Article Review #1

Article 1 Review and Cyber Victimization in the Healthcare Industry

Introduction
The introduction of technology in healthcare has transformed patient health care but has also produced cyber risks. Researchers at UCIC wanted to see what motivates cyber attackers to attack healthcare data systems when it comes to attacking. The researchers at UCIC did their research through Routine Activities Theory (RAT) and Cyber-Routine Activities Theory (Cyber-RAT) Through the use of an RAT framework to find out the motives behind attacks in the healthcare sector of the cyberworld.

Social sciences and the data within the experiment
Throughout their experiments I mainly saw the principles of Objectivity and determinism. When it comes to objectivity these researchers witness what attackers do with determinism to help determine what truly motivates these actions against the healthcare system. The study conducted throughout this article was finding out the two different variables, the dependent variable in this study was the type of healthcare organization targeted in cyberattacks between 2018 and 2023. In order to identify the attackers’ motives and the techniques used to target healthcare organizations, a coding instrument was developed to categorize and analyze the relevant data systematically, through this the researchers were able to find the independent variable. The independent variables of this research were understanding the nature and characteristics of cybercriminals targeting the healthcare sector, providing insights into the strategic motivations and geopolitical factors influencing these attacks. The dependent variables were somewhat different, relating to what plays into the independent variable; these variables were addressed as high value data targets, critical care and patient services, government and regulatory bodies, and supply Chain and External Dependencies.

Conclusion
Through the research conducted UCIC was able to find out what sectors of healthcare are most targeted and there is still an issue with finding the motives but future research should dig deeper into the motivations behind non-disclosure, trial runs by attackers, and the strategies employed by state-sponsored actors to maintain anonymity. Many concepts that were talked about in class were mentioned in this article, many different ways of research were conducted through field studies and analyzing the research in order to find out which sectors were targeted most. Healthcare’s computers system hold information of all patients and if this data is messed with people can be put at risk, as mentioned in the article there were many instances where a cyber attack would occur in a hospital setting and put many peoples lives at risk. Those who require a lot of help from hospitals or are in the hospital are most at risk when it comes to these attacks and with more research hopefully this problem becomes less of a problem for the people of the world.

Praveen, K. (2024). Cyber victimization in the healthcare industry. Retrieved from https://vc.bridgew.edu/cgi/viewcontent.cgi?article=1186&context=ijcic

Article Review #2

Article 2 Review about Digital Human Rights in Jordanian Legislation and International Agreement
Introduction

With the rapid growth of technology in todays world there come many actions that can occur throughout cyberspace that should require consequences. Throughout this article though this paper primarily examines the digital rights of individuals within the framework of Jordanian legislation and international agreements. It analyzes the extent to which Jordan’s legal framework protects rights such as privacy, freedom of expression, and access to information in the digital world. The study highlights both correspondence and disagreements between Jordanian legislation and international agreements, offering insights into areas where national laws may need reform to better uphold digital human rights.

Principles Of Social Sciences
I can relate many different topics that we have discussed in class, the main principle I can relate to this article is Ethical neutrality and Determinism. I relate ethical neutrality to this the most because the Jordanian legislation primarily created these laws to make crimes committed on the internet punishable and bring justice to those who are attacked on the internet. I also can relate this article to determinism, because the Jordanian legislation was determined to try and put a stop to the issues that were caused through the internet, hence the reason they created laws.

Methods and data
This study primarily examines the digital rights of individuals within the framework of Jordanian legislation and international agreements. To achieve this, an interpretivist philosophy was chosen due to its exploratory nature, supported by an inductive approach. Additionally, a descriptive and analytical methodology was utilized, as it was best suited to the study’s objectives. This approach involves interpreting and extrapolating international agreements, followed by a comprehensive analysis after presenting a general overview. The analysis done was conducted through the legislation and consists of many legal documents created by the government to keep their citizens digital rights protected.

