Journal Entries
Journal Entry #1
The NICE Workforce Framework has a vast knowledge of different cybersecurity careers. Among the 7 work roles, I am most interested in the Design and Development area. Being able to create, test, and improve technology systems has always intrigued me. This seems to be an essential job in cyberspace and I would enjoy being a part of it. I also have an interest in the Protection and Defense area of cybersecurity. The safety of our networks is important and should be taken seriously which is why I would love to be a part of it as well. One area that doesn’t pique my interest is Oversight and Governance. I don’t find managing and governing a good career path for me.
Journal Entry #2
These principles of science are very relevant to cybersecurity research and practice. Empiricism emphasizes gathering observable data on cyber threats and defenses rather than relying on assumptions. Determinism highlights examining factors behind cyber incidents. Parsimony pushes researchers to develop simple yet effective models of cybersecurity events. Objectivity is important when analyzing cyber risks and evaluating security measures without bias. Ethical neutrality ensures cybersecurity research adheres to ethical standards, especially when studying sensitive topics like hacking. Relativism highlights how changes in technology systems impact security. Skepticism promotes intense testing of cybersecurity claims and solutions. These principles provide support for conducting cybersecurity research to advance the field’s knowledge and capabilities.
Journal Entry #3
Privacyrights.org provides resources highlighting privacy rights and data breach information, particularly noting risks in sectors like higher education digital tools. Researchers can use the data to analyze breach trends and identify common vulnerabilities like hacking. The platform’s historical breach reports allow longitudinal studies to assess impacts or emerging threats like vulnerabilities in digital learning tools. The scale of exposed records offers insights into economic or reputational impacts, while sector-specific patterns help prioritize security improvements. Comparing studies across regions or industries could reveal systemic gaps, guide policy updates, or target cybersecurity investments. This data also aids in modeling breach probabilities, informing risk mitigation strategies.
Journal Entry #4
Maslow’s Hierarchy of Needs provides a framework to show how technology intertwines with human experiences. At the physiological level, I use apps like DoorDash to fulfill my basic needs by delivering food and a fitness app connected to my smartwatch to track my sleep and heart rate. My safety needs are met by using cybersecurity apps and tools like VPNs and two-factor authentication to secure my accounts. My love/belonging needs are met through social media apps like Instagram that allow me to connect with friends and communities online. At the esteem level, LinkedIn and TikTok are apps that show my achievements through professional means and likes and comments through social means. Finally, my self-actualization needs are supported through online education platforms and creative tools like Canva.
Journal Entry #5
“For Money” is my top-ranked motive because financial gain is a powerful and logical motivator for many crimes. “Political” is my second highest-ranked motive because ideological motivations can drive individuals to take extreme actions. Next, I have “Revenge ranked third since the desire for retribution is a strong human impulse that can lead to harmful acts. “Multiple Reasons” is next because complex motivations reflect the reality that people often have multifaceted reasons for their actions. “Recognition” is ranked next because the need for attention or status can push some to engage in attention-grabbing illegal activities. “Entertainment” is ranked sixth because thrill-seeking behavior, while less rational, can explain some cybercrime. “Boredom” is the lowest ranked because there are many legal ways to cure boredom.
Journal Entry #6
Three fake websites identified through online security resources are Sheingivesback.com, VolcomLifeStyle.com, and chat-gpt-ai-pc.info. These fraudulent sites try to mimic legitimate brands or services but show key differences when compared to authentic websites like Amazon and Shopify. Suspicious URLs, poor design and functionality, lack of security measures, unrealistic offers, and missing contact information are telltale signs of fake websites. Legitimate sites typically have professional layouts, use HTTPS, provide clear privacy policies, and offer verifiable contact details. Fake sites often lure users with deals that are too good to be true or encourage downloads of malicious software. By being aware of these distinguishing features, users can better protect themselves from online scams and potential security threats.
https://www.expressvpn.com/blog/list-of-scam-shopping-websites
https://www.memcyco.com/5-recent-examples-of-fake-websites/
Journal Entry #7
Journal Entry #9
I scored a one which I believe represents my social media usage. I use it relatively frequently, but not to the point where it impacts my life. The scale is particularly insightful because it mirrors criteria used in other behavioral disorders, suggesting that excessive social media use can have serious consequences similar to other addictive behaviors. However, it’s important to note that this scale is not a substitute for professional diagnosis but rather a tool for personal insight. Social norms and cultural values can influence how people use social media. For example, in some cultures, sharing personal details online is more common and accepted, while in others, privacy is highly valued.
