CYSE 201S Journal Entry #1
Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas would appeal the most to you and which would appeal the least.
Digital Evidence Analysis is the aspect of the NICE Workforce Framework that most interests me. Its investigative aspect appeals to me since it uses analytical methods to find, analyze, and preserve digital data. My love of practical technical work and resolving challenging issues with practical applications is in line with this. The strategic function that cybersecurity policy and planning play in forming organizational cybersecurity while upholding regulatory compliance is another reason why I find it intriguing. However, because they need a lot of managerial and administrative work, which I find less interesting, fields like cybersecurity workforce management and communications security management are less desirable. More technical and investigative positions that concentrate on solving cybersecurity issues head-on rather than managing personnel or resources are what I like.
CYSE 201S Journal Entry #2
Explain how the principles of science [Empiricism, Determinism, Parsimony, Objectivity etc.,] relate to cybersecurity?
The key principles of science which are objectivity, determinism, parsimony, and empiricism, relate to cybersecurity in several ways. Empiricism places a strong emphasis on using empirical evidence to inform security decisions, such as attack patterns and vulnerabilities. According to determinism, professionals can foresee dangers by using established patterns to forecast how systems would behave. Parsimony promotes more dependable and controllable security by favoring tired and true, straightforward solutions, like standard encryption protocols, over intricate, unproven ones. Accurate threat identification and response are made possible by objectivity, which guarantees that decisions are founded on factual information devoid of prejudice. Cybersecurity experts may create more resilient, sensible, and efficient defenses against changing threats by following the guidelines. What combined promotes a realistic, data driven approach to security.
CYSE 201S Journal Entry #3
Matthew Burd
Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches?
Note: The word count should be in between 100 -125 words.
One of the Publicly accessible methods I found was about Data Breach Chronology. The Data Breach Chronology can help researchers examine breaches by examining trends over time, discovering patterns in the number and form of breaches, and determining how different industries are affected. Researchers can determine which sectors are most vulnerable to specific types of attacks and the underlying vulnerabilities that make them targets by examining the classifications for breach types (e.g., HACK for cyberattacks or PORT for portable device breaches) and organization types (e.g., BSF for financial services or MED for healthcare). This research can assist assess the possible impact of breaches on diverse firms, as different sectors face variable amounts of privacy and financial ramifications. (119 Words)
CYSE 201S Journal Entry #4
Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need. CYSE 201S
A digital experience as a child influenced my outlook on technology. After my Steam account was hacked, I came to understand the value of trust and security, emphasizing how essential safety is according to Maslow’s hierarchy of needs. The situation inspired me to study more about cybersecurity, emphasizing knowledge and skill development for self-actualization and personal protection. As my digital life became more secure, I concentrated on establishing connections and looking for chances for personal development. My experience supports Maslow’s theory, which holds that addressing basic needs like safety and security enabled me to strive for greater levels of accomplishment and self-worth. I’ve discovered from this that experiences, especially those pertaining to safety and security, are essential for one’s development, especially in cybersecurity.
CYSE 201S Journal Entry #5
Review the articles linked with each individual motive in the presentation page or Slide #4. Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7). Explain why you rank each motive the way you rank it.
Since financial gain is the most common and practical motivation for cybercrime, I put “for money” as the top incentive. “Political” comes next since attacks with political motivations are becoming more common in the modern world. “Revenge” follows, motivated by personal grudges and frequently observed in cases of revenge porn or cyberstalking. Since some people are driven by a desire for notoriety or prestige in hacker communities, “Recognition” comes in at number four. Some hackers find thrills or challenges in conducting crimes, and “entertainment” is listed sixth. “Boredom” ranks sixth because it is a less reliable incentive, particularly for younger people. Lastly, because it is less clear than other, more specific explanations, “multiple reasons” is listed last.
CYSE 201S Journal Entry #6
Can you spot three fake websites? [Refer Online Security Blogs, Public Awareness Sites, Academic Resources etc., and cite the source].
