CYSE201S
Journal Entry #1
I enjoyed reading about all the different areas of work in Cybersecurity. The areas that
interested me the most were Protection and Defense and Cyberspace Effects. I would like to
start my career aiming for the blue team. I appreciate the analytical and defensive side of
cyber. In Protection and Defense, I am specifically interested in Incident Response. I had not
read about Cyberspace Effects before, but I also felt intrigued by the work roles; specifically,
target network analysis. I like working on projects related to network analysis. Oversight and
Governance stood out to me the least. I am not a fan of any management roles, especially if
they involve training others.
Journal Entry #2
How the Principles of Science Relate to Cybersecurity
Scientific principles are used in many different areas of cybersecurity. Empirical
observation leads to the understanding of cyber threats. With the knowledge and understanding
gained, the principle of determinism can be seen in cybersecurity. Determinism states that all
occurrences can be predicted in theory. With predictable behavior, cyber threats can be identified
and mitigated. After all, there is one predictable outcome of an insecure network. The principle
of relativism explains how things are not always right or wrong by default but by perspective.
Relativism can be seen in cyber when defining the gravity of a vulnerability threat or risk. There
is also no universal standard for every cyber situation. The principles of science relate to
cybersecurity in many ways and those were just to name a few.
Journal Entry #3
On the PrivacyRights(.)org website there is a lot of different types of information on breaches. There is a map of zones that have been most affected as well as graphs on what companies are targeted the most. There is also a section where you can see breach notifications from 2005. This includes breach type, total affected, the name of the organization, and the date. It is important for cyber researchers to study this information. They can use this information to see what kind of companies receive certain attacks. Pattern recognition is crucial to securing systems; this website has everything mapped out in a way where you can start to see patterns. They can also study different types of breaches in general.
Journal Entry #4
Maslow’s Hierarchy of Needs demonstrates how humans fulfill needs based on a hierarchal order starting with the most basic needs, leading to more self-fulfilling needs. My digital experience began with an interest in technology such as computers and phones. The physiological needs were met by devices, knowledge of devices, and working WI-FI. Once I was interacting with technology, I had safety needs which were met by having secure passwords, being safe online, and never connecting to public networks. These two are considered basic needs. Belongingness and love needs were met when I started using technology to interact with friends on social media. My esteem needs were met by gaining a following on social media and having people interact positively with my posts. Self-actualization needs were met not only by having a surface- level digital experience but being aware and knowledgeable of how technology works behind the applications.
Journal Entry #5
As with any other form of crime, every individual has their motives. With the motives presented in the slide, I would rank them as political, money, entertainment, boredom, recognition, multiple reasons, and revenge. Although still very illegal, oftentimes hacktivists expose corruption, so the motive makes sense. A lot of people commit normal crimes for money. In the article we read, it said 15% of cybercriminals who do it for the money use it to pay bills. Entertainment being a motive for cybercrime is a little absurd but at the end of the day, they gained money out of it so maybe that was not the true motive to begin with. Boredom, recognition, and multiple reasons such as ego, is not a good motive because I don’t think committing a crime or exposing yourself to a crime for either of those reasons makes sense. Lastly, the motive that makes the least sense is revenge, it hurts someone the most and there is truly no gain.
Journal Entry #6
There are many fake websites out there and it is good to be safe and learn how to detect them. The first thing one must look at when determining whether a website is fake or not, is the domain names. If we look at “BankofAmerica-Login(.)site”, we know that this can be sketchy because it is not widely used for organizations such as banks. Some banks even have a . BANK domain but most use .com. Recently there were fake websites that were made to look like PayPal’s login page. “Paypa1(.)com” is very telling just by looking at it because of the URL. Lastly, there have been a lot ChatGPT impersonators. We can tell that “chat-gpt-ai-pc.info” is not legitimate because it has an overly complicated URL and a strange domain name.
Journal Entry #7
https://unsplash.com/photos/serious-caucasian-female-engineer-crouching-by-server-equipment- and-using-laptop-while-troubleshooting-problem-in-server-room-lit-by-red-light- WlLWgrT9Mpk
“When the security fatigue hits”
The female engineer is staring blankly into her computer, and she is drained from trying to remember her randomized passwords to all her different accounts. This is relevant to human factors because people get security fatigue trying to keep up with all of the cybersecurity best practices.
https://unsplash.com/photos/group-of-people-doing-jump-shot-photography-FC4z3l4sUYc
“When your organization finally creates a human factor program”
The young men are jumping for joy because the company they work for now has a human factor program. Human factor programs can benefit both an organization’s employees and company efficiency by combatting problems such as insider threats and employee burnout. This is something to celebrate!
https://unsplash.com/photos/male-programmer-working-on-desktop-computer-with-many- monitors-at-office-in-software-develop-company-website-design-programming-and-coding- technologies-fxtpTGech0M
“Me after falling for the second phishing email this month”
A young man is staring blankly at his screen in deep thought. This image and meme relate to human factor because, well, falling for a phishing email, is a human factor. Human factor programs can educate and help prevent these human errors through training.
