Journel Entries

Week 3 – Journal Entry 3

Researchers studying patterns of cybersecurity incidents across industries and geographic regions will find the Data Breach Chronology provided by Privacy Rights Clearinghouse greatly useful. In addition, researchers are able to look at trends of breach methods, affected sectors, and discrepancies in reporting with the interactive visualizations and datasets. Knowing which sectors are most at risk—for example, health care (MED) or financial services (BSF)—aids in the design of proper security measures. Moreover, the breach-reporting discrepancies across states underscore the gaps in transparency and regulatory enforcement. Researchers can also analyze the breach frequency and breach severity over time to examine the effectiveness of legislation like California’s 2002 data breach law. With this data, cybersecurity professionals, policymakers, and academics can build better prevention and response measures to minimize future breaches.

Week 4 – Journal Entry 4

After reviewing Maslow’s hierarchy of needs I found myself highly agreeing with the concept regarding multiple areas in my life. I started to compare and contrast the theory throughout my life and the life of others and generally speaking it seems this theory holds some truth to it in my opinion. Technology can also be applied to this theory in my own life, we can start with the physiological need which to me is my Iphone and Macbook being physically well and present, the hardware is not broken or damaged and the battery is at an adequate level. Next on the pyramid is the safety needs, Apple for the most part makes it so the user does not have to worry about anti-virus protocols so that wouldn’t apply for me. For me safety needs is making sure my Iphone has a phone case and my laptop is not in harm’s way. Third on the list is belongingness and love needs, the most important part of this level to me would be the contact I get with my close family and friends through text and calls. After that It would be more trivial applications like instagram, tiktok, etc. Second to the top is esteem needs, these needs consist of applying myself academically so that would mean canvas, outlook, and any other academic site. At the very top is self-actualization, self actualization would be me doing research (eg: youtube) on certain skills and how to develop them further. Learning a new language(duo lingo) is another good example.

Week 5 – Journal Entry 5

Cybercriminals much like regular criminals don’t usually always fit into the same box. Intent can vary from the same crime simply by being pleasurable or entertaining to it being a politically backed message to the world. The seven individual motives for a cybercrime are as follows: entertainment, political, revenge, boredom, recognition, monetary gain, and a multitude of reasons. I believe the most impactful reason is monetary gain, the drive for money will always be a highly influential factor, it is the reason most individuals go through school. Second on the list is a multitude of reasons, criminals will often get into the lifestyle for monetary gain and a way out of poverty but soon find themselves committing crimes outside of that reason. Third is political, one of the most famous cybercriminals, Snowden, committed his infamous crimes backed by his own personal belief and convictions, he is most likely a hero to himself. Fourth is entertainment, fifth is for recognition, sixth is revenge. The least impactful factor in my opinion is boredom, a very select number of individuals have the technical skills and mental aptitude to understand and execute the cybercrimes that take place, especially with all the security systems we have in place today, of that number a very few are so bored that they commit felonies.

Week 6 – Journal Entry 6

Spotting Fake Websites
The internet is full of fake websites designed to trick people into giving away personal
information, money, or account details. Knowing how to spot a fake website can help protect
against scams and identity theft. Here are three examples of fake websites compared to their real
counterparts, along with key signs that make them suspicious.


1. Fake PayPal Website
Fake URL: paypa1.com
Real URL: paypal.com


One of the easiest ways to recognize a fake site is by looking at the URL. In this case, the fake
PayPal site replaces the letter “l” with the number “1,” which makes it look similar at first
glance. Another red flag is the lack of HTTPS. A secure website should always start with https://,
and most browsers will display a padlock icon next to the URL. Fake websites may also have
poor design, broken links, or grammar mistakes, which are uncommon on real business websites.
(memcyco.com, bbb.org)


2. Fake Apple Website
Fake URL: apple-support.com
Real URL: apple.com

A fake Apple website may use a misleading domain name, such as apple-support.com, to trick
people into thinking it’s an official support page. However, Apple’s real support page is part of
its main domain, support.apple.com. Another warning sign is fake security seals. Real websites
have clickable security badges that link to verification pages, while fake sites may use images of
security seals without any real authentication. Also, if a website asks for unnecessary personal
information, like your Social Security number or credit card details when it shouldn’t, that’s a
sign it’s fake. (digicert.com)


3. Fake Nike Website
Fake URL: nike-outletstore.com
Real URL: nike.com


Fake shopping websites often use words like “outlet” or “sale” in their domain name to look legitimate.
Nike’s official site is simply nike.com, so a site like nike-outletstore.com is likely a scam. Another way to
tell is by looking at the deals offered. If a website is advertising 90% off on new Nike shoes, it’s probably
too good to be true. Additionally, fake sites often don’t have clear contact information, while real sites
provide customer service phone numbers, email addresses, or live chat options. (thescottishsun.co.uk)

Week 10 – Journal Entry 9

I received a **4**, which is in “risky use.” That means that although I spend a great deal of time on social media, it isn’t controlling my life entirely.

The scale items fit because their actual behaviors consistent with an overload of social media use, such as not meeting responsibilities or trying to use it as a form of avoidance of problems. Certain questions do give a slight feeling of being broad—many times, people frequent social media usage, but it doesn’t always constitute a disorder.

