Click on where you need to be directed to.
Journal Entry #1
Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas would appeal the most to you and which would appeal the least.
When reviewing the NICE Workforce Framework, I found several areas that align with my career interests and goals. While each area plays a crucial role in the cybersecurity field, some appeal more to me than others.
One of the areas that particularly appeals to me is “Incident Response and Analysis” within the “Protect and Defend” category. I am drawn to this area because it involves investigating security incidents, analyzing threats, and developing strategies to mitigate risks. I enjoy problem-solving and believe that working in incident response would allow me to use my analytical skills effectively.
Another area of interest to me is “Security Administration” in the “Operate and Maintain” category. I appreciate the importance of maintaining secure systems and networks. This role involves configuring security settings, monitoring for vulnerabilities, and ensuring that security protocols are up to date. I believe that a career in security administration would allow me to contribute to the ongoing security of an organization.
On the other hand, there are areas within the framework that appeal to me less. For example, “Software Development” within the “Securely Provision” category is an area I’m less inclined towards. While I understand the significance of secure software development, I find myself more interested in the operational and defensive aspects of cybersecurity rather than the development process.
Last, my review of the NICE Workforce Framework has helped me identify areas that align with my career interests, such as Incident Response and Security Administration. However, it has also highlighted areas that I am less enthusiastic about, such as Software Development. Ultimately, I plan to focus my career on roles that allow me to leverage my analytical and operational skills to protect and defend against cyber threats.
September 9, 2023, 5:00 PM EST
Journal Entry #2
Explain how the principles of science relate to cybersecurity.
Science concepts are critical to understanding and progressing in the realm of cybersecurity. Science is the foundation upon which we develop our cybersecurity plans, defenses, and reactions to the ever-changing world of cyber threats.
First and foremost, the scientific method is a crucial tool in cybersecurity. It encourages a systematic approach to problem-solving and threat analysis. For instance, when a security incident occurs, cybersecurity professionals apply the scientific method to gather data, form hypotheses about the attack, conduct experiments to validate those hypotheses, and draw conclusions. This methodical approach helps in understanding the nature of the attack and devising effective countermeasures.
Furthermore, mathematical, and cryptographic principles are inextricably linked to cybersecurity. To develop secure communication channels and preserve data, cryptography, in particular, depends on mathematical concepts. Understanding mathematical principles like as prime numbers and encryption methods is critical for building safe systems and maintaining sensitive information’s secrecy and integrity.
Also, the field of cybersecurity heavily relies on data science and machine learning. Data analysis is used to identify patterns and anomalies in network traffic, which can be indicative of potential security breaches. Machine learning algorithms are employed to develop predictive models that can detect and respond to threats in real-time. These scientific approaches enable us to proactively defend against cyberattacks and minimize the impact of security incidents.
September 9, 2023, 5:00 PM EST
Journal Entry #3
Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches? Enter a paragraph in your journal.
I had a chance to explore PrivacyRights.org today, and it’s quite a fascinating resource for those interested in studying data breaches. This platform provides a wealth of publicly available data breach reports, offering key details such as the affected organizations, when the breach occurred, how many records were exposed, and the types of data that got compromised. It’s like a treasure trove for researchers delving into the realm of data breaches. With all this data at their fingertips, researchers can embark on various investigations. They can track trends and patterns in breach incidents over time, pinpoint those common vulnerabilities that consistently lead to breaches, and even identify which industries or sectors tend to be more vulnerable. What’s particularly useful is PrivacyRights.org’s regional breakdown of breaches, which can help researchers gain insights into regional cybersecurity disparities and potentially influence future security policies. To put it simply, PrivacyRights.org serves as an invaluable starting point for researchers looking to comprehend the ever-evolving landscape of data breaches and make contributions to enhancing data security practices.
September 11, 2023, 5:00 PM EST
Journal Entry #4
Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need.
Maslow’s Hierarchy of Needs, a foundational psychological theory, comprises five levels of human needs, each building upon the previous one. My experiences with technology resonate with this hierarchy in numerous ways. At the base, technology aids in fulfilling physiological needs through platforms like online grocery shopping, ensuring access to essential food and supplies. Additionally, it addresses safety needs through home security systems, financial apps, and telemedicine services, providing security, financial stability, and health support.
