201S | micahelmore

Journal 1

When I analyze the NICE Framework I see a couple areas I would be interested in doing work in. My first choice is to oversee and govern. That is my end goal in Cybersecurity to have some type of leadership role. Throughout my life I’ve always had the big spotlight of being the leader of a group, project, area of work, etc. So this is an area I’m going to try to get into. The next branch would be operated and maintained. I would choose this next field because I want to work directly with the systems. The area I would least go into would be cyber operations and investigations. Those areas just don’t interest me like the others. I have no desire to go into them.

Journal 2

Explain how the principles of science relate to cybersecurity The principles of science relate to cybersecurity by the behavioral aspect of it. The point of science is the systematic study of the structure and behavior of the physical and natural world through observation, experimentation, and the testing of theories against the evidence obtained. When we relate this to cybersecurity we can examine this in two different ways. Maybe even more ways but I want to focus on two. The first way we can relate this is dealing with cyber criminals. We need social science to study cyber criminals so we can figure out “why they do what they do”. What exactly is triggering their behavior response to commit these crimes. The next The next point I want to bring up is the interaction of everyday security processes and us humans. In this case the interactions between people and security. Let’s use the job title information security for this. When dealing with Information security there is a direct line between people (workers) and the systems and data they protect. To be more precise an Informational Analyst who loves his job and has been doing it for years can provide a lot of great benefits to security. As they have interacted with the systems and learn the best practices for it. This can be a great social science example as we compare the interactions of humans and systems with the benefits and causes of it.

Journal 3

There are many ways for researchers to use this information to study breaches. A couple ways are seeing the most common data breaches. With figuring this information out they can plan out security practices best to protect against these types of breaches. They also use this information the understand the danger of our privacy and data laws. Since companies are constantly selling our data and these third party connects can have data breaches it puts us more in danger than ever. Instead of worrying about our main app being breached we have to worry about side parties who don’t even know being breached. The biggest ways they are going to study these breaches are by identifying what caused them in the first place. Analyzing the breaches will help determine if there is a pattern between companies being breached. These two are the most important in studying in my opinion.

Journal 4

The Maslow’s hierarchy deals with the 5 levels needs of human. These include physiological need, safety need, belongingness/love need, esteem need, and the self actualization. Self actualization is the highest form he says we strive for but majority fail to reach. In the world of technology we can relate this to the hierarchy very easily. The first is the physiological level. At this level, people require the basic necessities of life such as food, water, shelter, and sleep. Technology plays a role in satisfying these needs by providing access to information and resources that can help individuals meet their basic needs. For example, technology can help people find food and water sources, locate safe places to stay, and track their sleep patterns. I use it all the time to find food places all the time. Next are safety needs which people seek security and stability in their lives. Technology can play a role in this by providing access to safety and security features, such as encrypted communication, secure storage of personal information, and the ability to control access to personal devices. For example, I use a two-factor authentication to protect my accounts. The third level is about love and belonging. This level of the hierarchy is concerned with emotional connections and the need to feel a sense of belonging. Technology has enabled people to connect with others through social media and messaging apps, allowing people to form and maintain relationships with others, even if they are physically distant. I use FaceTime to see my daughter while I’m away in college. Level four deals with esteem. People have a need to feel valued, respected, and confident. Technology can contribute to this by providing access to information and resources that can help build self-esteem and confidence, such as online courses and tutorials, forums, and educational content. For example, participating in online communities where you can receive feedback and recognition for your contributions can help satisfy esteem needs. I personally get esteem from technology by sharing viewpoints and people agreeing that they are good points. The last level is self actualization is the last level. This level of the hierarchy is concerned with personal growth and the need to reach one’s full potential. Technology can play a role in this by providing access to information, resources, and tools that can help individuals pursue their passions and interests, such as online courses, workshops, and resources for creativity and self-expression. For example, using technology to pursue an online course in a subject of interest, or to create and share art, music, or writing, can help fulfill self-actualization needs. I take part in this by purchasing certification courses to help advance me in my career.

Journal 5

So I’m going to rate these backwards. Coming in at 7 would definitely be recognition. I’m going to be honest I will never understand doing a attack just for some recognition. You’re never going to be able to enjoy. Because it requires you to acknowledge you did it you will go to jail or be in some type of trouble and for what so people will know you for the moment and forget about you in a few years. Coming in at 6 is boredom. I mean if you’re that bored that you hack and create malware. You might as well put that energy into something else. Go create a better security system and launch that. At least then you’ll do good and possibly become wealthy. Coming in at 5 is entertainment. Now this is really just the same as boredom in my eyes but I can’t have them tying. The 4th one is revenge. Revenge is something I can understand. You’re emotional at that point and just want to cause some type of harm or expose information they wouldn’t want. I don’t agree with it but it is a real issue that happens and when it does depending on the situation you see why they did. The third is for money. Criminals will always look at does the benefit out weigh the reward. In the sense of hacking like a ransom attack of lets say a hospital and they get thousands of dollars out of them. It would definitely be worth it to them. So hacking and selling data for money is something I understand why criminals do it’s easy money. The 2nd is political reasons. Hacktivism has been around for some time now. And it’s very important what these people do. I mean bringing awareness to the potential dangers of technology and showing how to fight against it does wonders. Not everybody knows about this so them exploiting and showing is important for society. The one that made the sense is what I like to call life factors. You know growing up being around cyber criminals you will probably take after and be one. Growing up in poverty you might seek after crimes for money. You could take a list of reasons all of these reasons could be life influences to make these people do it.

