Journal Entry 1
After reviewing the NICE Framework, I have concluded that I would enjoying focusing on the “Protect and Defense” aspect of the Framework simply because being able to maintain the integrity of a companies’ network and data is something that aligns with my goals as far as professions go. This area of work is responsible for protecting against, identifying, and analyzing risks to systems such as computers or servers or networks. The idea of being the line of defense against cyber threats is especially appealing to me. It’s about constantly assessing and responding to potential risks before they cause harm. Protecting sensitive information like intellectual property, customer data, or financial records, makes working in this field highly motivating. The idea that a single vulnerability can cause an entire organization to have to shut down and close its operations, brings a sense of responsibility and purpose, knowing that what I do has a direct impact on the company’s stability and success.
Journal Entry 2
Social science helps in cybersecurity by focusing on how people behave and
make decisions. Hackers often trick people into giving away personal
information through social engineering, like phishing, so knowing how people
think helps stop these attacks. It also helps us understand how people view
risks, which can improve security training and policies. Building a strong
security culture in workplaces makes sure everyone follows the rules.
Understanding trust and privacy is important too, as it helps design systems
that prevent mistakes and keep data safe. In short, social science helps us
protect against cyber threats by focusing on human factors.
Journal Entry 3
Researchers can the information from the site “PrivacyRights.org” to look for
certain patterns in the data breaches provided by the website. By studying
what happens and how it happens in each case, they will be able to find
some common reasons as to why these breaches occurred, examples of such
reason would be, weak security or human error such as someone falling for a
phishing scam. This can help the researchers understand how attackers were
able to gain access into these systems and identify the mistakes made and
sort of come up with a future to stop more data breaches from happening in
the same way. They can also study how the breaches change over time,
which would also help create better defenses to stop future breaches.
Journal Entry 4
Maslow’s Hierarchy of Needs consists of five levels, each of which can be related to
personal experiences with technology:
1. Physiological Needs: Technology meets basic needs like food and shelter
through apps for grocery delivery or housing platforms. For example, I use apps
like Grubhub to order food from the Webb center and apple maps to find things I
need.
2. Safety Needs: Digital tools provide security through services like antivirus
software or two-factor authentication like Duo mobile, which I use to protect
almost all my data and schoolwork.
3. Love and Belongingness: social media, messaging apps, and online
communities help fulfill social connections. My use of platforms like Discord lets
me interact with friends and find people that share the same interest with me.
4. Esteem Needs: Achievements in games, gaining followers on twitch, or
professional recognition through platforms like LinkedIn boost self-esteem.
Completing goals in games like Trove and Osu! has given me a sense of
accomplishment.
5. Self-Actualization: Technology enables personal growth through access to
knowledge and creativity tools. For instance, I use coding platforms like Vscode
and creative apps such as Unity or PowerPoint to work on projects like game
development and cybercrime presentations.
Each level highlights how technology supports my fundamental and higher-level needs.
Journal Entry 5
Ranking the motives behind cybercrimes from most to least logical:
1. For money: Financial gain is the most practical motive, as hackers can directly
benefit from stolen funds, like in the HP report on cybercriminal spending.
2. Revenge: People driven by personal grudges, as seen in the revenge porn
article, have strong emotions fueling their actions, making this a powerful motive.
3. Multiple reasons: The Infosecurity article shows hackers often have complex
motivations, combining money, recognition, or revenge, which makes sense as
they have several driving factors.
4. Political: Hackers with political motives, like in the Economic Times article, want
to push an agenda or make a statement, which is a strong but more specific
reason.
5. Recognition: Some hackers, as in the DDoS attack article, seek fame within
their community, but this motive is less tangible and less universal than revenge
or money.
6. Entertainment: The LinkedIn scraping case shows that some people hack for
fun, but this is harder to relate to since it doesn’t offer much real benefit.
7. Boredom: As seen in the HeraldLive article on cyberbullying, hacking out of
boredom feels the least justifiable, as it lacks any real purpose or gain.
Each ranking reflects how logical and understandable the motive is, with money being
the most practical and boredom the least.
Journal Entry 6
Fake websites often try to copy or mimic real ones but lack authenticity markers.
For example, fake URLs usually contain small changes such as “g00gle.com”
instead of “google.com” using odd characters or tiny misspellings that make them
seem legit. Fake websites also tend to feature huge offers or urgent alerts, that
try to make the users give away personal information in one way or another.
Another sign of a fake website is the lack of verified contact information. A real
site would normally include real email addresses, legitimate customer service
numbers, and social media links. For example, comparing real sites like
“paypal.com”, “apple.com”, and “amazon.com” with fake variations like “pay-
pal.com”, “apple-support.net”, or “amaz0n-help.com” shows us that real sites use
secure HTTPs protocols, professional layouts, and verified credentials, which fake
sites often lack.
Journal Entry 7
Image 1:
This meme addresses the issue of phishing and how curiosity or overconfidence can
lead to security breaches. Many cyberattacks exploit human psychology, such as a
desire for free things, by tricking users into clicking malicious links to steal their personal
information.
