CYSE 201S
Journal #1
The NICE Workforce Framework is a framework developed by the National Initiative for Cybersecurity Education (NICE) to help organizations understand and meet their cybersecurity workforce needs. The framework is divided into five main categories: Protect, Detect, Respond, Recover, and Operate.
The Protect category includes roles related to protecting systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. The Detect category includes roles related to identifying and responding to cybersecurity incidents. The Respond category includes roles related to coordinating and carrying out incident response activities. The Recover category includes roles related to restoring normal operations and recovering from an incident. The Operate category includes roles related to maintaining and monitoring systems and networks to ensure their ongoing cybersecurity.
If I were to choose, I would probably find the Protect and Detect categories the most appealing. These categories involve identifying and mitigating cybersecurity threats, which is a challenging and ever-evolving field that requires a combination of technical skills and critical thinking. On the other hand, I would find the Recover category the least appealing as it is less dynamic and more focused on restoring systems after an incident.
Journal #2
Q: Explain how the principles of science relate to cybersecurity
A:
Cybersecurity is the practice of protecting computer systems, networks, and data from unauthorized access, use, disclosure, disruption, modification, or destruction. The principles of science play a critical role in cybersecurity because they provide a framework for understanding and addressing the many complex challenges that arise in the field.
One of the most important principles of science in cybersecurity is the scientific method. This method involves making observations, forming hypotheses, designing experiments, and analyzing data to test hypotheses. This process is used to identify and understand cybersecurity threats, as well as to develop and evaluate new security technologies and strategies.
Another important principle of science in cybersecurity is the principle of cause and effect. This principle states that for every action, there is a reaction. In cybersecurity, this principle is used to understand how different security measures can impact the likelihood and severity of cyber attacks.
A third important principle of science in cybersecurity is the principle of probability and statistics. This principle states that the likelihood of an event occurring can be predicted by analyzing patterns in data. In cybersecurity, this principle is used to predict and prevent cyber-attacks based on patterns of past attacks.
Finally, a fourth principle of science in cybersecurity is the principle of critical thinking. This principle states that to understand complex problems, you must be able to think critically, ask questions, and consider multiple perspectives. In cybersecurity, this principle is used to evaluate different security strategies, weigh the potential benefits and drawbacks of different options, and make informed decisions.So, in a nutshell, cybersecurity is a field that relies on scientific principles such as the scientific method, cause and effect, probability and statistics, and critical thinking to identify and prevent cyber threats.
Journal #3
Q: Visit PrivacyRights.org to see the types of publicly available information
about data breaches. How might researchers use this information to
study breaches? Enter a paragraph in your journal.
Researchers use various information sources such as breach data, vulnerability data, attack data, survey data, and log data to study breaches and understand the factors that contribute to them. By analyzing this information, researchers can identify trends and patterns in breaches, and use that information to develop new security techniques, tools, and strategies to prevent future breaches.
Journal #4
Q: Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need.
A: At the very bottom, we have Physiological needs. Our phones would be an example of this level because we see our phones as a part of ourselves. We have them by our side the whole day. The next layer would be Safety. Whenever we use the internet, we must be protective of our information by making sure the website is legit. After safety would be Belongingness and love needs. Social media falls right under this category because we are all so attached to the feeling of being connected. This also plays a role in the level above, which is called Esteem needs. Through social media, we want the feeling of being accepted into society. This feeling of prestige may be positive on us or negative. Using social media the wrong way may translate into the real world. The need at the very top is Self-actualization. I’d say the Internet has a wide variety of things for us to learn. YouTube, For example, can teach anyone just about anything. It is a powerful tool to achieve one’s own potential.
Journal #5
Q: Review the articles linked with each individual motive. Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7). Explain why you rank each
motive the way you rank it.
A: Ranked from most sense to least sense.
- For money: This makes the most sense to me because money is very fluid and it’s easier than ever to make a living by not doing any labor. Everything is all online, including banks and other financial information. Some cybercriminals can earn a lot of money and spend very lavishly.
2. Multiple Reasons: There are many motivations for cyber-criminals such as their economic state in relation to their social life, their mindset, and much more
3. Revenge: image-based sexual abuse or “revenge porn” causes irreparable damage to anyone, including celebrities. ‘Deepfake’ pornography, an AI-powered crime where a real person’s likeness is used to create a pornography image, is a fairly new method of cyberbullying.
4. Recognition: People want to be seen and will do anything it takes to get it, even if they are willing to be sent to jail for their malicious intent.