Journal Entry #8
The film industry exaggerates everything for dramatic effect. Cybersecurity is no exception. They either ramify or oversimplify everything. For example, in the first scene played, there are 3D visuals of malicious code. This is shown in a lot of films/shows. This is clearly for dramatization. In the example with Rihanna, they simplified the social engineering attack by making it seem that she could have gained access just by the user maneuvering his mouse on the email that she had strategically sent out. The media is not an accurate representation of how hacking works. It was nice to see the scene in the Matrix show tools such as Nmap as well as demonstrate an actual vulnerability. This was a more accurate representation!
Journal Entry #9
According to the Social Media Disorder Scale, I have risky social media usage. The items on the scale are pretty accurate to problems we can see even within our peers. I have friends that would have probably scored the same if not more than I did. The scale reminds me of behaviors that would also be present in an addict, such as having to lie to family members and using social media as a coping mechanism. There definitely are different patterns found across the world due to contrasting cultures. Even within our country, I know of a lot of people who simply do not even have time to be chronically online.
Journal Entry #10
The article “Social Cybersecurity: An Emerging National Security Requirement”, explores the concept of social cybersecurity in national security. In this source, social cybersecurity is the study of cyber-related human behavior and societal outcomes as well as the development of the proper infrastructure to keep up with evolving cyber threats. Through technology, information is now being used to divide societies. It is no longer just a technological attack but a social and psychological attack, targeting societal weaknesses to influence ideas. As digital manipulation increases and changes the battlefield, it is important that through policy and the spread of awareness, the Department of Defense can counter the “information blitzkrieg”.
Journal Entry #11
The job description of a cybersecurity analyst relates to social behaviors in many ways. As a cybersecurity analyst, one works closely with a team in which communication and collaboration is essential. Since the role includes protecting sensitive data, an organization places a lot of trust in its analysts. It Is important to respect that trust. Basic ethics and dependability is needed for the job and it comes with a lot of responsibility. In an ever-changing environment, adaptability can take an analyst very far as well. Although it is a technical role, soft skills or behavioral skills are just as important as technical skills.
Journal Entry #12
The two economic theories relating to the sample breach letter are the New Growth Theory and the Behavioral Economics Theory. The New Growth Theory focuses on technological innovation and how it drives economic growth. The theory also acknowledges that economic growth is driven by human capital. By maintaining transparency with customers, they will maintain economic growth. Behavioral Economics theory focuses on human factors. The breach letter gives recommendations to those potentially affected by the breach. The most relevant psychological theories are the Cognitive Appraisal Theory and Social Contract Theory. Cognitive Appraisal Theory demonstrates how individuals react to stressful events. The Social Contract Theory focuses on the trust individuals put in organizations.
Journal Entry #13
As technology advances so do the skills of hackers. This presents the need for ethical
hackers who can stay one step ahead of the bad guys. Unfortunately, there is a shortage of people equipped to perform this role. From an economic standpoint, bug bounty makes sense. When hackers find and exploit vulnerabilities, organizations experience economical losses. It is wiser for a bug bounty program to find vulnerabilities than to have someone find them for free and exploit them, leading to a greater economic loss. The programs are also economically beneficial because it is less expensive than hiring a person to the department.
Journal Entry #14
There are a lot of illegal things people do that they deem not so bad. Some run red lights, some do not fully stop, and to get technical, some people stream movies illegally online! Out of the illegal activities mentioned, I believe the five worst ones are faking your identity, bullying, and trolling, using other people’s internet networks, sharing private information of others, and recording a VoIP call without consent. Most illegal online activity puts you at risk, but these are things that harm others and put others at risk. For example, bullying as well as sharing others’ private information, puts people’s lives at risk, making it one of the worst online activities.
Journal Entry #15
Digital forensics and social science are intertwined because they bridge the gap in investigations. Through digital forensics, law enforcement can collect evidence from digital sources. Then, using the social sciences, they can build a strong case using the digital evidence gathered. Social science provides a framework that helps law enforcement and investigators understand the social dynamics of cybercriminals and their behavior. From accounting to IT, he was able to receive an opportunity to work in the first national digital forensics practice in Australia. As an accountant, he probably had great analytical skills, which most likely helped him succeed in his new career.