Moving up the hierarchy, technology enhances social connectivity, catering to love and belongingness, through social media and instant messaging platforms that foster friendships and maintain familial bonds. It also supports self-esteem by offering opportunities for skill development, self-expression, and recognition through online learning, social networks, and personal websites. Finally, technology aids in self-actualization by providing tools for personal growth and skill enhancement, allowing individuals to realize their full potential. In summary, technology has become integral to meeting these human needs, but balance remains crucial to ensure its positive impact on our overall well-being.
September 18, 2023, 5:00 PM EST
Journal Entry #5
Review the articles linked with each individual motive in the presentation page or Slide #3. Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7). Explain why you rank each motive the way you rank it.
I’ve taken a look at the articles associated with each motive and have ranked them from 1 to 7 based on what I believe makes the most sense to the least sense, and I’ll explain my reasons for each ranking.
For Money #1: This motive often makes the most sense as cybercriminals may be driven by financial gain, as demonstrated in the article about how cybercriminals spend their money. Money is a strong motivator for many illegal activities, including cybercrime.
Revenge #2: Revenge is a powerful motive, as seen in the article about revenge porn victims feeling let down by the law. Personal grievances can lead individuals to engage in cybercrimes to seek retribution.
Recognition #3: Seeking recognition or notoriety in the hacking community can be a motivating factor, as indicated in the article about Bradley Niblock’s election DDoS attack. Some hackers are driven by a desire for attention and recognition.
Political #4: Political motives can make sense, especially in hacktivism cases. The article about the new generation of youthful hackers joining hacktivism waves illustrates how political ideologies can drive cyberattacks.
Entertainment #5: Although less common, hacking for entertainment purposes can occur, as shown in the article about the man behind LinkedIn scraping. Some individuals may engage in cyber activities for fun or curiosity.
Boredom #6: While boredom can lead to cyberbullying and online sexual grooming, it’s often not the primary motive for engaging in cybercrimes. Boredom might be a contributing factor but is usually not the sole driver.
Multiple Reasons #7: This motive ranks the lowest because it encompasses a wide range of motivations, making it less specific. The article about what drives hackers to a life of cybercrime highlights that hackers may have a combination of motives, making it harder to categorize them into a single motive.
September 25, 2023, 5:00 PM EST
Journal Entry #6
Can you spot three fake websites and compare the three fake websites to three real websites, plus showcase what makes the fake websites fake?
Fake Website: https://www.morrity.com
Real Website: https://www.ebay.com
Fake Website: morrity.com vs. Real Website: ebay.com:
The first thing that caught my eye was the domain name morrity.com just doesn’t ring a bell like ebay.com does. Then, there’s the website design – morrity.com looks a bit amateurish compared to the sleek and professional design of eBay. Also, those too-good-to-be-true deals on morrity.com raise some eyebrows. Real websites don’t usually offer such unbelievable discounts. Contact information is crucial, but morrity.com doesn’t make it easy to get in touch.
Fake Website: https://piloltd.com
Real Website: https://us.shein.com
Fake Website: piloltd.com vs. Real Website: us.shein.com:
The domain name piloltd.com also seems somewhat obscure, while us.shein.com carries the name of a recognized brand. The design of piloltd.com appears less refined, and the product descriptions and images seem generic, a common red flag for fake sites. We need to be cautious when they ask for unconventional payment methods. Also, the lack of genuine customer reviews on the fake site, as opposed to Shein’s authentic feedback, is another concern.
Fake Website: https://hardaddy.com
Real Website: https://www.hollisterco.com
Fake Website: hardaddy.com vs. Real Website: hollisterco.com:
Firstly, hardaddy.com doesn’t seem remotely related to Hollister, and its website design falls far short of the professional appearance we typically associate with Hollister. To ensure a secure shopping experience, a thorough examination of shipping and return policies is imperative, as fake websites often omit these crucial details. hollisterco.com, on the other hand, offers comprehensive shipping and return policies that provide peace of mind. Finally, it’s worth noting that the quality of product images and the clarity of navigation shortcuts on hardaddy.com seem subpar, which can be a sign of a less reliable website.
