Reflection

Abstract

Writing this paper I describe in detail my educational and practical experience concerning cybersecurity at Old Dominion University and describe how cybersecurity knowledge is applied to different fields. It borders my accomplishments and competencies in projects, which includes the design of security policies, execution of incident response, and improvement in the data security. Participating in one or more of these projects demonstrates my practical as well as problem solving skills I acquired while in school, but also signifies that I am prepared for an employment in a modern and ever growing cybersecurity industry. The essay discusses three different skills that I have obtained as well as three artifacts for each skill to showcase the accompanying skill. Every artifact highlights my leadership competencies and my strategic approach towards the problems of the organization related with technology advancement and cybercrime resolution, allowing me to excel in the future with competencies of innovative and ethical problem-solving in those fields.

Introduction

Earning the cybersecurity degree in Old Dominion University is the very beginning of my journey through which I need to keep up with the combination of both the realms of technical skill and the expansive realm of interdisciplinary knowledge. This reflection essay will examine the skills and tools that I have gotten throughout my college career. I will also reflect how technical proficiency is built naturally through these pieces plus how one needs a wide-ranging integrative lens to navigate the cybersecurity discipline and also the spaces outside in the world. These learning resources not only fed my appetite for knowledge but were also carefully designed to expose and alleviate the course of this sector’s challenges.

Security Policies

Artifact 1: Password Policy

Coming up with the Password Policy was a practical skill that combined principles in cybersecurity and working knowledge on how human behavior tends to lean towards patterns when creating a password. While working on this project, I arrived at certain points where I resorted to critical thinking to count all the possible issues that I expected to face after implementing a password policy. There was a key security aspect that was problematic which was the relationship between the security of the login and the ability to remember the password. The interdisciplinary nature of this project was highlighted by incorporating findings from the study “The psychology of password management: a tradeoff between security and convenience” a researched study on users’ password-related motivations and behaviors, which focused specifically on their knowledge, attitudes, experiences, and transformations. This study proved that even having an understanding of strong password components, the convenience-security dilemma prevails in many cases and there is a distribution of weak passwords on the Internet. Having incorporated these cognitive-based findings, I incorporated a rule which not only improves security but as a bonus takes into account the human need for convenience so the people are more likely to comply. When it comes to the workplace, having information about social engineering will play a significant part in creation of the measures that users will agree to adopt, so the gained knowledge is critical for roles which involve user training, system designing, or new policy development in cybersecurity.

Artifact 2: Security Awareness Policy

The Security Awareness Policy has introduced academic concepts together with efficient communication methods, which play a big role in the process of educating the workforce about security practices. To be successful in a career in cybersecurity, you need the analytical skills to make complex technical security concepts clear and comprehensible by nontechnical staff as well. This is not only a means of preventing insider threats, but it promotes an atmosphere of security in the organization as a whole. The creation of the artifact also emphasized my ability to work in roles that necessitate the ongoing learning and training of employees, a fundamental requirement for complex security programs. The other relevant aspect in the security awareness policy is to be able to develop a robust policy that fits well under a budget which is set. It is necessary to remember that the cost of building a training system may vary and depend on the degree and forms of training that the firm may want to use. However, accomplishing a cohesive balance of the different sets of solutions is a difficult task for any business or organization.

Artifact 3: Surveillance Policies

On the way of composing Surveillance Policies, I have put great thoughts and effort into legal and ethical issues that surround surveillance in cybersecurity. This project necessitated the achievement of a delicate balance of extending security but at the same time protecting individual privacy rights, taking into consideration ethical theories and legal principles. The article ‘Surveillance Ethics’ does a great job providing interdisciplinary viewpoint which encompass philosophy, sociology, and ethics, giving the moral aspects and the impact on the society of surveillance techniques rooted in philosophical debate and ethical thought. It highlighted questions of historical and modern day ethics to underline the caution of both the benefit and the risk of surveillance. It goes without saying that the approach was essential to make the responses in line with the legal frame while remaining within the boundaries of morality, which demonstrates the connection between technology, rule of law, and ethics in cybersecurity. By using this policy analysis to demonstrate my ability to weave through and analyze a host of multidisciplinary details, I showed that I possess the skillset needed to come up with policies that are technologically efficient and ethically sound, a skill that will help me as I carve a niche for myself in the areas that require compliance and privacy management.

Incident Response

Artifact 1: Article Review on Ransomware

The review of the ransomware article provided insights into the economic and operational impacts of cyber threats, which are crucial for roles in incident response and threat analysis. Understanding the broader implications of ransomware prepares one for a career where quick, informed decisions must be made to mitigate damage and coordinate recovery efforts. This ability to analyze and apply theoretical knowledge to practical situations is essential for roles focused on developing and implementing incident response strategies. Researching in great depth about ransomware attacks was very interesting to me and made me gain a whole new understanding as to the innerworkings of the malware. Another factor that led to me enjoying that project was the ability to look into many real life examples such as NotPetya or Wannacry. These malwares were very similar in terms that they were designed to damage a system and exploit the user for a profit in order to receive their files back, but they both used a different technique to spread the virus to more victims. Learning all of the different intricacies of these different viruses was definitely a highlight of the cybersecurity course.