Compare the three fake websites to three real websites and highlight the features that identify them as fraudulent.
Note: Don’t generate or click on unwanted/fake websites on your web browsers. Use examples from your sources to demonstrate what specific characteristics make these websites fake.
The first example of a fake site is “Login-amazon-account[.]com” This is an example of a fraudulent website that impersonates the Amazon login page. Amazon.com is the official Amazon website. The fake website frequently does not have HTTPS encryption, and its URL contains deceptive words like “login” and “account.” Similarly, irs-contact-payments[.]com impersonates the IRS website irs.gov and requests private information, which is a common indication of phishing. Lastly, “foxbusiness.xyz” mimics foxbusiness.com. Fake websites such as this one post dramatic or misleading stories with bad grammar and design, and they use strange domain extensions like.xyz. Domain name inconsistencies, lack of security, and suspicious requests for personal information are indicators of these fake websites (Source: Cybersecurity and Infrastructure Security Agency, StaySafeOnline).
Cybersecurity and Infrastructure Security Agency. (n.d.). Recognizing phishing scams. U.S. Department of Homeland Security. https://www.cisa.gov/
StaySafeOnline. (n.d.). Phishing: How to identify and avoid phishing attacks. National Cybersecurity Alliance. https://staysafeonline.org/
CYSE 201S Journal Entry #7
By depicting a person using a laptop while wearing a face mask, this meme demonstrates a misunderstanding about computer viruses by suggesting that the “virus” infecting the machine is contagious, similar to a human virus. This emphasizes the negative effects of inadequate virus protection training from the standpoint of human-centered cybersecurity. Lack of cybersecurity awareness can cause consumers to misunderstand how online dangers operate, which can result in ineffective protection practices like ignoring antivirus software or failing to spot phishing efforts. Inappropriate actions by users, such as physically isolating a computer rather than performing security checks or updating software, can also be the result of misdirected security efforts. This highlights the importance of clear communication in cybersecurity training, making sure that comparisons between biological and digital viruses are appropriately phrased to avoid misunderstandings.
CYSE 201S Journal Entry #8
Movies, in my opinion, have a significant impact on how people view cybersecurity, but they frequently misunderstand it. Hollywood frequently presents hackers as either evildoers wreaking havoc on the world or as brilliant individuals who can quickly breach any system. Hacking is made to appear slick and easy in films like Hackers and Swordfish, but Mr. Robot is one of the few that accurately depicts some technical aspects. People may develop irrational expectations as a result of these exaggerated depictions, believing that cybersecurity is solely about typing quickly and using dazzling interfaces. Actually, hacking is more about research, patience, and taking advantage of human mistakes. I’ve observed that a lot of individuals either completely underestimate cybersecurity or fear hackers as unstoppable threats as a result of movies. People may be more inclined to take cybersecurity seriously if it is portrayed more realistically.
CYSE 201S Journal Entry #9
On the social media scale, I scored a 0. I do not use social media, I do not trust it, I do not like it, and honestly, I do not care what you had to eat today. Regarding the questions, the Social Media Disorder (SMD) Scale appears to have fair and useful items for detecting possible problematic social media use habits. They include a range of behavioral topics, including conflict, withdrawal, and fixation, which can be a sign of how social media may impact a person’s relationships, everyday life, and general well-being. These questions also address psychological aspects that are crucial to comprehending social media addiction or misuse, such as utilizing social media to avoid unpleasant emotions or feeling unhappy with the amount of time spent online. Technological, sociological, and cultural aspects are important in explaining why various patterns are observed around the world. Social media may be more ingrained in daily life in some areas, impacting how people communicate, collaborate, and interact. For instance, social media use may be more common or even considered essential in cultures where digital connectivity plays a significant role in both commercial and social contact. Furthermore, different nations have different levels of access to social media and technology; some have quicker internet connections or more access overall, which may have an impact on usage habits. Finally, disparate patterns in how people use social media may also be explained by cultural perspectives on mental health, social behavior, and the effects of technology.
