Journal Entries
Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas would appeal the most to you and which would appeal the least.
The investigation aspect of Cybersecurity disinterests me. I would prefer to be on a more technical side where I can proactively defend against threats. Investigation sounds reminiscent of a detective, which is not a line of work I’m interested in. It requires more knowledge and work in law, which I would not be as interested in. I would be more interested in the protect and defend aspect. I would enjoy testing and maintaining cyber infrastructure. I also think I would like to administer hardware and software.
Explain how the principles of science relate to cybersecurity.
Determinism relates to cybersecurity as it attempts to explain why crimes are committed. In the case we can use it to explain why an individual committed a cybercrime. There are questions about ethics we must ask ourselves in the field of cybersecurity. We must use ethical neutrality to decide if things we do in the cyberspace are ethical. When investigating cybercrimes, it is imperative to use facts and evidence, this is knows as Empiricism. Cybersecurity changes every day and these changes can be related to technological developments or breakthroughs. This is relativism. When scientists gather information about cyber security issues they must use objectivity. They have to use facts and not opinions to conduct their research. Scientists should also attempt to use parsimony, or keep their explanations simple during their study of cybercrime.
Visit PrivacyRights.org to see the types of publicly available information
about data breaches. How might researchers use this information to
study breaches? Enter a paragraph in your journal.
There is a lot of great information about data breaches on this site. Researchers could use this data to study specific organizations that are on the list for highest number of data breaches. They can also find information specific to the type of organization. They could use this to study which types of organizations have the most breaches. They can also use the site to study data reaches in specific periods of time or in specific states.
Review Maslow’s Hierarchy of Needs and explain how each level
relates to your experiences with technology. Give specific examples of
how your digital experiences relate to each level of need.
Psychological needs include food, water, and sleep. My personal experiences with technology have made fulfillment of psychological needs easier. Food and grocery delivery apps make the fulfillment of food and water much easier. Instead of venturing out to get food I can use technology to have it delivered to me. Phones can also help track our sleep and tell us when to sleep, so technology can make it easier to ensure that need is met. Safety needs are helped by technology most importantly by access to 911. There are other apps and features such as SOS that make it easier to get medical assistance. Technology has made it much easier to maintain intimate connections. Through facetime it is much easier to connect with family back home. Social media makes achievement of self-esteem needs easier. It is easy to share achievements and get instant gratification from people that comment or message. Technology has provided me opportunities to pursue self-actualization by providing me access to a plethora of educational resources, courses, and certifications, that have helped me build my resume and my knowledge.
Review the articles linked with each individual motive. Rank the
motives from 1 to 7 as the motives that you think make the most sense
(being 1) to the least sense (being 7). Explain why you rank each
motive the way you rank it.
These are the rankings of motives that I think are more common than others.
- Money- Most people are motivated by money and there is a lot of potential money to be made in cybercrime. Money is at the root of almost all cybercrimes, people don’t do things for free.
- Political- Criminals may commit a cybercrime in support of their country or because they are outrage by a politician. This happens pretty often by foreign countries.
- Revenge- Someone may hack to get revenge on someone and find hacking the easiest or most detrimental way of doing so. This is common but not as strong of a motive as others.
- Recognition- They may do it to get recognition of their skills in front of other hackers. This might happen occasionally but I don’t think it’s a frequent of a motive.
- Multiple reasons- Egos and other various reasons may play a role, as they may think they won’t get caught and are good at what they do.
- Entertainment- Criminals may get excitement out of it but this is less common than other motives such as money.
- Boredom – Criminals may get bored and have nothing else to do but I don’t think this is as common of a motive because hacking takes time and experience.
Can you spot three fake websites and compare the three fake websites
to three real websites, plus showcase what makes the fake websites
fake?
Three fake websites I identified are
These are the websites they are impersonating.
These sites trying to impersonate the real sites use similar domain names that can trick a user into thinking they are going to a trustworthy site but they are actually going to a fake website.
Review the following ten photos through a cybersecurity human systems integration framework.
Create a meme explaining what is going on in the individual’s or individuals’ mind(s).
• https://unsplash.com/photos/mfB1B1s4sMc
Human Systems Integration: Keeping us comfortable and productive
• https://unsplash.com/photos/gySMaocSdqs
Human Systems Integration doesn’t have to be for humans.
• https://unsplash.com/photos/ICTKcvnXx_8
Human Systems Integration: What’s there not to smile about.
• https://unsplash.com/photos/Z3ownETsdNQ
Human systems Integration: Allowing me to integrate technology into my life, wherever it takes me.
• https://unsplash.com/photos/5QgIuuBxKwM
Let’s talk about human systems integration.
