CYSE 201S

Cybersecurity and the Principles of Science

Cybersecurity relates to all principles of science, whether through social means, or technological means. Because cybersecurity is a blend of multiple sciences, these principles relate in varying ways.

Relativism states that all things are related. In cybersecurity, viewing our relationships to technology broadly helps us to identify how individual actions influence or are influenced by said technology. Changes to any single societal system can be seen as a broader change in the overall architecture of the societal systems.

Objectivity, or the act of viewing events without regard to one explanation or another, is required in cybersecurity as it is in any other discipline to further our knowledge of it. To advance knowledge in the field, studies must be conducted objectively to ensure unbiased results.

Parsimony is the belief that explanations should remain simple. This is something that is not so easy when attempting to explain human behavior in cybersecurity, but when considering explanations for technology itself, is much more reasonable, as the number of potential variables is significantly less.

Empiricism is the act of only studying behavior which is discernable to the senses. In a cybersecurity context this means that we must base our cybersecurity knowledge on facts and data to come to conclusions, and not probabilities of future events or assumptions.

Ethical neutrality is the act of ensuring ethical standards are met when conducting research. The ethical implications of conducting certain research in cybersecurity such as monitoring those using the internet without their consent has moral and ethical implications that researchers should consider.

Determinism is the principle that behavior is caused by prior events. There are two main ways of considering determinism as it relates to cybersecurity: the nomothetic model and the idiographic model. The nomothetic model would identify relatively few causes of a scenario, such as the immediate opportunity of a threat actor in identifying and abusing a vulnerability in a system. On the other hand, the idiographic model would identify the causes leading up to said scenario such as what failures took place and when over time to result in the compromise.

Cybersecurity Through Pictures (And Video)

Below are 5 pictures that I believe not only illustrate my passion for Cybersecurity, but also the symbiotic relationship between society and technology as well as our need to protect it.

Obtained from https://online.stanford.edu/programs/advanced-cybersecurity-program

Obtained from https://healthitsecurity.com/features/top-mid-year-healthcare-cybersecurity-trends

Obtained from https://builtin.com/cybersecurity/public-cyber-security-companies

Obtained from https://www.securitymagazine.com/articles/99176-gaps-in-agency-cybersecurity-measures

Obtained from https://www.strausscenter.org/events/hacker-culture-around-the-world/

In addition to the above pictures, the below video perfectly illustrates the need for continuing advancements in Cybersecurity, and reveal it as a continuously evolving threat.

Benefits of Privacyrights.org to Researchers

There are numerous resources on privacyrights.org at researcher’s disposal to conduct studies on data breaches. The most useful of these resources are the various reports available on data breach notifications within the US. Each year this website collates data on data breaches within the US to gain a better idea of trends, trouble areas, and levels of transparency that each state requires. It then breaks this data down based on your choices, such as by state, category of breach, or organization type. This information can give researchers definitive historical data with which to conduct research.

This website also informs users of various data protection laws. This can be advantageous to researchers to give them a better idea of why and how organizations report breaches, and how the trends noted in the collated breach data contributes to and influences future legislation to help control data breaches.

Lastly, another useful resource is the section on future legislation advocacy. This can allow researchers to glean in formation on not only past events, but potential future events. They can then compare how proposed future legislation compares to past legislation.

NICE Workforce Framework Personal Analysis

In looking at the NICE Workforce Framework, two areas in particular pique my interest the most. Those areas are: Protect and Defend, and Securely Provision. In general, I am highly interested in the idea of working to defend individuals and our nation, so any operational area that contributes to that end is where my interest lies.

For Protect and Defend specifically, I have interest in both incident response and vulnerability assessment and management. The ability to both defend and respond to cybersecurity incidents is in my opinion the most critical component of cybersecurity, as it is impossible to prepare for all eventualities, and as a result there must always be procedures in place to mitigate and respond to cybersecurity events. It is equally important to review and prepare for as many known vulnerabilities as is financially reasonable. The aspect of juggling financial viability and security risk when defending against cyber-attacks is paramount for businesses and educational institutions alike. Protect and Defend and Securely Provision are two aspects of the Nice Workforce Framework that work incredibly closely.