Various patterns throughout the globe are probably due to social, economic, and cultural reasons. Social media is a large method of keeping in contact in some nations, whereas other nations might have stricter digital practices. Availability of the internet, cultural beliefs, and even stress levels might play a role in how much people use social media.

Week 11 – Journal Entry 11

The role of a cybersecurity analyst is not just about technology—it also involves understanding human behavior and social interactions. In the video, the speaker emphasizes that cybersecurity analysts are the first line of defense against cyber threats, which often target people rather than just systems. For example, phishing attacks rely on manipulating human emotions like fear or urgency to trick individuals into giving away sensitive information. This highlights the importance of user awareness training, a key responsibility of cybersecurity analysts, which aims to educate people on how to recognize and respond to cyber threats.

Additionally, the discussion of networking and career opportunities in cybersecurity reflects broader social dynamics. The speaker explains that making connections and effectively marketing oneself can be just as important as technical skills when entering the field. This reinforces the idea that success in cybersecurity—and in many other professions—depends not only on expertise but also on social engagement. Overall, the video illustrates that cybersecurity is a social issue as much as a technical one, requiring both strong digital defenses and an awareness of human behavior to be truly effective.

Week 12 – Journal Entry 12

The pdf example data breach notice tells us how businesses deal with customer data and how individuals react when their personal information is compromised. As per **Marxian economic theory**, the notice teaches us how gain and authority are usually more important than consumer protection. The business took time to notify customers, an indication that its interests, and not that of common good, were the priority. This accords with Marx’s aphorism that corporations care about capital, not about well-being.

**Classical economic theory**, where it is presumed that markets will self-correct and that people make rational choices, is also applicable here. The letter gives customers instructions to take, like calling credit bureaus, with the hope that they will act sensibly with the information given. But this theory does not take into account how people actually feel and respond to risk.

And from psychology, **Risk Perception Theory** can be used to explain how the letter downplays harm by assuring that there’s no proof of abuse. This is able to put people less at ease and prevent them from doing anything immediately. And furthermore, **Cognitive Dissonance Theory** illustrates that customers may not be able to believe in the company anymore but continue using its services simply to avoid the dissonance of violating habit.

Together, the theories account for how economics and psychology both influence the handling and interpretation of data breaches.

Week 12 – Journal Entry 13

The paper “Hacking for Good: Leveraging HackerOne Data to Develop an Economic Model of Bug Bounties” describes how bug bounty programs operate and if they are a suitable option for companies that want to enhance their cybersecurity. These programs invite ethical hackers to identify weaknesses in a company’s system. If they do, they get rewarded. This is cost-effective since corporations are not required to employ full-time security professionals to always look for issues.

In the review of literature, the authors clarify how bug bounty programs have evolved and why firms in such high numbers are turning to them today. The review also demonstrates that these programs not only save cost—but that they also make it possible to trust and work with firms and hackers who’d rather assist. It’s a win-win situation if managed carefully.

The discussion part of the article reveals that such programs turn out to be cost-effective. It would only take a company an average of $85,000 annually to have a bug bounty program, which is less than hiring a group of cybersecurity professionals. The authors continue that it is essential to provide the sufficient amount of money for every bug so that the professional hackers remain interested.

In general, the article demonstrates that bug bounty programs are a smart and cost-efficient means of enhancing cybersecurity.

Week 13 – Journal Entry 14

The things you can do online that people get arrested for are serious violations, and after reading about them in Andriy Slynchuk’s article, I believe the five most serious are pirating movies or software, hacking into a person’s account, using someone else’s Wi-Fi without their permission, purchasing stolen login info, and distributing malware. These are serious because the wrong thing can really hurt other people, whether that’s stealing their work, invading their privacy, or putting them at risk of losing personal information.” Pirating may seem inconsequential, for example, but it robs money from individuals who slaved to create that work. That’s bad enough, but hacking and purchasing pilfered login info are even worse, as they can effectively demolish someone’s digital life. It results in large scale disturbance of overall computer systems which in result leads to. massive damages to enterprises and individuals. While all of these actions can be legal pincushions, more fundamentally, they violate trust and endanger people online.”

Week 15 – Journal Entry 15

I watched today a TEDx presentation by Davin Teo on digital forensics, and it quite literally opened my eyes to how digital forensics connects to social sciences. How Teo came to end up from accounting to digital forensics was surprising but caused me to think about how eclectic backgrounds can make excellent careers.
YouTube

Digital forensics isn’t just computers and files; it does involve a solid foundation of knowing the behavior of human beings and human patterns. Forensic examiners are looking at digital information to evaluate purpose and action, which is more of a psychology and sociology focus. Their time in the courts also brings them back to criminal justice, as they need to react to laws and testify in front of a judge. Ethics also come into play as they weigh privacy concerns with releasing sensitive information.
Old Dominion University Sites

Teo’s case shows that knowledge in areas such as accounting can be used in digital forensics, particularly when handling financial crimes. It also shows the value of a multidisciplinary background and how different backgrounds can be used to understand and solve complex problems.

In general, this speech really made me value the integration of technical knowledge and social science insight needed in digital forensics. It is not only a discipline that calls for analytical acumen but also profound comprehension of human behavior and social systems.