5. Political: usually, hacking benefits a single individual. It is very unlikely for someone to hack for the sake of changing the society as a whole
6. Boredom: Videogames are a common place where cyberbullying happens because there is a goal set within the game and there are many players who just play to have fun and not win. This type of bullying can go to the extreme, such as thoughts of suicide or an effect on school performance.
7. Entertainment: This makes the least sense because there are other ways to spend your time. There many other ways to be entertained, such as watching movies are simply taking a walk outside.
Article Review 1
This article goes in-depth about Indonesia’s concerns about the shift of physical land documents to digital authentication of land via electronic certifications. The principles of social science that relates to this article would be its economy, history, and anthropology. The study’s research question asks the significance of cybersecurity to electronic land certificates in Indonesia. Qualitative research design aided by a documentation technique for data collecting from diverse resources, such as case studies, legal archives, library facilities, and informal interviews with land officials from numerous locations in Indonesia, was employed.
Experts recommend analyzing data encryption to lessen the fear of cybercrimes and adding cybersecurity protection. This paper tries to fill this gap in the literature by discussing the value of electronic land certificates, the likely cybersecurity threats to these certificates, and data encryption as a safeguard. Four concepts that relate to this article would be the advancements of Malicious software, Relativism which shows that all things are related, Ethical neutrality, which refers that scientists must follow ethical standards when they conduct their research, and how behavioral theory can lead to a cybercrime. This topic relates to the marginalized group of Indonesia because their culture is rapidly growing with technology. This also affects the low-income group because half of Indonesians are involved in the agricultural land sector. This study overall contributes to society by setting electronic registration as the future of land ownership and Decentralizing electronic land certification facilities at the regional level so citizens can reap the benefits of this efficient system.
The second article is about ransomware payments in the Bitcoin ecosystem. This article indefinitely relates to the economy, one of the principles of social science, because Bitcoin involves money. Historically, Bitcoin has been a very volatile investment. In anthropology, investing shows similarities to gambling whenever there is a major gain of value. In this article, the researchers present a data-driven method for identifying information on Bitcoin transactions related to illicit activity based on footprints left on the public Bitcoin blockchain. One concept from class that relates to this article would be Ransomware, which block access to a computer system until a sum of money is paid. Phishing, spamming, and hacking are other concepts that we have learned that relate to this article. This article targets the wealthy marginal group, especially the Caucasian race. Overall, this article shows the dangers of ransomware and how it affects our society.
Article 1:
https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/88/25
Article 2:
https://academic.oup.com/cybersecurity/article/5/1/tyz003/5488907?searchresult=1
Journal #6
Q: Can you spot three fake websites and compare the three fake websites to three real websites, plus showcase what makes the fake websites fake?
A: From my own research, I found three websites all trying to impersonate an already well-known company. These fake websites are trying to copy Amazon, Paypal, and Chase Bank. I could tell these were fake because of the URL. There was extra mumbo jumbo hidden in the fake URL. To figure out if a website is legitimate, always use .org (organization) or .gov (government). Another quick way I figured out that these websites were fake was by design. Usually, the design of real websites are very professional and clean. The fake websites had many pop-up ads and outdated user interfaces. Lastly, real websites, especially banks, would use strong security measures. These include two-factor authentication and encryption.
Journal #7
- When ur boss comes to check if ur working
- me trying to look studious
- When u use VPN 24/7
- When u want to watch the sunset but is an academic weapon
- me trying to explain how I got abe lincoln on the math test
- When my phone finally hits 100 percent battery
- how people decide what to wear
- my activity during 11:59pm
- when u r in a meeting but forgot to turn off the oven
- me when I am waiting for the perfect shot
These memes relate to Human Systems Integration because all people have limitations. Every human tries to optimize their interaction with tech. This can be difficult because human error is always possible.
Journal #8
Movies have a significant influence on our understanding of hacking, often portraying it in a highly dramatized and unrealistic way. Hackers are often depicted as being able to bypass complex security measures with just a few keystrokes. In reality, hacking is a complex process that requires deep technical knowledge and skill. The portrayal of hackers as criminals or lone wolves is another common trope in movies. While there are certainly cases of malicious hacking, many hackers are motivated by a desire to improve security or expose vulnerabilities in systems.
Movies also tend to overemphasize the speed at which hacking can occur. In reality, successful hacks often take weeks or months to plan and execute. While movies can be entertaining and engaging, they can also create unrealistic expectations and misunderstandings about hacking.
