TpsYofbAPA

Pay attention to how he has embedded himself into the cybersecurity culture.  Also, pay attention to how the ideas of knowledge, technology, and secrecy relate to his expertise. 

On the discussion board post an entry about how the video relates to something you read for this class – either from the readings or this module.

After watching the video of Reuben Paul’s life, I felt that his story and the video relate to the social system ideology discussed in module seven. The social system is described as various social institutions that exist through interactions between one another and the social system’s members. In the video, the reporter states that Reuben’s parents both come from the technology field, hence his keen interest in cybersecurity. Passing on one’s passion for a particular topic, especially as a parent, is very encouraging when those you’ve passed knowledge and understanding to use it to further the cause. In Reuben’s case, he has a passion for cybersecurity and shares it through presentations at conferences and shows worldwide. While very few studies have been completed regarding the connection between cybersecurity and families, the video clearly shows that Reuben has a fond understanding of cybersecurity principles that many in his age range would struggle to understand. While the social system ideology doesn’t explicitly highlight what I’ve just described, I believe Reuben and his connection to technology can be traced back to his parent’s careers in technology. The social system principle is very broad in scope, meaning that the video’s content could very well be considered a part of the social system. I believe it relates to the social system and Reuben’s passion when discussing cybersecurity topics. 

Prompt: Identify two research questions that researchers might address related to the social aspects of cybersecurity. 

One research question that a researcher might ask is how social engineering tactics, like phishing, exploit social behaviors to compromise cybersecurity. Social engineering is a highly effective method used to breach cybersecurity, particularly policies that an organization has established. Whether it be using a phishing or baiting attack to leverage principles such as trust, fear, or curiosity to trick individuals into clicking or willingly inputting sensitive information, threat actors utilize human factors and emotions to manipulate individuals. While primarily based on psychological factors, researchers can use this data to help train and educate individuals on how to recognize such tactics and avoid engaging in them. 

Another question researchers could ask is how the structure of online social networks influences the spread of cybersecurity threats. The continued influence of social media on the general population’s perception of various hot-button issues is a subject that isn’t well understood. While some research has been conducted, the mechanisms by which cybersecurity threats spread on these platforms remain largely unknown. An example of this is how malicious links can be shared within a viral campaign to exploit vulnerabilities on the user’s devices. Though the influence of these campaigns depends on how viral the topic becomes, researchers could investigate the supplemental factors behind such attacks. 

Prompt: What does economics have to do with cybersecurity?

Economics and cybersecurity are closely interconnected as economic factors can both influence and be impacted by cybersecurity incidents. Economics focuses on the allocation of resources, and cybersecurity represents a critical aspect of resource allocation in today’s rapidly growing digital age, affecting individuals, businesses, and governments alike. Through incentives, stability, and growth, cybersecurity and economics are deeply intertwined. 

One way economics interacts with cybersecurity is through incentivizing cybersecurity behavior. From a business perspective, maintaining the security of their supply chain is of the highest priority. The World Economic Forum’s Global Cybersecurity Outlook 2025 highlights this, noting that 54% of large organizations identify supply chain vulnerabilities as their primary cybersecurity challenge. Since ensuring the continuity of the supply chain is of utmost importance, businesses are incentivized to invest in cybersecurity tools to maintain the continuous flow of materials. These preemptive measures enable the company to continue operations and sustain profitability in the event it is subjected to a cyberattack. 

Another way economics impacts cybersecurity is the growth of the digital era. As specific sectors transition from physical systems to digital infrastructure to reduce costs and increase efficiency, trust in the security of these systems becomes essential for commerce, innovation, and productivity. The World Bank’s Cybersecurity Economics for Emerging Markets report suggests that reducing the number of cyber incidents could boost GDP and outperform the economic gains of AI implementation. It also highlights that cybersecurity isn’t just a cost but an investment that will create a more resilient economy. This analysis underscores the importance of cybersecurity as a crucial factor in promoting economic resilience. 

Overall, economics and cybersecurity have a significant influence on one another through various means. Whether it is through providing continuity in the event of a cyberattack or promoting the next generation of financial growth, cybersecurity is crucial in protecting the overall economic outlook of individuals, businesses, and governments alike. By protecting the supply chain and securing digitizing economies, it’s clear that economic principles are driven and shaped by the current landscape of cybersecurity. 

References:

World Economic Forum: Global Cybersecurity Outlook 2025

World Bank Group: Cybersecurity Economics for Emerging Markets

Prompt: Why do you think individuals don’t report cybercrime victimization? Describe your views.

I think most cybercrime victims don’t report it as they are either unaware they were victims, are afraid of their cyberstalker, or believe law enforcement won’t conduct a thorough investigation.

According to a study conducted by Erica Fissel (2023), “the most commonly endorsed reason among the sample of cyberstalking victims was that they did not know that their experiences were criminal” (p. 7). With the rise of cyberbullying, many individuals have become immune to negative comments or posts on social media platforms. While most comments are just inappropriate for the topic, some take it to the nth degree with threats and violence. It’s these comments that are classified as cybercrime. However, many social media platforms or law enforcement agencies aren’t adequately trained on how to handle these types of events. Social media platforms rely on AI-based software to remove vulgar comments, but they often fail to do so due to the high volume of posts submitted daily. Furthermore, law enforcement is frequently inadequately equipped to track stalkers online due to privacy-based laws and the numerous layers of protection stalkers employ, such as fake accounts, VPNs, and firewalls. 

Fissel (2023) further notes that “while only endorsed by a small number of cyberstalking victims, it is important to note that nearly 11% did not report their experiences to law enforcement because they were afraid of their cyberstalker” (p. 8). Many victims don’t report their experiences as they are scared of their stalker. Though they might not even physically know this individual, the individual might threaten to release images, videos, audio, or other potentially sensitive information if the victim approaches the authorities, in addition to violence. While the threats may be empty, most victims will be unwilling to take the risk. 

Finally, victims may not report cybercrime because they believe that law enforcement is ill-equipped to handle such cases. According to Fahmida Rashid (2020), victims may “have the perception that there is no value to reporting the attack because law enforcement entities won’t have the resources to investigate.” This presents a two-headed issue because many of the victims are misguided by this mindset, meaning that law enforcement doesn’t see it as a big issue. Therefore, law enforcement won’t request additional resources to investigate these events, as the statistics don’t support spending more funds on the necessary cyber tools. 

Overall, cybercrime victimization isn’t reported as often as it should be by individuals due to misconceptions, fear, and not believing it is criminal. Unfortunately, these statistics won’t improve unless law enforcement and social media organizations implement a way to inform the public of what acts are considered cybercrime. Once the public understands what constitutes a cybercrime, reporting numbers are likely to increase as victims seek justice and support. 

References:

 Fissel, E. R. (2023). Is It a Crime? Cyberstalking Victims’ Reasons for Not Reporting to Law Enforcement. Social Sciences, 12(12), 7-8. https://doi.org/10.3390/socsci12120659

Rashid, F. Y. (2020, October 8). Cybercrime Victims Are Not Calling The Police. Decipher. Retrieved April 7, 2025, from https://duo.com/decipher/cybercrime-victims-are-not-calling-the-police