October 13, 2023, 5:00 PM EST
Journal Entry #7
Review the following ten photos through a cybersecurity human systems integration framework. Create a meme explaining what is going on in the individual’s or individuals’ mind(s).
https://unsplash.com/photos/mfB1B1s4sMc
https://unsplash.com/photos/gySMaocSdqs
https://unsplash.com/photos/ICTKcvnXx_8
https://unsplash.com/photos/Z3ownETsdNQ
https://unsplash.com/photos/5QgIuuBxKwM
https://unsplash.com/photos/R6dSBkz32B8
https://unsplash.com/photos/BXiLSwwvqrY
https://commons.wikimedia.org/wiki/File:Computer_user_icon.svg
https://commons.wikimedia.org/wiki/File:Summer_school_GLAM_giorno_1_1.jpg
https://commons.wikimedia.org/wiki/File:CellPhone_(16491636068).jpg
Explain how your memes relate to Human Systems Integration.
The meme I created, titled “When your poker face game is strong but your password isn’t” directly connects to Human Systems Integration (HSI). It humorously underscores the necessity of harmonizing user behavior with system requirements. This serves as a reminder of the crucial aspects of system design, such as user-friendliness, user education on security measures, and the provision of support for strong password creation. This connection highlights the paramount importance of considering the human element in system design.
October 15, 2023, 5:00 PM EST
Journal Entry #8
After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity
“How do I think the media influences our understanding about cybersecurity“
After watching the video it got me thinking about how the media influences our understanding of cybersecurity. It’s pretty wild how Hollywood portrays hackers and cybersecurity in such a sensational way, and I have a lot to say about it.
In these movies and TV shows, hackers are often depicted as genius individuals who can hack into anything with a few keystrokes. They make it look so cool, but in reality, hacking is way more complex, and it’s not something we should glamorize. Hacking can have serious legal consequences, and it’s usually not as flashy as the movies make it out to be.
What struck me is how cybersecurity professionals are portrayed as heroes who swoop in to save the day. While they do play a crucial role in protecting systems and data, their work is often about prevention and mitigation rather than dramatic resolutions. It’s essential to understand that cybersecurity isn’t all about fancy gadgets and dramatic moments.
Also, the media’s portrayal of technology can lead us to believe that hacking is easier than it really is, and that computer systems are more vulnerable than they are. This can inadvertently encourage people with bad intentions to experiment with hacking techniques, which is risky and potentially harmful.
To sum it up, the media has a big impact on how we see cybersecurity. It’s fun to watch these movies and shows, but we have to remember they don’t show the full picture. Real cybersecurity is more intricate and less glamorous. As viewers, we need to be critical and try to learn the real story behind hacking and cybersecurity.
It’s crucial for us to educate ourselves about the challenges of cybersecurity, the ethical concerns of hacking, and the hard work that cybersecurity professionals put in to protect our digital world. By doing that, we can develop a more accurate understanding of cybersecurity and separate fact from fiction in the media.
October 16, 2023, 5:00 PM EST
Journal Entry #9
Complete the Social Media Disorder scale. How did you score? What do you think about the items in the scale? Why do you think that different patterns are found across the world?
I scored 1.0 on the Social Media Disorder Scale, which is below the threshold for a formal diagnosis of disordered social media use.
I found the items in the scale to be a useful way to evaluate my own social media usage patterns. They cover various aspects of social media use, such as preoccupation, tolerance, withdrawal, and more. This assessment helped me gain insights into my online behavior and its potential impact on my life.
Different patterns of social media use exist around the world due to a variety of factors, including cultural norms, awareness of online risks, the presence of educational initiatives, government regulations, economic factors, and varying access to technology. In my own case, my social media usage patterns may be influenced by my cultural background, my level of awareness about online security, and my individual preferences and habits.
October 23, 2023, 5:00 PM EST
Journal Entry #10
Read this and write a journal entry summarizing your response to the article on social cybersecurity
Today, I delved into an insightful article about social cybersecurity, a rapidly emerging field that’s reshaping national security. It focuses on understanding and predicting how cyber activities can influence human behavior, culture, politics, and society, with profound strategic consequences. In this digital age, technology enables both state and nonstate actors to manipulate global beliefs and ideas at an unprecedented pace, effectively changing the dynamics of warfare.