Article Review #1
Article Review #1: The Correlation Between Cyberbullying Victimization and Cyberbullicide
Introduction
The internet is a powerful tool that can be used in a right and a wrong way. It can do
more harm than good in the wrong hands. Although the internet has many positive benefits, it
also has its downsides. With the fast growth of the internet, comes the growth of cybercrime. A
prevalent example of this is cyberbullying. The scholarly article, Cyberbullying and
Cyberbullicide Ideation Among Jordanian College Students sheds light on the sad reality of how
Cyberbullying starts and how it has truly affected the Jordan youth.
The Principles of the Social Sciences
In this article, the authors heavily use the following social science principles: relativism,
determinism, objectivity, and empiricism. The authors researched the effects of cyberbullying on
the youth. Meaning their lives online are interconnected with their regular social lives. They
conducted this research using objectivity and fully relying on data analysis from data they
collected themselves; this goes together with empiricism. The result is an example of
determinism. Their conclusion proved their hypothesis that cyberbullying negatively affects the
emotional well-being of the youth and can lead to suicidal thoughts. These are human behavior
and outcomes that can be easily predicted.
Research Hypothesis, Research Methods, and Data Analysis:
The authors drew their questions and hypotheses based on Robert Agnew’s General
Strain Theory. This theory suggests that deviant behavior (cyberbullying) can be a coping
mechanism, and that online animosity enables it. For their research, they sampled 1000 youth
students. They also used the data collection method and surveyed students from different
colleges. The dependent measure was whether the students had felt cyberbullicide ideations.
Relation with Presentations in Class:
While reading the article, I specifically thought a lot about Module 4. Specifically slide
24 which is labeled “The Psychological Role of the Offender in Cybersecurity Incidents”. In the
research, they also investigated the cyberbullies themselves and noticed there was a correlation
between youth who had experienced violence in their homes and youth who were the ones
performing the cyberbullying. There are biological factors that influence the likelihood of
cybercrime.
Challenges, Concerns and Contribution of Marginalized Groups and the Contributions of the
Studies to Society:
As we have talked about in class as well, many youths are susceptible to these
cybercrimes because they are placed in these environments. There are immense concerns for the emotional well-being of the youth. As seen earlier, these victims can also become perpetrators due to trauma. The contribution that this study had are the suggestions that it made. The authors talked about how the adults involved should be more careful and vigilant to ensure a safer space for the youth to avoid these problems.
Conclusion:
After reading the article, it is important to note the principles of the social sciences.
Determinism shows that the actions of the cyber bullies have consequences. It is also important for the youth not to put themselves in a victimizing position. Their human behaviors not only
affect online but outside of it as well.
WORKS CITED
Al-Badayneh, D. A.-B., Khelifa, M., & Ben-Brik, A. (n.d.). Retrieved from
https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/329/9
Article Review #2
Introduction
Article Review #2: Importance of Human Digital Rights
The growth of technology use comes with its implications. As technology grows, it becomes more a part of everyday life for humans. With the increased use, one of the main concerns throughout various platforms are privacy concerns. The constant use of technology whether it is for personal use or for work brings the need for digital human rights. As this is a rather recent issue faced, it is important that it be acknowledges and understood to properly protect and safeguard individuals’ rights.
The Principles of Social Science:
During their research, the authors used determinism, skepticism, and ethical neutrality. Understanding that behavior is influenced by preceding events helps in understanding that with the growth of technology, rights can be violated, and laws must be made. Skepticism is represented because they do not simply accept privacy risks or concerns at face value instead, they are considering alternative ways of addressing concerns. Last but most importantly, they are coming into their research with ethical neutrality looking for the best outcome for human rights.
Research Hypothesis, Research Methods, and Data Analysis:
As mentioned in the article, their purpose for the research was to emphasize the importance of recognizing and understanding the need for digital rights. The question the sought to answer was what kind of digital rights individuals were after. To answer this question, they used multi-method research and analyzed already existing data such as legal documents.
Relation with Presentations in Class:
This article reminded me a lot of when we talked about victimization and human factors. Specifically, about victim precipitation. Often laws are made that can easily be prevented by humans. Even if the internet which 100% safe, which is known could never happen, humans can still be put at risk through fault of their own. Although laws should be put in place for digital privacy rights, it is also important that users read application guides and frameworks to better understand the data gathered and then determine whether it is in their best interest to use said application.
Challenges, Concerns and Contribution of Marginalized Groups and the Contribution of the Studies to Society and Conclusion:
Increased technology and increased security in technology can lead to violations of human digital rights. This research investigates ensuring these rights are not violated. It studies what people look for to feel more secure whilst using technology. Not only what people look for but how important it is to take seriously.
Works Cited https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/318