After looking through the NICE Workforce Framework, there were certain areas of the framework that I wanted to focus my career on. I would like to focus on the design and development aspect of cybersecurity because I am more on the innovative side and would like to be apart of a branch that designs and develops new technology systems that will improve security as a whole. On the other hand, I’m not that interested in the oversight and governance area of cybersecurity. While I know it\u2019s important, I\u2019m not as interested in managing and directing people to handle security risks and breaches. This area also seems less appealing since it\u2019s more about routine system upkeep instead of solving new problems.<\/p>\n
The principle of empiricism is using all your senses to learn; you intake knowledge by relying on observation, experimentation, and evidence gathered from your five senses. This principle is vital to improve practices in the field of cybersecurity. By analyzing and collecting important information, it can help organizations identify emerging threats quicker, maintain and improve existing security measures, and guide development on improved security measures. By continuously collecting and analyzing logs from firewalls, intrusion detection systems, and endpoint monitors, organizations can detect unusual activity that may suggest potential threats in the future. This data can also be used to evaluate whether security tools and policies are working as intended. It creates insight that can help organizations iterate and refine their cybersecurity posture based on what actually works in their security protocols.<\/p>\n
PrivacyRights.org keeps a public record of data breaches, including details like the type of organization affected, the method of the breach, the kind of data exposed, the size of the incident, and when it happened. This information can be used by researchers to look for patterns, such as which industries are targeted most often, which attack methods are becoming more common, and whether breaches are getting bigger or reported more quickly. By studying these trends, they can predict what kinds of breaches are likely to happen in the future. This can help organizations, policymakers, and cybersecurity experts prepare better protections.<\/p>\n
Maslow\u2019s Hierarchy of Needs is a psychological theory explains human motivation as a progression of needs arranged in a pyramid, where basic needs must generally be met before higher-level ones can be pursued. At the physiological level, devices like smartphones and computers help meet basic needs, such as using apps to order food or manage events with calendars. For safety needs, technology provides security systems, password protection, and antivirus software that make me feel safe online and protect personal data. At the love and belonging level, social media, texting, and video calls allow me to connect with friends and family, building relationships. For esteem needs, achievements in gaming, creating digital projects, or receiving positive feedback on posts boost confidence and recognition. Finally, at the self-actualization level, technology supports creativity and growth; for example, learning new coding skills, making digital art, or exploring knowledge online.<\/p>\n
When ranking individual motives for cybercrime, I place money as the most logical motive. Financial gain is a clear and universal reward. Attacks like the BitMart cryptocurrency hack demonstrate how cybercriminals can turn their technical skills into immediate profit. In second place is political motives. Hacktivism and state-sponsored attacks show how cyberattacks can be powerful tools for influencing governments or spreading messages. Next, I place revenge (3). The desire to retaliate against individuals or organizations is a strong personal motivator. Following that, I rank recognition at fourth. Many hackers are motivated by the desire for status or validation, either within online communities or even publicly. Examples like Bradley Niblock\u2019s election DDoS or hackers who receive acknowledgment from organizations such as NASA show how recognition can be a strong driver for cyber activities. Curiosity (5) comes next. The story of the teenager who hacked NASA illustrates how the desire to explore and test boundaries can lead to cybercrime. Curiosity is understandable, especially for young or inexperienced hackers, though it typically does not carry the same weight as financial or political motives. In sixth place I put entertainment there. Some individuals hack simply for fun or challenge, such as the person behind the LinkedIn scraping incident. I place “multiple reasons” (7) next. Its not really a motive but more like a generalization than anything. Finally, I place boredom as the least sense. I find it hard to believe that someone would commit a crime just to kill time. Most of these cyber crimes take actual thought behind doing them such as hacking into protected systems.<\/p>\n
After watching the video, the talk argues that while organizations often invest heavily in firewalls, antivirus, and email filtering, the biggest vulnerability is human behavior. However this vulnerability is also our greatest defense as well. Attackers frequently exploit human errors through phishing, fake Wi-Fi hotspots, social engineering, or targeted \u201cwhaling\u201d attacks. But when employees are educated, encouraged to question suspicious requests, and empowered to report mistakes without blame, they can discern threats that technical controls might miss. The way I see how the human firewall works is by imagining an organization’s network as a pipeline. Each joint of the pipeline is used to control\/stop the flow of the pipeline if needed, which represents a person. If each person controls the flow correctly & there are no faulty joints (unaware people) within the pipeline, then the whole system is secure\/resilient to vulnerabilities.<\/p>\n