Information warfare, once seen as part of hybrid warfare, is now becoming a primary form of conflict on its own. It involves using information to both bolster one’s narrative and undermine the values and institutions of rival states and organizations. The article emphasizes that by eroding trust in national institutions and values, an actor can gain a strategic advantage even before the war is officially declared.
Social cybersecurity is an interdisciplinary field, combining political science, sociology, communication science, psychology, and linguistics, to analyze how information operations can impact societies. It uses advanced tools such as network analysis and machine learning to understand and influence human behavior at various levels, from individuals to entire communities.
The article stresses the importance of the Department of Defense and military leaders comprehending social cybersecurity and its ramifications. The idea that wars may already be underway, without formal declarations, underscores the urgency of adapting to this rapidly evolving landscape. Russia plays a prominent role in this context, employing information warfare as a strategic tool. Drawing from Soviet-era propaganda tactics, Russian information operations seek to divide and weaken opposing entities while using disinformation. What’s new today is the extensive reach and impact that technology allows, making these tactics more potent than ever.
Last, this article has broadened my understanding of the evolving landscape of information warfare and its strategic implications. It reaffirms the notion that in our interconnected world, the battlefield extends beyond traditional military domains, encompassing the digital and social realms, where understanding and influencing human behavior are paramount. This emerging discipline deserves close attention and proactive measures to safeguard national security and values in a rapidly changing cyber-mediated information environment.
October 29, 2023, 5:00 PM EST
Journal Entry #11
Watch this video as you watch the video, think about how the description of the cybersecurity analyst job relates to social behaviors. Write a paragraph describing social themes that arise in the presentation.
In the presentation, several social themes related to the field of cybersecurity are brought to light. One prevalent theme is the notion of accessibility and inclusivity in the tech industry, as the speaker discusses the potential for individuals, regardless of their background or prior experience, to enter the cybersecurity field. This underlines the industry’s commitment to welcoming newcomers and diversifying its talent pool. Moreover, the presentation touches on the importance of networking and community engagement, shedding light on the significance of building professional relationships and fostering a sense of belonging within the cybersecurity community. Additionally, the discussion on salaries and cost of living in various cities highlights the socioeconomic disparities across different regions and their impact on career choices. These themes collectively underscore the dynamic and evolving nature of the cybersecurity field, promoting an inclusive, networked, and opportunity-driven landscape for aspiring professionals.
October 30, 2023, 5:00 PM EST
Journal Entry #12
Read this https://dojmt.gov/wp-content/uploads/Glasswasherparts.com_.pdfLinks to an external site. sample breach letter “SAMPLE DATA BREACH NOTIFICATION” and describe how two different economics theories and two different social sciences theories relate to the letter.
Economic Theories:
Game Theory:
One way to look at this situation is through the lens of game theory. The company’s response and the delay in notifying customers could be seen as strategic moves in response to the breach. It’s like a strategic game between the company and the attackers, with both sides making calculated decisions to achieve their goals.
Information Asymmetry:
This concept from economics is very relevant here. There’s a clear information imbalance between the company and its customers. The company had information about the breach but kept it from the customers initially, and this information imbalance affected customers’ ability to protect themselves. In economics, this situation highlights how information asymmetry can lead to market inefficiencies and less-than-ideal outcomes.
Social Sciences Theories:
Social Contract Theory:
The breach notification letter highlights the concept of the social contract between a company and its customers. According to social contract theory, the company has an obligation to protect the personal information of its customers. When a breach like this occurs, it’s akin to a breach of that social contract, potentially leading to a breakdown of trust between the company and its customers.
Social Identity Theory:
Social identity theory helps us understand how individuals derive their sense of self from group memberships. In this case, customers’ personal information has been exposed, potentially affecting their social identity as consumers. The breach can lead to feelings of vulnerability and mistrust, impacting the relationship between customers and the company. From a social identity perspective, we can better comprehend the emotional and psychological repercussions of data breaches on individuals and how it can influence their behavior and perceptions.