Artifact 2: Endpoint Security

On the Endpoint Security artifact, I concentrated on the technical part of additional protection at network entry points, including both logical and strategic implications for the risk management of the whole organization. Drawing from the principles detailed in “Risk Management: Understanding the Basics and Importance” as well as other sources. This project aimed to use risk management strategies as a mean to minimize the weaknesses at these key intersections. Lately, firms have been faced with complex issues related to managing cyber risks. Therefore, competent endpoint security constitutes an excellent demonstration of how cybersecurity coincides with wider organizational risk management. The report highlighted the significance of having a risk identification, analysis and prioritization strategy as a prerequisite for protecting the branch networks from cyber attacks that have the capacity of ruining the company’s financial and reputation integrity. On the mental level, the cyber security policies must be interdisciplinary, because it will make a connection between the risk and the technological capabilities of an organization in order to ensure a strong defense, also demonstrating the intersection between information technology and strategic risk management. It was hard to make my risk management system anywhere close to as throughout as the NIST framework because their risk management framework is excellent and it can support many scenarios such as size of the organization or amount of funds etc.

Artifact 3: National Cybersecurity Strategy Review

This analysis taught me the importance and relevance of strategic policy formulation to national and international levels of cybersecurity strategies. Studying the types of cybersecurity such as the role of the federal government in cybersecurity was really exciting and I learned of the complexities that these systems possess. The awareness I gained from this project can be useful to jobs related to policy analysts, where one must consider and conceive strategies to curb the wide range of cyber threats. The capability to look at politics and tactics through a critical lens is one of the most important leadership attributes in the cybersecurity sector because of the far-reaching nature of security-related decisions.

Data Security

Artifact 1: Cryptography in Cryptocurrencies

My knowledge of cryptocurrency-related cybersecurity issues was widened after I had an opportunity of investigating the use of cryptography in different applications such as cryptocurrencies. I had a chance to address the issue by bringing objective theories from mathematics and I realized that modern cybersecurity always demands a cross-discipline problem solving approach. “Mathematics – The Foundation of Cryptographic Techniques” asserted that theoretical math concepts serve as the very basis for cryptographic solutions, which are used to preserve the privacy as well as authenticity of virtual transactions on the Web. Cryptography is an excellent example for the mathematical science showing how important mathematics is in creating elaborate algorithms for the foundation of digital currency credibility. In this, knowledge is extremely important in the fields that highly-demanded data protection, in fact what this understanding actually represents is a critical relationship between mathematics, computer science and financial technology, which altogether create waterproof security strategies in the digital financial world.

Artifact 2: SCADA Applications

The Scada systems project was difficult for me because unlike the other projects I had completed I had no baseline knowledge since I had never heard of a SCADA system before, and had to learn about their purpose and how they accomplish their tasks within a short amount of time. The SCADA Applications artifact demonstrated what the role of securing particular systems means because there is an intersection between cybersecurity and industrial control systems and it will allow me to explore various positions that involve securing critical infrastructure. During this particular section, the knowledge that I gained is especially effective for industries that have SCADA systems running i.e. utilities, manufacturing and public service. These technical skills are extremely needed for those jobs which are not only pivotal for economic strength and public health, but become primary targets for cyber-attacks.

Artifact 3: Data Protection

The work of drawing up Data Protection guidelines allowed me to gain a interdisciplinary perspective and also incorporate legal, ethical, and technologic inputs, which involved so many things, such as data protection regulation (GDPR). The “GDPR v. PIPL” document has already served as the starting point for clarifying the differences in data protection globally. Therefore, this research has enhanced my legal understanding along with depicting the necessity of ensuring that the development of technology harmonizes with various environments of international law. Such skills are vital for jobs that include designing the data protection schemes that are applied globally and that are adequate in the different regulatory jurisdictions, so the multinational companies would still meet the compliance requirements while effectively safeguarding the user data.

Conclusion

The process of developing the artifacts helped me to not only gain specific technical skills but to also develop a focus on the interdisciplinary nature of cybersecurity. Each project blended different fields of study and trained me to consider different angles of the multi faceted security issues. When I move from college to start my career, I know the skills and views I have learned are going to be of help to me in the future. These artifacts not only contributed to my technical skills but also increased my capability for strategic and comprehensive thinking about cybersecurity in a bigger picture. This broad educational experience affords me with the necessary skillset for innovation and leadership in different cybersecurity positions as I will be able to move more effectively into the field moving forward. The tools that I have discovered throughout the academic coursework at Old Dominion University have been very enlightening. They helped me to shape a resilient and adaptable approach to the modern cybersecurity challenges. In the future, this approach will be most valuable to me in the cybersecurity field.

Works Cited

Bowcut, S., & Bowcut, S. (2024, March 7). Why math matters in cybersecurity. Cybersecurity Guide. https://cybersecurityguide.org/resources/math-in-cybersecurity/

Macnish, K. (n.d.). Surveillance Ethics | Internet Encyclopedia of Philosophy. https://iep.utm.edu/surv-eth/

Potter, A., Campbell, K., & Ashcroft, V. (n.d.). Comparing Privacy laws: GDPR v. PIPL. https://www.dataguidance.com/sites/default/files/gdpr_v_pipl_.pdf

Tam, L., Glassman, M., & Vandenwauver, M. (2010). The psychology of password management: a tradeoff between security and convenience. Behaviour & Information Technology, 29(3), 233–244. https://doi.org/10.1080/01449290903121386

Wen, J., & Wen, J. (2024, February 22). Risk management: Understanding the basics and importance. IMD business school for management and leadership courses. https://www.imd.org/reflections/risk-management-understanding-the-basics-and-importance/