Journal #9
I feel like I barely use social media. I see it as a waste of time. There are better ways I could do to spend my time wisely. I see social media as alcohol, it is okay to use, but overdoing it can be bad for you. I like to check up on my friends and see how they are doing, but if I have the chance to do that in person, I would much rather do that instead. I feel like as a society, we are being less and less social in real life. Sometimes, I see firsthand that people struggle even keeping up a conversation. It is a good habit to limit your screen time and live life with a wider perspective.
Journal #10
Social cybersecurity involves humans using technology to hack other humans. It is sometimes referred to as cognitive hacking and uses targeted marketing, psychology and persuasion, policy gaps at and between private and government institutions, and understanding of the social sciences. Social cybersecurity also is a multidisciplinary computational social science that combines political science, sociology, communication science, organization science, marketing, linguistics, anthropology, forensics, decision science, and social psychology.
Article Review 2
This article goes in-depth about the Islamic law regulations against the use of technology and cybercrime. The topic relates to the social principles of anthropology, Islam’s history as well as its economy. This article answers the research question/hypothesis of how Islam will deal with cybercrimes on a case-by-case basis. There were many methods to conduct their research. Examples include comparative and normative judicial research methodology. Some data/analysis from this article compares Indonesian laws to cybercrime with Islamic provisions. The analysis found that criminal laws are more irregular than the legal actions of Indonesia. The Indonesian laws about cybercrime include a scarce list, including humiliation and deception. Four concepts from class that relate to this article would be Cybercriminal subculture, social media as a gateway for cybercrimes, Conflict Theory shown by the violent use of the Internet, and the impact of fake news on the people of Islam. This topic affects the marginalized group of Indonesia’s people by being engulfed with cybercrime in recent years. Also, it raises the challenge/concern of its government’s control and protection of these marginalized groups. One societal contribution that this study conveyed would be the amendments of laws that policymakers will now deploy from dealing with cyber-criminal activities. Another positive contribution from this situation would be the newly recent teachings Indonesian Muslims will now receive about using cyberspace in a safe manner.
The next article examines if online voting will increase election security. This topic relates to the social principles of America’s Economy, Political Science, and Sociology. The article questions whether a new online voting system can be legitimate and reliable. Field research was conducted. Individuals did not know that the research was taking place. “Voatz” a mobile voting app, was being analyzed by researchers and they proved the security to be weak and vulnerable. Four concepts from class that relate to this article would be Objectivity, which exists only to advance knowledge, Determinism and why black hats choose to commit internet crime, Behavioral theory to the mass, and the risk of victimization. Electronic voting systems through mobile devices will affect the marginalized group of Senior citizens the most because they are used to the In-person voting system the most. However, this does benefit the young generation due to the way smartphones are more accessible and convenient. Two societal contributions that this study conveyed would be the fixes the government implemented to decrease device exploitation, and that blockchain technology cannot be the lone security measure for electronic voting.
Article 1:
https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/107/34
Article 2:
https://academic.oup.com/cybersecurity/article/7/1/tyaa025/6137886?searchresult=1
Journal #11
This video goes in-depth with what a Cybersecurity Analyst does for a living. The woman talks about how to become one, where are the best cities to work as an analyst, and the increasing growth of this pretty new career choice. One social theme that arose from this presentation would be communication. The woman said that networking is very important because you want your name to be in people’s minds. She also talked about how we need to focus on getting our resumes tailored to employers in the tech field. She suggested volunteering anywhere to gain experience and to let yourself stand out from the rest. Another social behavior that this video emphasizes would be Critical Thinking. She said people from this field must be very knowledgeable in the subject and sometimes they have to make quick decisions.
Journal #12
Bug Bounty Policies are people who are compensated by policies for locating weaknesses in a company’s cyber infrastructure. Ethical hackers are encouraged to try exploring the cyberinfrastructure using their penetration testing skills in order to find the flaws. The cost/benefit analysis that underlies the policy is related to economics. Bug bounties improve the cybersecurity of all organizations. HackerOne hackers help firms find the vulnerabilities that their internal technical teams missed. The results suggest that bug bounties are effective for companies of all sizes and all levels of prominence. This is particularly positive for SMEs, which often lack the cachet and resources to recruit in-demand cybersecurity professionals. HackerOne program managers suggested that new, unseasoned hackers are most inelastic: eager to gain exposure, they show little price sensitivity. In contrast, the best hackers, who have significant opportunities, are more price elastic.