In addition to identifying and mitigating threats, Securely Provisioning is the underlying architecture that makes this defense possible. Through developing secure and defensive software, to planning the requirements of systems from a Cybersecurity perspective. Learning how to better protect people from cyber-attacks is something that I am passionate about. Conversely, collecting and analyzing data is something that I am less enthusiastic about. I would generally prefer to have narrow lists of problems put in front of me to more easily identify solutions than to sift through data to prioritize and identify problem areas of focus. Although I do understand and appreciate the importance of doing this, I generally find more enjoyment in actively working to defend systems and people rather than through more passive means.

Maslow’s Hierarchy of Needs and Technology

There are five segments of Maslow’s hierarchy of needs, and each of them relates to my experiences with technology. Starting from the bottom of the hierarchy are the physiological needs such as food, water, warmth, and rest. Although these needs are generally physical in nature, current technological advancements allow for provision of some of these needs. For example, recently I found myself without anything to eat and I did not have any means of transportation to a restaurant or store nearby. Luckily, I was able to order food through Door Dash and have it delivered to my house, essentially with the touch of a button.

 The second tier of the hierarchy is safety needs such as feeling secure and safe. At my house, I have multiple wireless security cameras that provide 24/7 surveillance and alerts directly to my phone, allowing me to receive notifications whether I am at home or away. I also have fire alarms that when detecting smoke, send an alert to my phone and immediately contact my local emergency services. Without these security measures I would feel significantly less safe.

The third tier of the hierarchy is belongingness and love needs such as relationships with friends, family, and significant others. Currently, most of the people I consider my friends I have never actually met. The internet has allowed cross country communication with ease, by means of instant messaging, video calling, and file sharing. Additionally, I utilize these same technologies to keep in touch with family and share pictures, videos, and keep in touch.

The fourth tier of the hierarchy is esteem needs, such as prestige and feelings of accomplishment. Social media has allowed for the sharing of accomplishments, exposing them to more people than before their inception. No longer are certificates or diplomas merely listed in a resume or hung on a wall. These accomplishments and more can be displayed to thousands through websites such as Facebook, LinkedIn, or Instagram. On my personal LinkedIn and Facebook I have listed many of my accomplishments and feel satisfaction from compliments received by others through this medium.

The fifth and last tier of the hierarchy is self-actualization, or achieving one’s full potential, including creative activates. Although I do not believe I have yet reached this point in my own life, the presence of the internet has made this more achievable than it ever has before. Being able to connect with a near endless supply of information and people, creates the potential to do nearly anything and everything I want. These opportunities will only increase as technology advances, and our access to information increases.

How to Spot Fake Websites

There are several ways to spot a fake website and differentiate them from real websites. One of the best and most reliable ways to identify a fake website is by looking at the URL. Many times, fake websites will have websites with URLs that are one or two letters off the legitimate website. Often the fake URL will even have subdomains such as google.com.browse.com. Although the spelling of google is correct, the true URL you are accessing is browse.com, and not google.com.

Another way to identify a fake website is through the web page itself, and more specifically the links on the website. Many times, the links on fake websites to not redirect you where you expect them to, or will direct you back to the legitimate site, noting that the URL changes along with it.

Additionally, the format of the webpage itself can be telling. On fake websites, many times the web page will be formatted incorrectly when viewed from a mobile device, or even on a computer. There may also be misspellings in the text on the website, or pictures may not fully load.

Lastly, one generally reliable way of checking a sites legitimacy is through tools, such as Google safe browsing. This website lets you know if a website you enter is listed as unsafe if it matches certain criteria in their system.

Human Systems Integration in Cybersecurity

Human Systems Integration in Cybersecurity

The Media and Cybersecurity

As the media does with most things, they typically only show what they want you to see. When it comes to cybersecurity, fear and generalization seems to be the narrative of choice for news outlets. In all reality, the actual impact of cybersecurity breaches is significantly more nuanced. For example, when new outlets report of cybersecurity breaches, they typically report on the largest and most damaging events. What they fail to report on are the thousands of breaches every day from state actors, hacktivists, and individuals who are looking to make money, send a message, etc. Cybersecurity events do not always have to be significant to be substantial. Collectively, the most damaging cybersecurity events are the smaller ones, due to the sheer number of events that occur.