Image 2:
This meme hints at the reality that in collaborative work environments, employees can
sometimes unintentionally share sensitive information due to relaxed security protocols,
such as leaving documents open or sharing credentials using insecure methods.
Image 3:
This shows the constant threat posed by mobile malware and how many people don’t
realize that the apps they download could be malicious. It also hints at notification
fatigue, where users might ignore important security alerts due to the overwhelming
number of notifications they receive.
Journal Entry 8
Movies and TV shows often dramatize hacking, making it seem like it happens in an
instant and filling the scenes with flashy visuals. Hackers are usually depicted as
geniuses who can break into any system within a matter of seconds, often by simply
typing a bunch of random keys on a keyboard. This is very different from the reality of
cybersecurity, where hacking involves a lot of time, patience, and complex strategies to
be able to crack into some systems. It creates false expectations about the ease of
hacking, which can lead to people misunderstanding real world security threats and
challenges. The media’s focus on making it cool, shifts attention from important topics
like ethical hacking and privacy concerns, giving a warped perspective to many people,
on the cyber industry.
Journal Entry 9
After watching the video, I was pretty surprised by how easily people can overshare on
social media, just like “Dave.” After scoring a three on the Social Media Disorder scale I
started thinking about my own habits and how much time I truly spend online. The
scale’s items really show how attached we, as people of the modern age, can get to
social media. I see this when I find myself constantly checking my phone. I think
different patterns across the world happen because of culture and technology. In some
places, people rely on social media to stay connected. In other areas, people might
focus more on face-to-face connections and avoid sharing personal info online.
Journal Entry 10
After reading the article It really showed all of the different sides of cybersecurity. It’s not
just about protecting networks and keeping out hackers social cybersecurity is all about
dealing with misinformation and fake news that can mess with how people think and
even impact national security. The article talks about how these “social cyber attacks”
can use things like social media to shift public opinion, which can be pretty dangerous
when it’s on a bigger scale. What stood out to me is how this takes cybersecurity
beyond the technical aspect. It’s not just about trying to stop hacking attacks. It’s also
about understanding people and stopping the spread of lies online. You’ve got to know
some psychology and understand how people trust info to really defend against these
attacks.
Journal Entry 11
The presentation on cybersecurity analysts covers a lot of social stuff like teamwork,
trust, and communication. Analysts really have to connect with people across different
departments, making sure everyone knows the importance of security policies. They
also use these connections to teach teams about possible threats and to get feedback
on anything suspicious. It’s not just a 9 to 5 either analysts sometimes have to jump in
after hours or during emergencies, building that trust within the organization. In short,
the role combines tech skills with understanding people, aiming to keep everyone safe
by working together and keeping communication open.
Journal Entry 12
So, let’s dig into how some of these theories tie into the breach notification. Starting with
rational choice theory it’s kind of like how the company and the customers are making
moves to protect themselves. The company puts out advice so people can keep an eye
on their accounts. And then, there’s Keynesian economic theory, which is all about
stepping in and taking action. The company doesn’t just sit there they bring in
cybersecurity pros and law enforcement, which is super Keynesian in managing a crisis.
For the social science theories I think, risk society theory fits because cyber threats are
just part of life now. This notification is the company’s way of dealing with that reality.
Then, we have trust theory, which is all about how the company’s trying to regain
customer confidence by being upfront. They’re saying, “Hey, we’ve got you,” and
offering real solutions to build that trust back up.
Journal Entry 13
The journal study looks at how bug bounty programs work and whether they help
companies improve security. It shows and mentions that these programs are cheap and
can still be useful, even if companies don’t pay the researchers a lot, because the
researchers care about more than just money. The study also finds that a company’s
size or brand doesn’t really change how many bugs are reported. However, companies
in industries like finance, retail, and healthcare get fewer reports, though it’s not a huge
difference. Finally, older programs tend to get fewer reports, but if companies add more
code to these old program, it might add to the amount of bugs found within the program.
Journal Entry 14
Some of the most serious online violations Slynchuk talks about include using unofficial
streaming sites and torrenting. These might seem harmless, but they actually break
copyright laws and could get you into a lot of trouble, like being sued. Sharing
someone’s private information, like their address or photos, is also a big deal because it
could lead to problems like stalking or even identity theft. Cyberbullying and trolling are
really harmful too since they can hurt people emotionally and even lead to criminal
charges. Finally, searching illegal terms online can get you flagged by authorities, which
is definitely not worth the risk.
Journal Entry 15
Digital forensics investigator Davin Teo gave a TEDx talk explaining his work and how he got
into the field. He starts by saying forensics isn’t like the TV shows, it’s not fast or easy.
Digital forensics involves collecting, analyzing, and preserving electronic data for court
cases. It’s about finding and securing information, like deleted files, and maintaining its
integrity. Davin didn’t plan to work in digital forensics. He started as an accountant but got
into IT and eventually joined a forensic team at a big accounting firm. He was drawn to the
mix of tech and investigation, and it became his career. Over the years, technology has
evolved, from floppy disks to terabyte hard drives, making his job faster but still detail
oriented. His story shows how skills from different areas, like accounting and IT, can come
together in unexpected ways, which connects to social sciences by blending human
behavior, technology, and law.