• https://unsplash.com/photos/R6dSBkz32B8
I love what I can do once people think about human systems integration.
• https://unsplash.com/photos/BXiLSwwvqrY
What would I do without human systems integration?
• https://commons.wikimedia.org/wiki/File:Computer_user_icon.svg
I’m glad the team thought about human systems integration for the power button.
• https://commons.wikimedia.org/wiki/File:Summer_school_GLAM_giorno_1_1.jpg
This is why we should focus more on human systems integration.
• https://commons.wikimedia.org/wiki/File:CellPhone_(16491636068).jpg
I couldn’t capture these beautiful, snowy moments if the human systems integration team didn’t think about this ahead of time!
After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity.
The media influences us to understand cybersecurity as something different than it is. It depicts cybersecurity as a high-paced career with cool graphics, when that is not true. It is a slower paced job where you have to carefully analyze tools that are typically shown in basic fonts on a dark background.
Complete the Social Media Disorder scale. How did you score? What
do you think about the items in the scale? Why do you think that
different patterns are found across the world?
I met the diagnosis for a disordered social media user. I think the questions are very powerful things that a typical person should not be doing. 20 years ago that would have been highly unacceptable but I have noticed that today these symptoms are very common. I think that we have all been sucked in and accustomed to this lifestyle even though it’s wrong and companies keep finding ways to manipulate the brain.
Read this and write a journal entry summarizing your response to the
article on social cybersecurity
The article discusses the importance of social cybersecurity, which is the protection of individuals, organizations, and societies from social engineering attacks. When a criminal commits a social engineering attack they use psychological manipulation to deceive individuals into divulging sensitive information, clicking on malicious links, or engaging in other harmful behaviors. The article also highlights the potential consequences of social engineering attacks, which can range from financial losses to national security breaches. Social cybersecurity issues must be addressed at both the individual and societal levels. Efforts toward increased education and awareness need to be increased.
Watch this video. As you watch the video
https://www.youtube.com/watch?v=iYtmuHbhmS0, think about how
the description of the cybersecurity analyst job relates to social
behaviors. Write a paragraph describing social themes that arise in the
presentation.
In the video, the cybersecurity analyst job is described as requiring a deep understanding of human behavior and the ability to identify potential threats based on social cues. The social themes she brings up are prevention and prediction of cyberattacks. One of the social behaviors discussed in the presentation is the tendency for people to click on links or download attachments from unfamiliar sources, which can put them at risk for malware and phishing attacks. Analysts have to be able to anticipate these behaviors and take steps to prevent them, such as implementing security awareness training or using more secure communication channels. Another important social theme is the importance of communication and collaboration in the cybersecurity field. Cybersecurity analysts have to work closely with a variety of other departments. In all of the job postings I have seen collaboration and communication skills are listed.
Read this https://dojmt.gov/wp-
content/uploads/Glasswasherparts.com_.pdf sample breach letter
“SAMPLE DATA BREACH NOTIFICATION” and describe how two
different economics theories and two different social sciences
theories relate to the letter.
CYSE201S
The economic theories of asymmetric information and externalities can be applied, as the company has more information about its customers’ personal data security, and its failure to protect it can negatively impact customers. From a social science perspective, the theories of social exchange and social identity apply, as customers may feel the costs of continuing to do business with the company outweigh the benefits and may feel their identity as customers has been compromised, leading to feelings of vulnerability, betrayal, and loss of trust in the company.
A later module addresses cybersecurity policy through a social
science framework. At this point, attention can be drawn to one type
of policy, known as bug bounty policies. These policies pay
individuals for identifying vulnerabilities in a company’s cyber
infrastructure. To identify the vulnerabilities, ethical hackers are
invited to try explore the cyber infrastructure using their penetration
testing skills. The policies relate to economics in that they are based
on cost/benefits principles. Read this article
https://academic.oup.com/cybersecurity/article/7/1/tyab007/61684
53?login=true and write a summary reaction to the use of the policies
in your journal. Focus primarily on the literature review and the
discussion of the findings.
The authors provide a comprehensive literature review of previous studies on the topic and discuss their own findings based on a sample of 106 bug bounty programs. They argue that the use of bug bounty policies can be beneficial to organizations because it provides a financial incentive for ethical hackers to identify vulnerabilities and report them to the company, which can ultimately result in the strengthening of the company’s cybersecurity infrastructure. The article discusses the limitations of bug bounty policies, including the risk of allowing hackers in that mean harm and won’t report vulnerabilities. It gives a great explanation of bug bounties and related policies, finding that bug bounties are a great tool for companies of any size to use.
Andriy Slynchuk has described
eleven things Internet users do
that may be illegal. Review what
the author says and write a
paragraph describing the five
most serious violations and why
you think those offenses are
serious.