Journal #13
There are many different economics and social science theories that can be related to each other in various ways. Here, I will describe how two different economics theories and two different social sciences theories relate to each other. Keynesian Economics and Marxist Theory both deal with issues related to the economy, but they approach these issues from different perspectives. Keynesian Economics focuses on the role of government intervention in stabilizing the economy, whereas Marxist Theory is concerned with the fundamental flaws of capitalism and the exploitation of labor. Social Learning Theory and Symbolic Interactionism are both social sciences theories that deal with human behavior and how people interact with each other. Social Learning Theory emphasizes the importance of modeling and reinforcement in shaping behavior, while Symbolic Interactionism focuses on the meanings that people assign to symbols and how these meanings shape their behavior. Overall, these four theories offer different perspectives on how the economy and society work and how people behave within these contexts. While they may have different assumptions and methodologies, they share common themes and concerns.
Journal #14
Out of the eleven things Andriy Slynchuck has described that Internet Users do that are illegal, the five most serious violations would be the numbers 5,11,10,7, and lastly number 1. Bullying in any form is very bad for society. Illegal searches on the internet are very dangerous. You can search for anything, such as violence, and pornography. Extracting Audio from Youtube is illegal because you are technically stealing someone’s work for your own benefit. Number 7, faking your identity online, can be very illegal because you can lie about where you are and people will believe you. This can also act as a way to hide yourself from the world. Lastly, using unofficial streaming services is basically stealing someone’s show and profiting from it. This is very common with anime. People would watch anime on these websites because they did not have to pay a monthly subscription.
Career Paper
An Information Security Analyst is in charge of protecting an organization’s computer network and systems. These professionals operate firewalls, and data encryption programs, and even simulate their own attacks to see any weaknesses in their systems. As of May 2021, The U.S. Bureau of Labor Statistics states the salary of an Information Security Analyst is $102,600 per year, which is $49.33 per hour. A Bachelor’s degree in any tech field, such as Computer Science and Cybersecurity, is all that’s needed for this occupation.
Information Security Analysts depend on social science research and principles all the time for their job. People who work in this field conduct many experiments. They try to manipulate their own system networks and observe if it caused any significance. In other words, Information Security Analysts ethically hack themselves on purpose in order to see any vulnerabilities in their system. Analysts also have to stay up to date with the latest methods of infiltration. They are constantly researching new security technology to decide what will most effectively protect their organization. One social science principle that Information Security analysts deal with while on the job would be Ethical Neutrality. This principle means that ethical and moral standards must adhere to at all times. Someone with this job has access to a large amount of sensitive information about a business all the way to a single individual. It is the responsibility of the Analyst to protect this information while also following ethical standards.
There are many concepts that we learned from class that applies to the life of an Information Security Analyst. One topic we discussed would be how humans play a factor when committing a cyber-attack. Human factors are the application of knowledge about human capabilities. Another topic would be Neutralization Theory. This theory suggests that individuals know what is right from wrong before committing a crime. Analysts know all the different types of intentions when a criminal commits a crime. Some examples include wealth, recognition, revenge, or even boredom. A third concept from class that ties in with this career would be Victim Precipitation. Crime can result in a number of precipitating factors. The victim’s lifestyle, race, and interaction can ultimately lead to a crime. Lastly, regarding cyber field studies, these professionals conduct Honeypots. Analysts can study hacks and system trespassing in real-time.
This career relates to marginalized groups in many ways. The older generations, especially Generation X and Baby Boomers are uneducated about the advancements of modern technology. This causes many challenges to the individual. Firstly, they are unaware of the types of cyber-attacks, such as hacking, Phishing, and Denial of Service (DoS). An elderly might easily be convinced by a false email advertisement and give away their personal information such as their credit card number, and more. As we advance in technology at rapidly fast past, the number of Internet Crimes has increased. On May 21, 2021, the FBI’s Internet Crime Complaint Center received its’ sixth millionth complaint! Additionally, it is a lot easier to bully through an online peer network. People of color are being marginalized online due to the convenience of being behind a screen. Types of cyberbullying that can be conducted would be threatening someone to kill themselves, posting hurtful photos, and soliciting false information about someone.
Sociology studies the human society. The responsibilities of an Information Security Analyst are crucial for a society to be secure in the digital realm. Developing secure passwords is a cybersecurity norm that all Analysts recommend people to follow. Religious groups are an example of a social system. Many churches believe that they are too small to be at risk of a cyber-attack. Lisa Traina, the author of “Cybersecurity Best Practices for Churches, describes hacktivism as, “a form of hacking that occurs for socially or politically motivated purposes.” Hackers gained access to a church’s online bank account in Iowa, and the church lost more than $680,000. Their intention was to focus on an organization where strong information security measures are lacking. Churches need to hire Information Security analysts to protect them from any cyber-attack from happening again.
Sources:
U.S Bureau of Labor Statistics Information Security Analysts Handbook
