Journal Entry 1
The NICE Workforce Framework, a comprehensive resource, plays a crucial role
in cybersecurity. It assists employers in developing their cybersecurity workforce and,
more importantly, establishes a basic or standard lexicon that describes cybersecurity
work and workers, regardless of the sector they operate in for their respective fields.
This standardization is a key aspect of the framework’s relevance. The framework’s
components include the 7 Work Role Categories, 52 Work roles, 2,200+ TKS
statements, and its 11 Competency areas. Among the Work roles, the ones that
particularly stand out for me are Secure Project Management, Systems Security
Management, and Executive Cybersecurity Leadership.
Journal Entry 2
What are the principles of science, and how do they relate to cybersecurity? The
principles of cybersecurity are empiricism, determinism, parsimony, objectivity,
relativism, ethical neutrality, and skepticism. These principles are related to
cybersecurity for many reasons, such as being able to be applied to the study of
cybersecurity. Each principle has its own relationship with cybersecurity. For example,
relativism’s relationship to cybersecurity is to look from the system perspective to see
and note the changes in the system that could affect the system’s security, like if the
technological system led to any development in cyberspace that day and if it
compromises the system security.
Journal Entry 3
There are many ways to view publicly available information about data breaches. An
example is the site PrivacyRights.org, which allows you to see this information as well. This site
has articles about records and data being breached by malware attacks or people’s info being
faxed to the wrong place. With all that information, researchers can identify a trend from these
incidents to improve security measures to make sure the incidents don’t repeat. Researchers
can use this data to see the effectiveness of breach response strategies and regulatory actions
like preventing and mitigating damages to their systems. It can also help show them the impact
on individuals, companies, organizations, and society by recommending better data security
practices.
Journal Entry 4
Maslow’s Hierarchy of Needs outlines a hierarchy for all human needs. At the top are
self-fulfillment needs, followed by psychological and basic needs. These needs are Self-
actualization, Self-Esteem, belongingness and love, safety, and physiological. I
personally experience these needs in different ways. For example, I experienced Self-
actualization when I created things like video games, animations, and short films. I also
experienced esteem, love, and belonging through likes, views, subscribers, and being
able to stay connected on Instagram and YouTube. I experience safety through
antivirus software, Ring, and Two-factor authentication. I also experience psychological
needs through smart home devices like Alexa, Siri, and Google Home.
Journal Entry 5
My ranking of the seven from 1 through 7 is:
- Money: Fincial gain is a strong motivator for cybercrimes
- Recognition: Hackers often seek a type of fame or respect in their communities online
- Enterinmantent: Many attacks are just for there own amusement and selfish satifcation
- Hackers overlapping motives
- Political goals
- Boredom and just wanting to do something
- Revenge to get back at a company or someone
Journal Entry 6
Yes, I can spot three fake websites. There are numerous ways to spot a fake website. The first way is by fake online websites that have too-good-to-be-true deals that give off counterfeit promises. They run ads on social media pages to steal your payment information or to trick buyers into buying fraudulent products. The second way is through bogus flight booking websites that try to steal your personal information, such as your passport number or credit card information. The other reason could be to try and sell you fake tickets. The third way is through counterfeit package delivery websites. The phony delivery websites try to create fake websites that look like UPS, FedEx, USPS, and others so they can get your address, personal information, and credit card information. The spelling on the websites is usually off to trick you into thinking it’s the real deal. In conclusion, these are ways to spot them.
References
Toohil, R. (2025, January 15). How To Identify Fake Websites: 11 Warning Signs To Know | Aura. Www.aura.com. https://www.aura.com/learn/how-to-identify-fake-websites
Journal Entry 7
Meme 1
Meme2
Meme3
My memes relate to cybersecurity in many ways. These ways are through incident reporting, awareness for phishing, and Data privacy. The first meme which display an incident report being fixed because an issue was overlooked in a cybersecurity environment with IT professionals trying to fix it. It highlights the importance to have constant maintenance and vigilance to keep networks and systems working and secure. The second meme is of a female clicking on a suspicious link and not being worried. This highlights how easy someone can fall for a phishing attack and be underestimating to the risk of clicking on those unknown links. The third meme is of a female scrolling through Instagram while her data is being harvested. This shows how privacy concerns and how those social media sites or apps collect your data without you knowing. This is implying that there may be third party tracking and data sharing that happens without the user’s knowledge. It also reminds us to be aware of our digital footprints and to make sure as well as better our privacy and settings and cybersecurity knowledge.