Journal Entry #10
The article on social cybersecurity highlights its critical role as an emerging national security domain, focusing on the manipulation of human behavior and societal structures through cyber-mediated information. Unlike traditional cybersecurity, which targets systems, social cybersecurity targets individuals through “cognitive hacking,” using tools such as bots, disinformation campaigns, and network manipulation. The article highlights the strategic implications of this “information blitzkrieg,” drawing parallels to physical warfare. It examines Russia’s advanced information operations and emphasizes the vulnerability of open societies to such threats. The authors advocate for multidisciplinary approaches, policy reforms, and public education to counteract these challenges, stressing the importance of trust between military institutions and society in safeguarding democratic values.
Journal Entry #11
The video highlights several social themes related to the role of a cybersecurity analyst. One key theme is community engagement and collaboration, as analysts often provide guidance and training to enhance user awareness, emphasizing the importance of collective responsibility in maintaining cybersecurity. Networking also emerges as a critical social behavior, with the presenter encouraging individuals to connect through platforms like Meetup.com or volunteer opportunities to build relationships and gain experience. Additionally, adaptability to diverse work environments and schedules, such as graveyard shifts, reflects the need for flexibility in balancing professional and personal life. The emphasis on perception and effective communication in resumes highlights the role of self-presentation in social dynamics within the job market.
Journal Entry #12
The “SAMPLE DATA BREACH NOTIFICATION” letter reflects two economic and social science theories. Rational Choice Theory emphasizes individuals acting in their self-interest by weighing costs and benefits. The letter encourages customers to take protective actions, such as contacting card companies to mitigate identity theft risks. Similarly, Cost-Benefit Analysis highlights the company’s decision to invest in cybersecurity measures and cooperate with law enforcement to minimize reputational damage and financial losses. From a social science perspective, Risk Management Theory is evident in the company’s proactive steps to remove malware and monitor systems, showing efforts to mitigate risks. Additionally, Trust Theory is reflected in the transparent communication about the breach, aiming to rebuild customer trust and maintain loyalty after the incident.
Journal Entry #13
Bug bounty policies, which motivate ethical hackers to identify vulnerabilities, are grounded in cost-benefit analysis and economic principles like rational choice theory. The study by Sridhar and Ng (2021) found that hackers exhibit low price elasticity, showing non-monetary motivations such as reputation-building or skill development. This suggests companies with limited budgets can still benefit from bug bounty programs. Notably, a firm’s revenue and brand visibility had minimal impact on report volume, supporting their viability for smaller organizations. However, programs in finance, retail, and healthcare received fewer reports, potentially due to higher vulnerability monetization risks elsewhere. These findings underscore bug bounties as a cost-effective risk management tool, leveraging crowdsourced expertise to address cybersecurity labor shortages and evolving threats.
Journal Entry #14
The five most serious online violations described in the article are illegal searches on the internet, cyberbullying and trolling, identity fraud, collecting information about children under 13, and using torrent services. Illegal searches, such as those involving child exploitation or criminal activities, are extremely serious as they can lead to severe legal consequences and societal harm. Cyberbullying and trolling can cause significant emotional distress and, in extreme cases, lead to criminal charges. Identity fraud undermines personal security and can result in financial loss or reputational damage. Collecting data on children under 13 without consent violates privacy laws like COPPA, exposing minors to exploitation. Lastly, torrenting pirated content violates property rights, harming creators and industries financially.
Journal Entry #15
Davin Teo’s pathway into digital forensics highlights how careers in this field can emerge from unexpected backgrounds and how closely they intersect with social sciences. Starting as an accountant, Teo became involved with IT tasks at his firm and eventually moved to digital forensics when an opportunity arose at a major accounting firm. His journey shows that digital forensics is not just about technical skills but also about understanding human behavior, organizational dynamics, and social interactions. The covert and overt investigations he describes require not only technical expertise but also discretion, ethical judgment, and the ability to navigate complex social situations within organizations. Teo’s experience demonstrates that digital forensics investigators must blend analytical thinking with an understanding of people and systems, making social science perspectives essential to their work.