CYSE 201S Journal Entry #10
Beskow and Carley, emphasize the increasing importance of social cybersecurity as a crucial component of national security, emphasizing its involvement in both conventional and unconventional warfare. Social cybersecurity examines how cyber mediated risks affect social structures, political consequences, and human behavior, in contrast to traditional cybersecurity, which defends information systems against assaults. To preserve societal integrity in the digital era, the authors characterize social cybersecurity as a scientific methodology that aims to comprehend, predict, and mitigate these dangers (Beskow & Carley, 2019).
One of the primary concerns mentioned in the article is the increasing prevalence of information warfare, particularly the strategic deployment of misinformation and disinformation by state and non-state actors. Before a physical confrontation breaks out, the authors point to Russia’s “information blitzkrieg” strategy, which uses disinformation operations to undermine public confidence in institutions and destabilize enemies (Beskow & Carley, 2019). This strategy is in line with Russian military philosophy, which prioritizes ongoing competition above officially declared conflicts.
Beskow and Carley provide the “BEND” model, which classifies many types of social cyber maneuvers, to comprehend how adversaries control social discourse. These include network manipulations like community infiltration and the formation of fake consensus, as well as tactics like diversion, misdirection, and distraction in online conversations. The authors also look at the function of bots in information operations, labeling them as force multipliers that reinforce polarizing narratives, automate the spread of misinformation, and influence public debate.
Beskow and Carley end by arguing that government and military officials need to prioritize social cybersecurity. To prevent cognitive hacking and protect democratic institutions, they stress the necessity of interdisciplinary research, changes to policies, and increased public awareness. They support proactive measures that strengthen national resilience against social cyberthreats as cyber enabled misinformation continues growing.
Reference
Beskow, D. M., & Carley, K. M. (2019). Social cybersecurity: An emerging national security requirement. Military Review, March-April 2019, 118–126.
CYSE 201S Journal Entry #11
Social behaviors are closely tied to the job of a cybersecurity analyst in a number of ways. One benefit of cybersecurity experts’ frequently high salaries is that it can raise their social standing and increase their financial security, which may affect their capacity to obtain better housing, schooling, and general lifestyle options. This may have an impact on their social networks and cause them to move up the economic ladder. However, the rigorous nature of the work, which frequently calls for graveyard shifts or 24-hour supervision, might interfere with social life. Feelings of social separation or loneliness may result from analysts working night shifts finding it difficult to keep up relationships with friends and family who follow a typical 9–5 schedule. Also, the workplace might restrict social connection, particularly in corporate or high-security situations, which makes cybersecurity analysts more likely to spend a lot of time alone. Because in-person interactions are less common, working remotely can occasionally result in a greater sense of social isolation even though it gives freedom. As a result, the nature of the cybersecurity industry and its working conditions affect analysts’ social and personal activities in addition to their professional lives.
-Themes discussed-
1Social Status and Economic Mobility
2 Work-Life Balance and Social Isolation
3 Social Disconnection in the Workplace
4 Loneliness and Mental Health
5 Flexibility vs. Isolation
CYSE 201S Journal Entry #12
Two economic theories and two social science theories can be used to assess the “Glasswasherparts” data breach notification letter.
Information asymmetry theory applies from an economic standpoint because, although the organization and its platform supplier were more aware of the security threats, customers were not informed of the incident for almost a year. This disparity may affect customer behavior and trust, which could result in a decline in the company. Cost-benefit analysis is also important because the business and its platform provider had to balance the possible losses from breaches, such as fines and harm to their reputation, against the financial consequences of cybersecurity expenditures. Another Idea that is applicable from a social science perspective is the social contract idea, since companies and customers have an implicit agreement to secure client data. Notifying impacted persons is required by law and ethics since the violation amounts to a breach of this trust. Furthermore, because the breach happened as a result of the combination of a motivated attacker, a weak system, and incompetent guardianship, the criminology theory of routine activity is also applicable, emphasizing the necessity for more robust cybersecurity measures.