N\/A<\/p>\n
N\/A<\/p>\n
According to the social media disorder scale, I scored a two; two to five indicates risky usage. I believe most of the criteria covered in the scale describe many of the problems people have with social media. I say this because I have family members and friends that have shown these signs when it comes down to social media usage, and also the fact that I show some of these characteristics. Different patterns are found across the world due to human geography. Variations in cultural norms, socioeconomic factors, individual psychological differences, and specific social media platform designs affect how people interact with social media. This in turn creates diverse vulnerabilities and use patterns globally.<\/p>\n
The article \u201cA Survey of Social Cybersecurity: Techniques for Attack Detection, Evaluations, Challenges, and Future Prospects\u201d, shows how technology isn’t the only factor of cybersecurity; there are human and social behaviors that come with it. The article explains that social cybersecurity focuses on protecting people and online communities from manipulation, misinformation, and psychological attacks. The authors review current detection methods like machine learning, graph analysis, and agent-based modeling, noting major challenges such as limited datasets and ethical concerns. They emphasize the need for interdisciplinary collaboration between computer science and social science. Overall, the article highlights that defending against cyber threats requires understanding both technology and human behavior.<\/p>\n
In the video presentation, the role of a cybersecurity analyst is a technical position that deals with monitoring computer systems and networks from cyber threats. However, a cybersecurity analyst isn’t only technical, but is a social role where communication and collaborative relationships are vital. Their work includes identifying vulnerabilities, installing firewalls and security software, and educating employees on security protocols. In a way, this job highlights themes of responsibility and community. The analyst is there to foster a culture of good cyber hygiene to their workspace and others who reach out to them such as end users, management teams, and peers. Moreover, the analyst must listen, ask questions, and tailor responses to diverse audiences, bridging the gap between complex technological concerns and everyday human practices. This shows how cybersecurity analysts do not only relate to social behaviors, but deal with them altogether.<\/p>\n
The \u201cSample Data Breach Notification\u201d letter from Glasswasherparts.com provides a real example of how cybersecurity incidents relate to economic and psychological social science theories. There are four different theories that come to mind that relate to this letter: rational choice theory, liability theory, cognitive theory, and cyber victimization. Rational choice theory appears in the company\u2019s decision to notify customers and recommend protective actions to reduce long-term harm. Liability pressures also influence the letter, as the company complies with legal requirements and seeks to limit financial exposure. Psychologically, cognitive theory is reflected in the letter\u2019s clear structure, helping customers interpret the breach calmly and rationally. Victim psychology and optimism bias are addressed by urging customers to monitor accounts, countering the common belief that \u201cbad things won\u2019t happen to me.\u201d<\/p>\n
The article review highlights how bug bounty programs rely on economic principles, especially cost benefit efficiency and the value of “crowdsourced cybersecurity”. Research shows how organizations struggle to find vulnerabilities within their own systems, which is why they pay ethical hackers outside their organizations to find these vulnerabilities for them. From collected data, these findings indicate that increasing the payout to these penetration testers doesn’t dramatically increase their participation, meaning smaller companies gain meaningful benefits. These programs also become less productive overtime due to simple bugs being found instead of more threatening ones. Overall, this study shows that bug bounty policies are effective if they are well structured and updated frequently to maximize their economic and security value.<\/p>\n
Andriy Slynchuk goes over describes eleven things that internet users do unknowingly that may be illegal. In my opinion, five out of the eleven are serious violations which are Sharing Passwords, Addresses, or Photos of Others, Bullying and Trolling, Faking Your Identity Online, Collecting Information About People Younger Than 13, and Illegal Searches on the Internet. Sharing passwords, addresses, or photos can lead to your\/others accounts being compromised or used for malicious purposes. Bullying or trolling can lead to serious criminal offenses and there are laws implemented to protect others from cyberbullying. Faking your identity is a form of identity fraud and can be used to defame others without their knowledge. Collecting information on minors is a violation of their privacy and COPA without any verifiable consent from parents\/guardians. Finally, illegal searches on the internet can be a serious red flag depending on the contents of these searches. Usually it prevents you from doing so but it can lead you to jail time.<\/p>\n","protected":false},"excerpt":{"rendered":"
Journal Entry #1 After looking through the NICE Workforce Framework, there were certain areas of the framework that I wanted to focus my career on. I would like to focus on the design and development aspect of cybersecurity because I am more on the innovative side and would like to be apart of a branch… <\/p>\n