CYSE 201S Article 1 Review

Posted by mbrow096 on

Have you ever wondered, what are the losses of a business when a cyber attack occurs? Or how do you better prepare yourself and others against phishing scams? Well, these two questions are also from two different reliable cybersecurity journals found in “The Journal of Cybersecurity.” These two journals go into depth and detail about the questions I asked. To begin, I am going to review the first journal I read which was about phishing, then I am going to review the second journal I read which was about the loss of a business when a cyber attack occurs.

To start, the title of the first journal article I read was called “Categorizing human phishing difficulty: a Phish Scale.” Overall, a group of people saw that phishing awareness training programs just weren’t as accurate as they should be. They hypothesized that click rates should be expected to be different based on the difficulty of the phishing email and the department of the organization. Thus, they created the Phish Scale, so chief information security officers (CISO) can change the difficulty of phishing emails depending on the department, and it will help explain why they had such high/low click rates.

This journal relates to the principle of determinism in social science through the lens of cybersecurity because determinism is defined as “a principle of science that means the behavior is caused, determined, or influenced by preceding events.” This means that the determinisms definition of someone’s behavior is influenced by proceeding events adds up with the groups’ hypothesis that click rates are to be expected depending on difficulty and the certain department it’s sent to because when the phishing email is sent to the certain department those people were taught a different way and that teaching could have influenced them to click on the email. A research method they used to figure out what they needed to create the Phish Scale were case studies from prior CISOs testing their employee’s click rates on phishing emails. Finally, some comparison between the journal and what we are learning in class currently is the idea of cybersecurity, following the scientific method, and social science through the lens of cybersecurity.

Overall, this article does relate to real-life challenges occurring daily by phishing emails to not just employees in organizations but to anyone who has an email. The contributions this group made were very important and needed for CISOs and anyone else who is testing others on click rates for phishing scams.

Works Cited
Steves, Michelle, et al. “Categorizing Human Phishing Difficulty: A Phish Scale.” Journal of
Cybersecurity, vol. 6, no. 1, 2020, https://doi.org/10.1093/cybsec/tyaa009.
Links to Articles
“Categorizing human phishing difficulty: a Phish Scale” –
https://academic.oup.com/cybersecurity/article/6/1/tyaa009/5905453?searchresult=1

Leave a Reply

Your email address will not be published. Required fields are marked *