Additionally, people within the realm of cybersecurity have evolved well beyond what the media still portrays them as (teenagers in basements writing code). In present day, cybersecurity has evolved as its own discipline, and has entire countries paying professionals in the field millions of dollars yearly to conduct massive international surveillance and sabotage operations. Those in cybersecurity are now seeking degrees and top level executive positions within organizations, as the importance of the internet and ways to protect it have evolved. As time has progressed the public and private sectors have seen increased interest in cybersecurity protection measures to ensure that those that wish to do them harm are limited as much as possible given each entities risk tolerance.

Social Media Abuse Scale and Society

In scoring myself on the Social Media Disorder scale, I was confidently able to answer no to all the questions as presented. Approximately one year ago, I would not have been able to say the same. Since I have been involved in Cybersecurity, I have been increasingly cognizant of my cyber footprint, and have decided to completely remove myself from social media.

I find many of the questions asked in the scale interesting because they all present questions that most people would not otherwise think to ask themselves. They provide an opportunity to take an insightful approach to reality, which may act as a wakeup call to many. Specifically, the questions surrounding fear of confrontation or propensity to argue of social media use. These characteristics are the hallmark signs of addiction, which social media effectively is. All the questions as presented can be reworded to reflect smoking, alcoholism, or other similar addictions.

Different patterns of social media use around the world exist because people are different around the world. Differing societal norms, expectations, financial situations, etc. all play a part in social media use, just as they do in any other addiction. One of the largest causes of social media abuse is found in access. In countries where internet and technology access is minimal, clearly the social media use within that country will reflect this.

Data Breaches and Socioeconomic Theories

Two economic theories that relate to the example breach letter are rational choice theory and laissez-faire economic theory. Rational choice theory states that entities make choices in their best interest. Regarding this data breach notification, it is well within the organization’s best interest to notify its consumers of the breach. If they did not do so, they would be subject to not only government penalty, but potential class action lawsuits. Although they still may be subject to these consequences even with sending out this notification, the penalties will be substantially less with them doing so.

The other economic theory of laissez-faire explains that the government is only to interfere in the economy unless citizens unalienable rights are being infringed. When applied to this notification letter it is clear the government is reacting to and ensuring that the company does not infringe on the company’s consumer rights by ensuring they are aware their data privacy has been compromised.

Two different social science theories that relate to this example breach letter are interactionalist theory and conflict theory. Interactionalist theory states that human behavior is heavily influenced by behavior and symbolism. Regarding the data breach notification, how the greater public perceives this notification determines by in large how the reputation of the company is affected. If people see this notification as a sign that the organization is holding themselves responsible and being honest, this could positively affect their reputation, regardless of the company’s intent with sending the letter.

For conflict theory, it states that society is in perpetual conflict for resources that are less than what is demanded by society. Regarding this data breach notification letter, the cause of the breach itself is explained by conflict theory, as someone determined their need to obtain this data and commit financial crimes is due to their own knowledge that they are competing against others for these resources and they want to come out ahead by any means necessary.

Bug Bounty Policy

There are numerous policies enforced (or lack thereof) that greatly influence the bug bounty and ethical hacker market in the US. One of the most important is the vulnerability disclosure policy. This is because it affects consumers and organizations alike. Without proper vulnerability disclosure policies in place, bug bounty hunters cannot be sure that when they disclose these bugs to their respective organizations that they will not be held legally liable for doing so. This naturally reduces the amount of bug bounties brought to the attention of these companies, and potentially makes their companies more vulnerable as a result. Additionally, in the case of the federal government, it may be difficult to recruit top tier talent due to drug use policies. This talent may choose to work in the private sector, wherein the government loses out on this talent. Until companies choose to widespread adopt vulnerability disclosure policies and the federal government loosens their restrictions on drug use, there will be a large potential loss in talent and vulnerability disclosure that could benefit the security of organizations, and even our nation.

Internet Laws You May Be Breaking

Regarding what Andriy Slvnchuk identifies as illegal things unknowingly conducted online, I believe the most serious offenses are the following: Sharing passwords/addresses/photos of other, bullying/trolling, recording a VoIP call without consent, faking your identity online, and collecting information about children. The worst of these offenses I believe to be Sharing passwords/addresses/photos of others. The reason for this is that in terms of general potential for damage, sharing this information of others can enact the broadest types of damage. If this information were to get into the wrong hands, money and identity can be stolen. These have the potential to be incredibly damaging to a person’s life. Second most damaging would be bullying or trolling. There have been numerous instances of children and even adults committing suicide over severe cases of cyber bullying. Recording a VoIP call without consent and collecting information about children are both very intentional acts, and generally the only reason you would do either of these things is for nefarious purposes. Lastly, faking your identity online can be seen as relatively tame in comparison to the others, but the implications of pretending to be someone else can be for the purpose of stealing someone’s identity or taking advantage of someone, and can be expanded into something incredibly illegal.