Journal Entry 8
After watching the Insider video, I realized how overdramatic it is regarding accuracy. One example is from the movie Skyfall, where the person does bad OPSEC by opening it in the middle of the office instead of in a lab. It also shows unrealistic 3D animation for the file. Another example is from Oceans 8, where Nine Ball uses the internet to spear-phish. It takes a short time to access his webcam, which should take more time and input from the victim. Also, the physical box used to get passwords is unrealistic because it would have to get through 94×12 possibilities. In conclusion, a significant difference between Hollywood’s view and the real-world perspective on cybersecurity can be changed with education on cybersecurity.
Journal Entry 9
After completing the Social Media Disorder scale and viewing my result of 1-8. I see that I got normative social media usage. I think they are relatively easy questions that don’t require much thought or effort. The questions help capture the everyday behaviors of social media users, which leads to the desired result. It also makes you think about how it impacts your life, considering what you missed out on or problems stemming from it, given the amount of time you spend on it. I also believe there are numerous patterns of results from the survey/questionnaire because of cultural differences, economic factors, and varying age ranges.
Journal Entry 10
The article on social cybersecurity highlights the growing threats of information warfare and its implications for modern societies. This is demonstrated through the decentralization of information flow, the use of bots and other AI technologies, and the strategic implications for societal trust. The first example of decentralization of information flow is illustrated by the rise of social media and the decentralization of platforms, which has reduced the cost of entry for malicious users who spread misinformation without being in physical proximity or control. The second example highlights how the use of bots and AI can minimize human interaction, while the third example can erode trust in institutions.
Journal Entry 11
A cybersecurity analyst’s job relates to social behaviors in many ways, such as monitoring social networks for threats and analyzing behavioral patterns. Monitoring social networks involves identifying patterns of misinformation, disinformation, or malicious content on social media, as well as other forms of online content, because it sheds light on how individuals and groups interact on social media sites and platforms. This leads right into analyzing behavior. Identifying social behaviors and linking them to cyber threats helps discover considerable social manipulation efforts. It can also be used to track the spread of misinformation and fake narratives on social media and the internet.
Journal Entry 12
After reading the “Sample Data Breach Notification,” I noticed two different economic theories and two social science theories that can be related to this letter. The two economic theories I noticed were Opportunity cost and information asymmetry. For opportunity cost, I found that the company’s decision led to issues because they may not have invested in stronger cybersecurity, therefore causing things like damaging the company’s reputation and the customer’s trust. For information asymmetry, I noticed that customers didn’t know for months, and with this lack of knowledge, when customers found out, they lost trust in the company. For the social science theories, I found that through trust theory, the business tried to rebuild the lost trust, and through risk society theory, it shows that users or customers need to be involved with navigating through unseen risks.
Journal Entry 13
The bug bounty programs can invite numerous ethical hackers to find vulnerabilities for things like rewards. This occurs by building on the economic cost/benefit from the ideas, because it’s cheaper to pay hackers than suffer a breach of any types. These programs help companies find more vulnerabilities that’s faster than traditional security testing. Also, these programs help create/attract better hacker engagement in society and better security outcomes.
Journal Entry 14
After reading the article “11 Illegal Things You Unknowingly Do on the Internet,” I determined that there are five very serious internet violations: illegal streaming and torrenting, cyberbullying, sharing private information without consent, searching for illegal content, and recording VOIP calls without permission. Why is illegal streaming and torrenting a serious violation? It’s a serious violation because it violates copyright laws and makes creators lose income. It can also lead to numerous lawsuits and expose its users to malware. Cyberbullying is a serious violation because it can lead to criminal charges or a civil lawsuit if escalated to such a level. Sharing someone’s private information is violation because it can lead to harassment. Recording VoIP calls without permission can break wiretapping and privacy laws. It can be used to exploit or blackmail others. Lastly, searching for illegal content online can be a violation because it can lead to serious criminal offenses and trigger monitoring by authorities. That could then lead to an arrest or prosecution.
Journal Entry 15
The speaker Davin Teo talks about what Digital Forencisic is as well as its numerous names. He talks about how digital fingerprints are made. He highlights how they collect data and how they do covertly as well as overtly. He talks about how it takes a lot of time to solve this problem and that he spent 17 years in the field. He talks about how he was an accountant and how he took a chance doing a little IT. Then he got really interested where he fully went into the field fully. He talks about how social principles can help understand what occurred in digital investigation.