CYSE 201S Journal Entry #13
By rewarding ethical hackers for finding weaknesses in a company’s cyber infrastructure, bug bounty programs provide an affordable method of cybersecurity. The literature study emphasizes the programs’ economic justification and their effectiveness in comparison to more conventional security measures. Businesses gain from a proactive approach that enables them to handle security risks before bad actors take advantage of them. But the research also highlights issues including irregular payments, unclear legal status, and moral dilemmas, such as the potential for hackers to hoard exploits to profit more (Sridhar & Ng, 2021). Bug bounty schemes continue to be a useful instrument in the field of cybersecurity despite these disadvantages.
The findings discussed support the notion that clear participation criteria, transparent reward systems, and well-structured policies are essential to the success of these initiatives. Businesses that don’t have these components run the danger of deterring knowledgeable ethical hackers or, worse, drawing in bad actors who take advantage of weaknesses. Additionally, the study emphasizes that although bug bounty programs are successful, they have to be used in conjunction with conventional cybersecurity measures rather than in place of them (Sridhar & Ng, 2021). Maintaining strong internal security teams and utilizing outside expertise must be balanced by organizations. Bug bounty programs are a prime example of how economic theory and cybersecurity tactics interact, supporting cost-benefit analyses to strengthen digital defenses. However, careful application is necessary for them to be effective. In the absence of openness, equitable remuneration, and moral supervision, these initiatives may increase dangers rather than lessen them. The results highlight the necessity of a multidisciplinary strategy that combines social science frameworks with cybersecurity to guarantee that policies are not only technically sound but also morally and socially responsible (Sridhar & Ng, 2021).
Reference
Kiran Sridhar, Ming Ng, Hacking for good: Leveraging HackerOne data to develop an economic model of Bug Bounties, Journal of Cybersecurity, Volume 7, Issue 1, 2021, tyab007,
CYSE 201S Journal Entry #14
The article lists several online behaviors that, despite being widespread, that can have significant legal repercussions. Using unlicensed streaming or torrent services, exposing someone else’s personal information, cyberbullying, identity fraud, and searching for illegal content online are the five most significant violations. Because these actions infringe intellectual property, privacy, and potentially criminal law, they are particularly serious. For instance, copyright rules are violated, and content providers are harmed when pirated video is streamed or downloaded. Without permission, sharing someone’s private address or images might result in harassment or physical danger. Mental health issues and, in certain situations, legal action have resulted from cyberbullying and trolling. While looking for very unlawful content, such child exploitation or criminal instructions, might lead to an inquiry and arrest, identity fraud is a serious crime that can leave victims emotionally and financially devastated. In addition to breaking the law, these acts seriously endanger both the offender and the victim of such an act.
CSYE 201S Journal Entry #15
The speaker describes his professional journey as anything but simple. “There was no clear or established route into digital forensics when I entered the field; you either stumbled into it or were placed there by circumstance,” he explained. That concept strikes me as really insightful since it illustrates how, sometimes, choosing the appropriate career requires not just trying things out but also fully committing to them. Originally trained as an accountant, he became involved when his company needed assistance with network and IT problems and found that he was more interested in that aspect of the job. He had a background in accounting, but he let his curiosity to lead him in a different direction. He went on to join Australia’s first national digital forensics practice as a result of that choice, which he completely embraced and never looked back on. His story serves as a wonderful reminder that, even after putting time and effort into one field, taking a different path is acceptable. His journey, in my opinion, is an example of the kind of rewarding road many of us aspire to discover, one that is motivated by passion and purpose, even if it means forging a new trail.