Cybersecurity Analysts: Understanding People

The career I have chosen, as well as my current interest, is being a cybersecurity analyst. This job is heavily involved in the social aspects of cybersecurity, nearly as much so as the technical aspects. First discussed will be the duties of a cybersecurity analyst, and second will be how these duties relate to concepts learned in class.

The consensus of those in the field identify the responsibilities of a cybersecurity analyst as follows: researching current and emerging threats, auditing systems to identify vulnerabilities, monitoring users, installing and maintaining security software and systems, establishing back up procedures for data and infrastructure, and training employees on organizational cybersecurity (Matzelle, 2023). Of note are several duties that require a thorough understanding of how people behave in cyber environments and how this behavior can affect the security of a given system. This is to say, they utilize both technical and social means of supporting enterprise infrastructure based on the needs and desires of the organization.

To effectively perform duties as a cybersecurity analyst, there must be not only a strong technical knowledge, but a strong psychological and social knowledge as well. Cybersecurity systems are only as strong as the people who make them, and the people who use them. One of the largest ways that topics discussed in this class relate to this profession is through the ability to explain complex topics to those from different backgrounds without the same level of technical knowledge. Cybersecurity can be incredibly complex, but the importance of cybersecurity falls on everyone – regardless of technical proficiency, rom janitors to bank tellers. Many times, cybersecurity concepts may need to be relayed to these types of people, and it is the responsibility of a cybersecurity analyst to simplify complex concepts to the point where they can be easily digested and understood, while remaining effective. This could have context in security awareness training for associates at an organization, testing security awareness through practice phishing attacks, and even outlining cybersecurity responsibilities of associates that they may not be aware of. Additionally, it is of the utmost importance that a cybersecurity analyst can work effectively in a team environment. Cybersecurity touches all disciplines and aspects of our world, so having a team with proficiencies in differing areas is paramount to effectively securing and defending an infrastructure. While one team member may be proficient in pen testing, another team member may have more proficiency in biosecurity, and both of these proficiencies can be equally valuable in a team environment given specific circumstances. In addition to these responsibilities, there is also a responsibility to understand those that are being defended against. Better understanding the mind of a hacker and what their motivations may be in accessing your organizations cyber infrastructure will help significantly in adapting techniques to best defend against their potential attacks. Even watching how other organizations react to and defend against cyberattacks could be valuable knowledge in securing organization’s cyber infrastructure. Lastly, the ability to work within the cybersecurity department and effectively outline opportunity areas or weaknesses to superiors is another invaluable skill. Being on the “frontlines” of cyber defense, a cybersecurity analyst will have exposure to many events or scenarios that their superiors may not. Being able to effectively communicate the importance of the discoveries made and the priority by which they should be addressed is crucial to ensure no weak points remain in the cyber infrastructure.

Clearly, a cybersecurity analyst plays a crucial role in protecting an organization’s cyber infrastructure, and with it comes a need for a deep understanding of people from hackers to coworkers, and their motivations and intent. From security awareness training, to alerting coworkers and superiors of potential problem areas, and even to monitoring and analyzing hackers movements and actions within systems, sociology and a fundamental understanding of people are certainly required to be successful in this profession.

Pathways to Cybersecurity

Cybersecurity touches all disciplines. An important idea to keep in mind is that in the current technological climate, virtually everyone relies on computers and the internet. There are very few disciplines that have skills that do not translate to cybersecurity. This gentleman is an excellent example of this, as transitioning from an accountant to an eventual digital forensics investigator demonstrates this idea. In many ways having a background of experience outside of cybersecurity is what makes someone within the field of cybersecurity such an asset. Additionally, being in the field of IT is what I would consider the best career field to be in prior to cybersecurity, IT is such a broad field with numerous concentration areas that can all be applied in one way or another to cybersecurity. I personally believe that being within the cybersecurity field is achievable with only cybersecurity knowledge. However, having knowledge of disciplines outside of cybersecurity is what truly sets cybersecurity professionals apart.