Journal 6

Breaking-CNN.com is fake website. The real website is https://www.cnn.com/. The layout of the sites are completely different. Unless someone has never been on the official CNN website it would be pretty hard to fall for this site. However I will say when people see the breaking CNN they would automatically think that is the site because that is one of CNN sayings. What makes this website fake is of course the off brand version of CNN. But the key takeaway is the fake news it spreads. The articles aren’t even real stories. The second fake site is Oneworld.press. This site is a little more difficult to detect. Because this site actually has a real cover and layout like other news websites. However this site is a propaganda site to support trump and spread false covid claims. Only way to to really decipher this is to check it’s credibility and if someone does they will see it is a fake site. https://www.cia.gov/resources/csi/studies-in-intelligence/archives/. This is a real website from the CIA that displays all of their real declassified documents. Typically websites ending in gov, edu, org are real websites and people don’t have to worry. The washingtonpost.com.co is a off brand version of the washingtonpost. Can tell this site is fake off the “co” at the end and fake stories. A real website would be the actual washingtonpost website with real stories. Ways to tell if a website if fake is if it has terrible design, the url of letter is off like “gooogle”, not secured, website contacts you off phishing.

Journal 8

I mean I think the media plays a big part into how we look at cybersecurity. I mean for people who know nothing about the field and only see it from the media this is definitely shape whatever image the media wants. So while it can be informational it can also be misunderstanding. The biggest example of this is we always see stories relate cybersecurity as a technical issue. When thats not true this is also a social issue. This affects society more than anything. The media will portray cybersecurity to be whatever it is they want. The problem is they don’t fully understand it so to them they could be pushing a narrative that it is negative especially with all the attacks and outcomes that could happen in a cyber war. The Insider youtube video was a great example of media at work. Now granted this was television so the perception is a little different but regardless it is there. We were able to see from a real world hacker’s point of view on what was real and fake. So someone seeing these shows thinking this is how hacking works in the real world, could be scary for them. Thinking they could get our information that easy and quick. So the media definitely does play a role in the perception of cyber security.

Journal 9

I took the test and I scored a 2.0. I think the items in the test are a little misleading. They use a test of regularly to determine answers. I wouldn’t say the actions I put are regular. This test would be more accurate if they had an actually scale lets say 1-5 1 being the lowest and 5 highest. I think different patterns are found based on the person. Not everybody’s life is the same. Some people like me don’t really care for social media but my environment allows me to be that way. While other people are deeply attached to social media.

Journal 10

Journal 11

So the lady in the video covered a lot. The first social theme I want to talk about is social life. She mentioned the first entry level job most go for is an analyst job. The thing about it is normally it is 24/7 job. So if you don’t have social life like friends, family, kids, etc the job could be for you. If not probably not unless you get schedule for 1st shift of course. The next social factor was the location of the job. Some of these jobs do not require you to come in and work. You can work it from anywhere home, cross states , overseas, etc. Now this affects the social life in terms of you probably won’t connect with people at work. You would only connect with regular everyday people you normally do. Me personally I like to connect with everybody. But I also would like to work from home. So I would choose a hybrid position job. Wrapping up your social life have a lot to do with video. Who we are as people will determine a lot. What I mean by that is social factors. The cost of living in NY is so much more different than the cost of living in Atlanta. I mean you might sit there and pay 3,000 a month to live in a closet in NY. While you can actually get a decent apartment with everything you need for around 2,000 in Atlanta. So depending on these factors and also factoring in what these cities and people are like will be a big part in starting these jobs.

Journal 12

Rational choice is a great first choice theory to analyze this sample breach. I say that because even though the attack had been happened they came to the decision to not tell their customers of the breach when they first found out. They had to weigh the cost benefit of losing money or finish the investigation. Th second theory social control theory. This theory states people’s behavior is influenced by the social controls that are in place to deter deviant behavior. So in this case of the letter instead of leaving them and finding a new bank. They give them options on what they should do so if their information is compromised the hackers won’t be able to use it. The first economic theory is the Laissez-fare economic theory. With this theory the government could have stepped in to protect the customers rights and data.The next theory is the Marxian theory. It says those with power exploit those without power. We see this clear as day. Hackers had all the power to cause a breach and steal information. While the regular consumers were helpless.

Journal 13

Journal 14

Andriy Slynchuk bought up a lot of good points of things we do on the internet that is illegal. Out of the different violations we commit on the internet I don’t find a lot of these serious. I find that they are harmless. However there are a few that are questionable and I do find serious. The first one is collecting information about children. Nobody should be collecting information about random children that has absolutely nothing to do with them. This issue is just wrong and tends to lead more to cases of child pornography, stalking, kidnapping, etc. The next is faking an identity online. I say this because my concern is someone using someone else identity and committing crimes with said identity. Then when law enforcement gets involved the wrong person is arrested. Using other people’s network is definitely dangerous. I was able to experience wire shark for the first time this week. After seeing all the data, from passwords, credentials, and just day to day activity if someone was using someone else network they would have access to all of this. The fourth one is bullying and trolling. I normally wouldn’t put something like this on here because of the way I operate. But the stats are rising on the amount of people being bullied on the internet. Some of these kids are even committing suicide over it and thats the worst part. The last point she made that I agree with is recording calls without consent. My only problem with this is the technology we have today people are to deep fake the voice and can really make the phone conversation anything they want.

Journal 15

I think his pathway to his career sums up a lot of people stories. Not everybody knows exactly what they want to do but once that find that right niche that feels right. It leads them in the direction they need to succeed. he mentioned his father being a big reason for career path. I know I can relate to that. My father is also the reason I’m doing cyber security. Everybody has their reasons for going into a career path whether they were influenced, or found it on their own. In Davin’s case worked in accounting and actually was good at IT and went down the path of a different career. I think it’s cool how everything worked out for him. Working at an accountant firm then being given the opportunity to work the first digital forensic. It just goes to show you never know what your career destiny is going to be.