I believe the most serious offenses are distributing illegal drugs, hacking, sharing confidential information, cyberbullying, and pirating movies through torrent services. Distribution of drugs is illegal and even more so when the internet is involved, because you are looking at multiple charges and likely the involvement of the federal government. Hacking is also very illegal and can send you to federal prison, doing so will have law enforcement agencies involved with you arrest, not just the police. Sharing confidential information can seriously mess up a person’s life and get you faced with charges. Cyberbullying has become more and more illegal in recent years, it is not looked upon lightly and is immoral. Pirating movies can also get federal agencies involved and it takes money away from movie studios.
Watch
this video and think about how the career of digital forensics
investigators relate to the social sciences. Write a journal entry
describing what you think about the speaker’s pathway to his career.
The speaker shared that his curiosity about computers and technology led him to pursue a career in computer science, and he eventually became interested in the field of digital forensics. Throughout his career he was presented with unique opportunities and just fell into the career. I thought it was really awesome how he gets to do a combination of forensic and technological work. His work requires a deep understanding of digital systems and data analysis techniques, as well as critical thinking and problem-solving skills. The speaker’s role as a digital forensics investigator involves working closely with law enforcement and legal professionals, highlighting the important social and legal implications of his work. I think that I have similar interests as the speaker when he was getting into the field. I am incredibly interested in both technology and forensics.
Article 1 Review
The article, Exploring Fraudsters Strategies to Defraud Users on Online Employment Databases, reviews a study about internet-based employment fraud. It then tries to determine the fraudster’s linguistic characteristics and tactics. The article applies the social science theory of relativism. These criminals use fake job applications causing people to submit their personal information. This then leads to them getting financial assets or their identity stolen. The article practices objectivity by using unbiased studies to answer the research question. The writer attempts to achieve parsimony by using parentheses and i.e., to explain technical terms. They also give definitions and descriptions of Routine Activities and Social Learning Theory. They also rely on facts, data, and events that we know occurred in order to practice empiricism. The article does not dive into the ethics of the study, but I assume that as it studies cybercriminals it likely remains ethically neutral. The article explains how determinism happens in these cases by explaining how reinforcement leads criminals to learn and repeat criminal behavior.
The researchers applied for jobs in a variety of careers at a variety of times. The researcher used mixed methods analysis to gather data on the subject. They collected data on types of fraudulent attacks and linguistic cues used during the attack. The article uses archival research to support and explain the findings and research question. The researchers used Cyberspace field studies to collect data about the topic. They sent emails to the fraudsters and analyzed the responses for linguistic cues. The topic could be relevant to marginalized groups such as elderly people who do not have anyone to teach them what may or may not be a scam. This may be relevant to older people who are just trying to get a job to support themselves or anyone who doesn’t pick up on signs of fraud when applying for jobs. This article provides a service to society by offering the general public information on what phrases or linguistic cues a fraudulent employer might use to siphon information out of an applicant.
Cole, T. (2022). Exploring Fraudsters Strategies to Defraud Users on Online Employment Databases. View of exploring fraudsters strategies to defraud users on online employment databases. Retrieved February 13, 2023, from https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/90/28
Article 2 Review
The article, Forgetting personal data and revoking consent under the GDPR: Challenges and proposed solutions, reviews the General Data Protection Regulations founding under the European Union. The article discusses the challenges this organization faces, and the solutions proposed. More specifically, the authors focus on the challenges and solutions relating to implementation of the right to be forgotten and the right to revoke consent. The article explores the question of how the challenges of implementing the 2 rights under the GDPR can be solved. The principle of relativism can be applied to the passing of the GDPR itself. Misuse and collection of personal data lead to an area of concern for the European Union and the citizens. This led to the creation of the GDPR, which in turn brought concern for how the GDPR would implement the right to be forgotten and the right to revoke consent. Determinism applies to the article, because the GDPR and the debate for how to implement these 2 rights stems from big data companies collecting and misusing personal data. The article aims to provide a solution with objectivity by using other articles and quotes from an official legal document. However, it is impossible to maintain complete objectivity with an article of this nature, since some people may be believe that one solution is better than another, The article relates to concepts discussed about countries and their role in cybersecurity. The European Union represents many countries and with the GDBR is developing policies for data protection.
The authors did not use any specific research methods, as the article is a review of challenges, and ideas on how to solve them. The article breaks down, analyzes, and quotes the GDPR legal documents. The author also cites other articles to help form their proposal and argument. This article proposes solutions for the implementation of rights of the general consumer in the European Union. This can be crucial in the protection of data for everyone in the European Union. It could also be more impactful for groups such as the elderly or those less knowledgeable about how their data is being collected and used. The solutions posed in the article can not only greatly benefit those in the European Union but the entire world, as it offers a solution for everyone to experience privacy and data protection.