These economic and social sciences theories provide valuable insights into the data breach notification letter. They help us understand the strategic, ethical, and psychological dimensions of data breaches and how they impact both businesses and individuals.
November 06, 2023, 5:00 PM EST
Journal Entry #13
A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company’s cyber infrastructure. To identify the vulnerabilities, ethical hackers are invited to try to explore the cyberinfrastructure using their penetration testing skills. The policies relate to economics in that they are based on cost/benefits principles. Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true to an external site. and write a summary reaction to the use of the policies in your journal. Focus primarily on the literature review and the discussion of the findings.
The article delves into the world of bug bounty policies, shedding light on their role in cybersecurity. It’s a valuable piece of research, considering the growing importance of these policies.
The literature review underscores the merits of bug bounty programs. They offer an effective way to spot vulnerabilities that might otherwise go unnoticed, thanks to the wisdom of the crowd. Additionally, they level the playing field, making cybersecurity accessible even to smaller companies without deep pockets.
The findings are equally enlightening. They reveal that hackers are not primarily motivated by money, which means that even companies with limited resources can benefit from bug bounty programs. The size and reputation of a company don’t significantly affect the success of these programs, making them inclusive.
One interesting discovery is that finance, retail, and healthcare companies receive fewer reports. This warrants further investigation. The article also points out that new bug bounty programs don’t seem to harm existing ones, which is good news for the sustainability of this approach.
In summary, this research provides practical insights for organizations looking to enhance their cybersecurity. It aligns with the growing recognition of bug bounty programs as a cost-effective and inclusive tool to protect digital assets. This article is a valuable contribution to understanding bug bounty programs and their evolving role in cybersecurity.
November 06, 2023, 5:00 PM EST
Journal Entry #14
Andriy Slynchuk has described eleven things Internet users do that may be illegal. Review what the author says and write a paragraph describing the five most serious violations and why you think those offenses are serious.
In reviewing Andriy Slynchuk’s insights, it’s clear that five online offenses stand out as particularly serious. Firstly, the use of unofficial streaming services is highlighted, emphasizing the infringement on copyright and the potential risks to personal data. Engaging in these services not only violates intellectual property rights but also raises concerns about user privacy. Another significant violation involves the use of torrent services to access pirated content, deemed unfair to creators and explicitly illegal. This act undermines the fundamental principles of copyright protection, resulting in financial losses for content producers. Additionally, the article underscores the severity of using copyrighted images without permission, emphasizing the importance of respecting the rights of photographers and creators. The issue of cyberbullying and trolling is also addressed, with a focus on the potential escalation to criminal charges and jail time, highlighting the serious consequences of such behavior. Finally, the illegal recording of VoIP calls without consent is emphasized as a breach of privacy, stressing the need for permission before recording any form of online communication. These violations are deemed serious due to their potential to cause harm, either by infringing on legal rights, compromising personal privacy, or contributing to a hostile online environment.
November 13, 2023, 5:00 PM EST
Journal Entry #15
Watch this video and think about how the career of digital forensics investigators relate to the social sciences. Write a journal entry describing what you think about the speaker’s pathway to his career.
After watching Davin Teo’s TEDx talk on digital forensics, I find myself intrigued by the dynamic career he shares. His journey, transitioning from accounting to the evolving field of digital forensics, resonates with my own interest in technology.
Teo’s narrative goes beyond the stereotypical image of forensic investigators in lab coats. Instead, he paints a picture of late-night covert operations, using advanced tools to collect and analyze electronic evidence. The real-world case study involving an internal torrent site within a tech company’s IT department adds a sociological dimension to the technical work.
What stands out is the societal impact of Teo’s work, dealing with cases like anonymous threats and high-stakes fraud investigations. Uncovering vital information from seemingly ordinary sources, such as mobile device emails, showcases the depth of expertise required in this field.
In conclusion, Davin Teo’s talk has provided me with valuable insights into the captivating and impactful world of digital forensics. His personal journey, the evolving technology landscape, and the social implications of his work make this profession both intriguing and relevant.
November 29, 2023, 5:00 PM EST