1/17/24 Journal Entry – Career Aspirations

Certain career areas that interest me the most are digital forensics, vulnerability management, and systems administration roles. Each of these jobs involves hands-on operations and each day isn’t the same. These roles operate mostly case by case and focus on the problem at hand before moving onto the next. Less ideal career roles would be the legal side of cybersecurity and customer service IT positions. I feel that these jobs would become mundane and I operate best in a fast-paced environment. When it comes to selecting a field to specialize in, I’m looking for one that will keep me actively engaged in problem solving and searching for a solution.

1/24/24 Journal Entry – Principles of Science

The principles of science are applicable to almost any area of study because they can help guide you through difficult decision making and challenges. When it comes to cybersecurity, they play a pivotal role in effectively protecting against cyber-threats. Consulting and applying the principles of science to cybersecurity can result in a better understanding of threats, prioritization of simplicity, and adherence to ethical standards. Having a deeper understanding of the threat you are dealing with and comprehension of your action plan can create a better execution and therefore a better result. Integrating these principles ensures a systematic, evidence-based, and ethically sound approach to cybersecurity, bolstering the resilience of digital systems and information.

1/31/24 Journal Entry – Data Breach Research

Privacyrights.org as a resource is invaluable in that it exists to educate and inform people about the current state of data breaches. Knowledge is power and having knowledge about where the threats are and how to protect yourself can do a lot to prevent an attack on your data. Privacyrights.org contains information by state such as what counts as personally identifiable information and whether it’s protected by law or not. This information can assist in data breach research with certain hotspots for breach activity and what the laws are in that particular hotspot. It’s important to consider the legal factors when it comes to data breaches and security.

2/7/24 Journal Entry – Maslow’s Hierarchy of Needs

Maslow’s Hierarchy of Needs is applicable to our everyday digital experiences. Specifically, self actualization, esteem needs, belongingness, love needs, safety needs, and physiological needs. Self actualization and esteem needs are easily met by technology, especially with how vital it is to the business world. Using technology as a tool to excel in your profession or accomplish a project you’ve been working on, it’s difficult to do either without technology. Physiological and safety needs can be met by certain applications and IoT devices. For example, Doordash, home security systems, Google Nest home thermostats, etc. Belongingness can be satisfied by the internet’s ability to connect people virtually. While this can be difficult to transfer to the real world, through social media and networking apps, it’s easy to find and connect with people who have similar interests to you.

2/14/24 Journal Entry – Individual Motives for Cyber Offending

There are several recognized motives for cyber offending, some of them being recognition, political, money, revenge, entertainment, boredom, or multiple reasons. It’s possible to rank these motives from most to least sensible. Entertainment and boredom start as the least sensible. Considering the consequences of cyber offending, it’s practically unthinkable that you would take malicious action because you have nothing better to do. Revenge and Recognition are the next more sensible motives. Both of these motives have to do with passion and human emotion, whether it be for ego or repercussions. Politics and Money as motives both have very real and applicable implications. Changes in either department can change the course of a cyber-offenders life for better or for worse. Lastly, the most sensible reason for cyber offending is multiple reasons. Having more than just one motive can easily persuade someone to take malicious action.

2/21/24 Journal Entry – Spotting Fake Websites

There are a few simple ways to tell a fake website from a real one. First of all we can look at the domain name. Are there misspellings such as extra letters in the name or different capitalizations? Another good way to tell if your website is the real one is if it’s https or has a padlock symbol in the search bar. This means your site is secure. The last telltale sign that your site is fake is looking at the page itself. Is it poorly designed with misspellings? If there are any suspicions that the site you are using is fake you should exit out of it without clicking anything else.

2/28/24 Journal Entry – Human-centered Cybersecurity

When looking at the top two memes, they’re referring to human error and protecting against it. Human-centered cybersecurity takes into account human error and puts infrastructure into place to prevent disaster from striking. Using unsecured public wifi and sharing sensitive company information online are just two examples of human error but many more exist. The last meme refers to having systems in place to support humans and to support company operations. Secure collaboration software is just one example, others might include timesheet systems, data storage, and messaging. Putting humans and productivity at the center of cybersecurity allows for a more comprehensive and secure system.

3/13/24 Journal Entry – Media Influence

Those who aren’t educated about cybersecurity and don’t know common digital practices are more easily influenced by media depictions. Media can often dramatize or exaggerate cybersecurity and use false jargon when referring to these occurrences. A false narrative of cybersecurity is extremely common especially in fictional movies and tv shows. These false narratives are unhelpful and create even more confusion about the subject. It’s important when portraying cybersecurity or technical practices to be accurate so as not to mislead the audience. By being accurate with technical practices and jargon we can limit the public confusion and maintain a basic understanding of cybersecurity.