Politou, E., Alepis, E., & Patsakis, C. (2018). Forgetting personal data and revoking consent under the GDPR: Challenges and proposed solutions. Journal of Cybersecurity, 4(1). https://doi.org/10.1093/cybsec/tyy001
Career Professional Paper
Career Paper
Michael Lively-Scholz
Cybersecurity evolves every day and with that so do the careers. Being a freshman and
at the forefront of this evolution I am thrilled to see what the future holds. One of the careers I
find most interesting is Ethical Hacking or Penetration Testing. I have had a desire to work in the
ethical hacking field since middle school. I believe it is one of the more cliche fields in
cybersecurity however I find it incredibly interesting and intriguing. It is one of the more
competitive fields, however I take that as a challenge to strive for greatness, to be better than
any other penetration tester I’ll ever meet. The typical responsibilities of an ethical hacker are to
identify vulnerabilities before hackers can exploit them. Their main goal is to prevent
cyberattacks, to do this they must be able to identify with and get in the mind of a hacker or
cybercriminal. There are a variety of concepts and principles that are applied in this profession
every day. Social Science research and findings are incredibly important in this career field.
It is incredibly important for ethical hackers to understand social science and have an
overall understanding of human behavior. I realize due this application of social sciences why it
is so important for cyber security students to be interdisciplinary and not only have an
understanding of technology and technical skills but to be balanced and have a full grasp and
understanding of human behavior, psychological and criminological theories and social science.
Ethical hackers need to be inside the head of the enemy and realize their motivations and their
behavior. They should then use this knowledge and apply it to develop effective security
strategies and procedures. Once an individual understands these factors and how they are all
interconnected they can develop strategies that are more effective in preventing cyberattacks.
The principles of the social sciences are relevant in this field. Especially the principles of
determinism and relativism. Ethical hackers can use relativism to understand why hackers do
certain things or commit the crimes that they do. Relativism is the concept that all things are related. It is imperative that an ethical hacker realizes that and is constantly paying attention.
Things that criminals and hackers are almost always connected to something else, it just
requires a good ethical hacker, somewhat of a detective to see it and connect the dots. This
may help them realize that there are vulnerabilities they didn’t know about or a way they can
defend against outsider attacks.
It is also very crucial for an individual in this field to know the concept of determinism.
Determinism is the principle that states all behavior is caused or influenced by previous events
(Duvall 2023). The need for an ethical hacker in itself is a representation of determinism. Their
hiring is due to fear of an attack or a need for vulnerability testing. There wouldn’t be a fear or
need for this job if previous entities hadn’t been targeted by cybercriminals and exploited. The
professional can use determinism to realize why hackers do what they do and what previous
events motivated them. Hopefully, they can then use this information to formulate a plan to
protect and defend the entity they were hired to protect.
Ethical hackers and penetration testers have a huge responsibility; they have the role of
protecting groups they are hired by but also marginalized groups and society in general. They
use social science concepts, principles, and research to help them identify what makes hackers
tick and then apply that knowledge to their plan for combat or defense. These marginalized
groups are more at risk to exploitation than the rest of society due to lack of access to resources
or lack of knowledge. Groups such as elderly people do not have the “know how” or expertise to
protect themselves from threats. This is why ethical hackers are so important, because they are
trained in this field and can protect marginalized groups like this from cybercriminals that they
are not capable of facing. Facial recognition technology has recently presented a new problem
for marginalized groups that ethical hackers must resolve. Facial recognition technology has
lead to racial and gender biases in technology (Acar et al., 2014). Ethical hackers have
identified the flaws that lead to these biases and reported it to the companies that make the
software for review. Another marginalized group that has been greatly benefited and protected by ethical hackers is hospital and medical device patients. Ethical hackers identify vulnerabilities
in this technology before it is exploited or used to harm patients.
Ethical hackers do much more to protect society and marginalized groups than we
realize. Social science research and principles, such as determinism and relativity can greatly
help ethical hackers in their work.
References
Acar, G., Eubank, C., Englehart, S., Juarez, M., Narayanan, A., & Diaz, C. (2014). The
Web Never Forgets: Persistent Tracking Mechanisms in the Wild. CCS ’14: Proceedings of the
2014 ACM SIGSAC Conference on Computer and Communications Security.
https://doi.org/10.1145/2660267.2660347
DeVries, D. (2021). How ethical hackers help marginalized communities. Security
Magazine. Retrieved from https://www.securitymagazine.com/articles/94891-how-ethical-
hackers-help-marginalized-communities
Duvall, T. CYSE Module 2.