Week 1 entry

Based on my reading of the NICE workforce framework, one of the areas in cyber security that I find interesting is system security analysis. Some of the reasons why I find this interesting are that you design the security for a system and audit/test the security of a system. It sounds to me that this position looks at an organization as a whole and you provide advice and recommend solutions to stakeholders/ upper management.
One area that i don’t think I’m interested in incident response. After reading the tasks that they do, it seems like they have a high stress and unusual hours because of the real time response to the cyber incidents.

Week 2 entry

These principles help us understand how bad actors operate but even well intentioned individuals can damage an organization. For example,

Skepticism Is important to cybersecurity because it makes us question how well our defenses are actually working. It promotes us to find better ways to defend systems.

Parsimony helps us in cybersecurity because our bosses and department heads will want us to tell them about an incident if it did occur in a way that they can understand.

Objectivity helps us in cybersecurity because it wants us to solve problems with logic, emotions can impair our judgment in solving problems.

2

Scientists that believe in determinism do not believe in free will and in the world of cyber security that principle is flawed. While yes cyber incidents will happen. We can deter hackers through security measures that are hard to get past that way only the most skilled of hackers could get past. Even with laws that directly deal with cyber crimes. Some hackers don’t care about the penalties that will ensue with the crime. Using a nomothetic approach on preventing cyber crime. Would be to study the employees in a company. The idiographic approach would be to study hackers in a one on one environment.

Week 3 entry