3/20/24 Journal Entry – Social Media Disorder Scale

On the social media disorder scale I answered yes to 3 out of 9 questions. I think the disorder scale is a very useful tool for identifying one’s reliance and addiction to social media. Each question specifically addresses an area of concern when it comes to social media. Preoccupation Tolerance, Withdrawal, Persistence, Displacement, Problems, Deception, Escape, and Conflict. Different patterns and data trends of the SMD scale can be found around the world because of different culture’s relationships to social media. Some countries are more reliant on technology and social media and use it for work and everyday communication, whereas in other countries, especially less developed countries, technology is scarce and uncommonly used.

3/27/24 Journal Entry – Social Cybersecurity Article Response

The article provides a compelling analysis of the evolving landscape of social cybersecurity, emphasizing its critical role in contemporary national security. It highlights the shift towards information warfare as a primary means of conflict and outlines the tactics employed, particularly by actors like Russia. With technology enabling decentralized information flows and the rise of bots as force multipliers, understanding social-cyber maneuvering becomes paramount. The article underscores the need for multidisciplinary approaches, policy development, and education to effectively mitigate social cyber-threats. It’s a stark reminder of the intricate challenges posed by the modern information environment and the imperative of proactive defense strategies.

3/27/24 Journal Entry – Cybersecurity Analysts

Today’s dive into the description of a cybersecurity analyst’s role illuminated intriguing connections between cybersecurity and social behaviors. The analyst’s task extends beyond mere technical proficiency, encompassing a deep understanding of human behavior in the cyber realm. As the article elucidated, cyber threats often exploit social vulnerabilities, manipulating beliefs, and sowing discord. Themes of trust, manipulation, and influence emerge prominently, mirroring broader societal dynamics. Moreover, the discussion on bots as force multipliers underscores the complex interplay between human actors and automated systems, highlighting the need for analysts to navigate the nuances of online interactions. In essence, the job of a cybersecurity analyst intersects with the intricate fabric of human society, necessitating a holistic approach that considers both technological and social dimensions.

4/3/24 Journal Entry – Data Breach Notifications

The breach notification letter from Glasswasherparts.com illustrates concepts from economics and social sciences. In terms of economics, the incident highlights aspects of adverse selection theory, as customers who provided payment card information faced unforeseen risks due to information asymmetry between them and the company. Additionally, the letter’s emphasis on the potential for identity theft invokes behavioral economics principles, as it seeks to prompt customers to take immediate action to protect themselves against potential fraud, addressing cognitive biases such as loss aversion and present bias. From social sciences perspectives, the notification reflects aspects of social identity theory, as it acknowledges the breach’s impact on customers’ sense of security and personal identity. Moreover, the delay in notifying customers aligns with concepts of power dynamics and trust within social institutions, raising questions about transparency and accountability in organizational responses to data breaches.

4/3/24 Journal Entry – Bug Bounties

In my journal, I’ve reflected on the article discussing bug bounty policies from a social science framework. The literature review effectively contextualizes bug bounty programs within the broader cybersecurity landscape, highlighting their emergence as a response to the increasing complexity of cyber threats. It discusses various perspectives on bug bounty programs, ranging from their potential benefits in incentivizing vulnerability disclosure to concerns about ethical implications and effectiveness. The discussion of findings delves into the intricacies of bug bounty programs, exploring factors that influence their success, such as payout structure, communication strategies, and organizational culture. Overall, the article provides valuable insights into the dynamics of bug bounty policies, shedding light on their role in shaping cybersecurity practices and fostering collaboration between ethical hackers and organizations.

4/10/24 Journal Entry – Unknown Illegal Actions

Out of the eleven listed illegal actions, five stuck out to me as more serious offenses. Sharing others personal information, bullying, faking your identity, illegal searches on the internet, and collecting information about people younger than 13. Sharing others personal information and bullying are both dangerous for the same reason which is causing harm to others. Having personal information public makes you vulnerable to stalkers and hackers, and bullying can cause mental and emotional damage to the victim. Faking your identity and illegal searches on the internet both suggest you may be intending to do harm, for example online stalking under a fake name or searching for means to commit a crime. Lastly collecting information about minors is dangerous because it suggests you intend to use the collected information or do harm to the minor, they should be protected.

4/21/24 Journal Entry – Digital Forensics Investigators

After watching the video, I reflected on how the career of digital forensics investigators intersects with the social sciences. The speaker’s pathway to his career showcased a blend of technical expertise and interpersonal skills, emphasizing the importance of understanding human behavior in cyber investigations. His journey highlighted the multidisciplinary nature of digital forensics, where knowledge of psychology, sociology, and criminology is essential to interpret digital evidence accurately. The speaker’s emphasis on empathy and communication resonated, underscoring the social dimensions of investigating cybercrimes and the need to navigate complex human dynamics within digital landscapes.