Concepts from class relations
Many different topics discussed in class can be related to this article, the main subject I would relate this to is the human factors and cybersecurity culture. The human factors that play into this are what people desire on the internet, legislation placed this laws into place to help combat the negative human factors of the cyber world, such as scamming, cyberbullying, and other attacks. The creation of these laws are made to help hold people accountable for their actions. I also relate this to the culture because of how the culture has shifted with such negativity laws such as these had to be implemented to prevent these issues.

Conclusion
As previously stated the cyber world has a vast amount of factors that play into it, both positive and negative. The groups of people who are targeted by these attacks on any individual that an attacker will see as vulnerable. The overall studies of this topic have helped build a legislation that keeps citizens on the internet feel more safe and protected with those who attack being punished.

Al-Kasassbeh, Fahad Yousef, et al. “Digital Human Rights in Jordanian Legislation and International Agreement.” View of Digital Human Rights in Jordanian Legislation and International Agreement, 2024, cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/318/97. Accessed 01 Apr. 2025.

Career paper

Career paper on Incident Response
Introduction
After going through the NICCS NICE framework I found that incident response would be a career that interests me the most. This job consists of performing cyber defense trend analysis and reporting, employing approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness), coordinating incident response functions, determining the operational and safety impacts of cybersecurity lapses, and to identifying anomalous network activity.[1] Finding a tech company that is in need of someone for this position I feel that I would enjoy this job as well as learn new things about cyber security.

Relation To Social Sciences
There are many different aspects of social science that relate to being an incident responder, the three main principles that I relate to this job are skepticism, determinism, and relativism. I first relate this to skepticism because you have to be skeptical of what caused the incident and how to fix it. The aspect if being skeptical can help you understand the issues as a whole rather than assuming only one reason behind the incident at hand. However, I feel that determinism is the main principle when it comes to being an incident responder. Determining what factors caused this issue allow you understand the issue more. As shown in source 2, incident responders usually follow a chart that has factors of preparation, learned lessons, and the last step of incident report (Figure 1). The factors of incident report consist of detect, respond and recover. These are all determining factors of incidents, which can be related to determinism. When applying these factors of the issue you can get a better understanding of how to resolve it. Lastly, relativism is important when being a incident responder, this is because relating how a system functions to the system with the issue you can break down where the issue has occurred and be able to solve it.

Figure 1- Incident response chart shown by source 2
Social Science research
When doing social science research on an incident responders job I decided to apply Calrey’s seven aspects of social cyber security to the topic. [3] To begin I can relate mitigation is an important factor of research that can be applied to being an incident responder. First you need to understand how a social cybersecurity attack be countered or mitigated. Then apply yourself to understand how communities can become more resilient to attacks. Depending on where you work it varies the communities you are protecting, for example if you are an incident responder at microsoft you are there to protect the data and fix incidents that occur within microsoft. However, this job can also be spread around to multiple communities and help benefit society as a whole. I can also relate information maneuvers to being an incident responder. The best way to utilize this research strategy is to understand the methods used to conduct an attack and the intent of those strategies. This is mainly the key factor of the job but applying the research into the incident to fully break down what the issue is.
Conclusion
An incident responder is a job that I would very much be interested in within the cybersecurity field of work, this job requires dedication to protecting users data and fixing a problem when it occurs. You have to be fast and apply yourself, somewhat of a challenge I would be willing to put myself through. Applying research and principles we learned in class would definitely help the process of the job and help me to get a better understanding.

NICCS. “Nice Workforce Framework for Cybersecurity (NICE Framework).” National Initiative for Cybersecurity Careers and Studies, 2020, niccs.cisa.gov/workforce-development/nice-framework. Accessed 17 Apr. 2025.
Computer Security Division, Information Technology Laboratory. “Incident Response: CSRC.” CSRC, 2022, csrc.nist.gov/projects/incident-response . Accessed 17 Apr. 2025.
http://casos.cs.cmu.edu/projects/projects/social_cyber_security/Carley%20et%20al%20Social%Carley, Kathleen M., et al. “Social Cyber-Security – Casos.” Social Cyber-Security, 2021, www.casos.cs.cmu.edu/projects/projects/social_cyber_security/Carley et al Social Cyber Security.pdf. Accessed 18 Apr. 2025.