WEEK 1 – Journal Entry
TOPIC/QUESTION:
Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas are most appealing to you and which are least appealing.
Workforce Framework for Cybersecurity (NICE Framework) | NICCS (cisa.gov)Links to an external site.
RESPONSE:
Personally, I feel like the investigation category is more appealing to me. Sticking to a procedure process rather than adapting to certain situations, unless needed of course, seems like something I can have a better grasp on. I see it as playing detective, collecting evidence and investigating aftermaths of stuff. I would also be interested in doing Protection and Defense, because putting up defensive procedures to protect something, like information, seems fun to me. Out of all the others, the one that least interests me is the Design and Development, mainly because developing a security procedure and establishing safety protocols seems kind of anti-climactic, although it still being important. Overall though, they all play their part, and if one of these areas were to fail, then the rest would crumble along with it.
WEEK 2 – Journal Entry
TOPIC/QUESTION:
How does the principle of empiricism enhance the effectiveness of cybersecurity practices? Reflect on how empirical data collection and analysis can help identify emerging threats, assess the effectiveness of current security measures, and guide the development of new strategies to protect information systems.
RESPONSE:
Well for starters, the meaning of empiricism is essentially that your experiences in life make up how you see the world, or that knowledge is based on any and all experiences you have in life. So with this, we can say that empiricism enhances cybersecurity by basing certain decisions on experience and reasoning, instead of jumping straight to conclusions without a basis. Using patterns from past malicious activities, systems and defense teams are able to counter or predict attacks much more accurately. It also helps with strengthening current defense systems in place to make sure they can still hold up with modern attacks, as well as forming strategies to protect information from the continuously changing cyber space.
WEEK 3 – Journal Entry
TOPIC/QUESTION:
Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches and forecast future data breach trends?
RESPONSE:
First, the researchers spot trends that can be observed over a period of time, so they can see if certain cybercrimes are on the rise or how long it takes businesses to let the authorities know that they have been hacked, and so on. The other example is what the most susceptible sectors are. They also look at the size of the leak, check if there are some states or times of the year where more incidents are reported, and verify if the new laws result in a decrease in breaches. After that, they utilize a range of forecasting instruments to estimate the occurrence of future risks. They find out what the vulnerable areas are and then advise governments as well as businesses on the measures that need to be undertaken in order to ensure the prevention and quick reaction to the breaches.
Week 4 – Journal Entry
Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need.
RESPONSE:
The use of Maslow’s hierarchy of needs can explain our interactions with technology in everyday situations. Health tracking applications could also fall under this aspect of technology that helps meet physiological needs. Personally, I invest into things like antivirus software and the use of two-factor authentication to protect my data, to have a stronger level of online security into my life. For me, I gain a sense of pride from sharing projects on LinkedIn or receiving overwhelmingly positive feedback on them. Lastly, it would relate to becoming self-actualized by using technology to learn and teach yourself through various means, like taking online courses, coding some projects, or even learning some new techniques for personal growth. At each stage, technology plays its role in helping me meet its demands and developments.
Week 5 – Journal Entry
Review the articles linked with each individual motive in slide/page #3. Rank the motives from 1 to 8 as the motives that you think make the most sense (being 1) to the least sense (being 8). Explain why you rank each motive the way you rank it.
RESPONSE:
1. Money – Money runs the world. It is the most common reason for crimes, like ransomware, and a lot of people aim to gain any sort of financial gain.
2. Politics – Attackers targeting governments and infrastructure to impact political outcomes is a big deal that can hinder the direction of countries.
3. Revenge – I think the pure feeling of rage and/or anger along with a desire for revenge can be very dangerous, due to the fact that attackers only want one certain outcome, and will not stop until they get it.
4. Curiosity – It is common in our day and age for attackers to just test out and see how far they can get with certain methods of attack.
5. Recognition – A lot of hackers make their attacks just to make a name for themselves. Whether looking for a job, or simply to just be a big hacker name within the space, it can range.
6. Entertainment – Although it is not as serious, attackers will simply put out attacks and see it as a game.
7. Boredom – Connects with number 6, basically trying to find something to do to entertain themselves.
8. Multiple Motives – It can be a blend of anything on the list. A mix of the lesser threats aren’t as scary, but a mix of the higher threats could be a super big deal.
Week 6 – Journal Entry
Watch this video:https://www.youtube.com/watch?v=ueWCTHV96eQ&t=2sLinks to an external site.
and pay attention to what the biggest risk of cyber threats are. After watching the video, post an entry describing what you think about the “human firewall”.
RESPONSE:
The context of the video is to imply that the biggest risk in the cybersecurity world are people itself, and not just the technology that these things run on. Hackers use many methods of social engineering in order to exploit and trick the people who have access to certain things. This is done by clicking links or feeding them false info. The human firewall is basically training people to be more cautious and follow procedures so they can avoid being a vulnerability, and instead have a positive impact on defending who they work for. I find this very important and should be applied to more companies ASAP. In fact, I see it being everywhere as a standard practice in the very near future.
Week 7 – Journal Entry
Review the following photos through a human-centered cybersecurity framework. Create a meme for your favorite three, explaining what is going on in the individual’s or individuals’ mind(s).
RESPONSE:
Week 8 – Journal Entry
Watch this video and pay attention to the way that movies distort hackers.Scientists Rate 65 Scenes from Movies and TV | How Real Is It? | Insider – YouTube Links to an external site.
- After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity
RESPONSE:
After watching “Scientists Rate 65 Scenes from Movies and TV | How Real Is It?”, I realized how much movies and television have shaped our misconceptions about hacking and cybersecurity. Hollywood often portrays hackers as mysterious geniuses who can breach systems in seconds by typing rapidly on glowing screens filled with 3D code. In reality, cybersecurity is far more methodical, as it involves research, patience, and understanding human behavior as much as technology. This distortion can cause the public to overlook real threats like phishing, social engineering, and weak passwords, which are far more common than cinematic cyberattacks. Media influences how we think about cybersecurity careers as well, making it seem glamorous or villainous instead of the detailed, collaborative, and ethical field it truly is. Overall, while movies make hacking exciting to watch, they often lead us on a path of misunderstanding what cybersecurity professionals actually do and how digital safety really works.
Week 9 – Journal Entry
Watch this Video:
Social media and cybersecurityLinks to an external site.
Complete the Social Media Disorder scale Download Social Media Disorder scale. or or please find the attachment here: Social Media Disorder Scale-1.pdfDownload Social Media Disorder Scale-1.pdf
How did you score?
What do you think about the items in the scale?
Why do you think that different patterns are found across the world?
RESPONSE:
I scored 5/9 on the Social Media Disorder Scale, but the items on the scale make sense, as I probably do have an addiction to social media. But I do think that the reason there are different patterns around the world are for several reasons. For example, some people use social media as a way to cope with traumas or to distract themselves from certain things. Other people may have simply just not been allowed to use social media, and therefore is accustomed to use it a lot less already. It varies from person to person depending on their personal experiences.
Week 10 – Journal Entry
Read this and write a journal entry summarizing your response to the article on social cybersecurity
https://www.sciencedirect.com/science/article/pii/S2451958825000831Links to an external site.
RESPONSE:
The article shown talks about online threats target both people AND societies, and not just computer systems. The attackers use social networks, social engineering tactics, and the spread of misinformation. The direction cybersecurity is going into, with it now involving human factors now more than ever, was not something I expected to see 10 years ago. The authors highlight the need for interdisciplinary approaches combining technology, psychology, and social science to detect and prevent these attacks. This made me realize how easily online users can be influenced and how important digital awareness and critical thinking are in protecting ourselves and our communities.
Week 11 – Journal Entry
Watch this videoLinks to an external site.. As you watch the videohttps://www.youtube.com/watch?v=iYtmuHbhmS0Links to an external site.
, think about how the description of the cybersecurity analyst job relates to social behaviors. Write a paragraph describing social themes that arise in the presentation.
RESPONSE:
The video that describes the role of the cybersecurity analyst outlines several key social themes pertaining to human behavior and interaction. A central theme is that of trust; a cybersecurity analyst has to protect not just information, but also the trust placed in technology and organizations. It becomes evident from the presentation that cybersecurity strongly relates to social responsibility because analysts have to predict how human behaviors-for instance, clicking on suspicious links or revealing too much about oneself online-can result in vulnerabilities. Other themes include communication and teamwork: analysts regularly work with others to respond to threats and educate users. Overall, the video made the point that cybersecurity is at least as much about people and behavior as it is about technology.
Week 12 – Journal Entry
Read this https://dojmt.gov/wp-content/uploads/Glasswasherparts.com_.pdfLinks to an external site. sample breach letter “SAMPLE DATA BREACH NOTIFICATION” and describe how two different economics theories and two different psychological social sciences theories relate to the letter.
RESPONSE:
The data breach letter from GlassWasherParts.com relates to economic and psychological theories. From an economic perspective, it reflects externalities because customers endured some harm from the company’s weak security and information asymmetry, as the company knew about the breach before customers and used the letter to restore the balance by disclosing details. It also illustrates the principal/agent problem since the company depended on a third-party provider that failed to protect data. Psychologically, it fits with Protection Motivation Theory by calling people to action through describing the threat and steps to take, and Social Exchange Theory, since the company’s transparency and reassurance aim to rebuild trust after violating customers’ confidence.
Week 13 – Journal Entry
A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company’s cyber infrastructure. To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using their penetration testing skills. The policies relate to economics in that they are based on cost/benefits principles. Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=trueLinks to an external site. and write a summary reaction to the use of the policies in your journal. Focus primarily on the literature review and the discussion of the findings.
RESPONSE:
Bug bounty programs are one such cybersecurity policy that could be very cost-effective. The authors develop a literature review to show how these programs incorporate aspects of economic principles through the use of external ethical hackers to find the bugs, which otherwise would involve the high costs of large internal security teams. This paper reports results indicating that increasing the rewards for bounties has little consequence on the number of valid reports, supporting the feeling that many hackers are motivated by reputation or challenge rather than money. They also find that over time, programs become less effective as easier bugs are discovered early. In general, it means that even though bug bounty programs can reinforce security and provide economic efficiency, successful implementation requires great program design, scope, and ongoing management to prevent diminishing returns.