Journal Entry 14
Ricardo Corpus
08/02/2024
he speaker had a fascinating journey into the field. The speaker actually started as an accountant. His story is a great example of how careers can take unexpected turns and how different fields can intersect in surprising ways. He began working in a small accounting firm, where he also handled some IT tasks. This blend of accounting and IT experience eventually led him to a big accounting firm that was starting a digital forensics team. Even though he didn’t know much about digital forensics at the time, he jumped at the chance because it sounded cool. This decision changed the course of his career. What struck me most was how his work is connected to understanding human behavior. Digital forensics isn’t just about sifting through data; it’s about piecing together stories and motivations behind digital actions. This is where the social sciences come in. Fields like psychology and sociology help forensic investigators understand why people commit crimes and how they interact in digital spaces. This knowledge is crucial when tracking down cybercriminals or figuring out the intent behind digital evidence. His job also involves a lot of covert operations, like collecting data without people knowing. This part of his work requires a strong grasp of legal and ethical issues, which are rooted in social science principles. It’s not just about the tech; it’s about understanding the broader implications of their findings on people’s lives and society. The speaker’s career path shows that having diverse skills and being open to new opportunities can lead to exciting and fulfilling careers. It also highlights the importance of a multidisciplinary approach. In digital forensics, you need technical skills to handle the data and social science knowledge to understand the context and impact of that data. Listening to his story made me realize how interconnected our world is becoming and how valuable it is to have a broad skill set.
Journal Entry 12
Ricardo Corpus
08/02/2024
Navigating the online world can be tricky, especially when it comes to distinguishing between legal and illegal activities. I’ve found myself using unofficial streaming sites to watch sports events and movies for free, appreciating the convenience but now realizing the significant legal issues involved. These platforms distribute content without proper licensing, making it a clear violation of copyright laws. This could lead to potential lawsuits and exposes my personal data to security risks. Similarly, I’ve been benefiting from a friend’s Spotify family plan without contributing, which, although seemingly harmless, is technically illegal. This practice involves using a service without paying for it, essentially amounting to theft. The author’s insights have highlighted the legal and ethical implications of such actions, underscoring the importance of adhering to legitimate streaming services and paying for what I use. By doing so, I not only avoid legal repercussions but also support the content creators and service providers. This reflection has made me more aware of the need to be responsible and respectful in my online activities, aligning with both legal standards and ethical principles. Moving forward, I am committed to using legitimate services and ensuring that my online behavior is both lawful and ethical, avoiding the pitfalls of convenience-driven, yet illegal, actions.
Journal Entry 11b
Ricardo Corpus
08/02/2024
The article explores the effectiveness of bug bounty policies, which pay ethical hackers to identify vulnerabilities in a company’s cyber infrastructure. It highlights how these programs have become a crucial part of cybersecurity strategies, allowing companies to leverage external expertise. The literature review discusses various studies showing that bug bounties can be cost-effective compared to traditional security measures, as they provide a broad pool of talent and diverse perspectives on potential security issues. The findings indicate that bug bounty programs significantly enhance a company’s security posture. Companies that implement these policies tend to discover and fix vulnerabilities more quickly, reducing the risk of breaches. However, the effectiveness of these programs depends on clear guidelines, adequate rewards, and proper management of submissions. The article emphasizes that while bug bounties are economically beneficial, they must complement, not replace, other security measures.
Journal Entry 11a
Ricardo Corpus
08/02/2024
Rational Choice Theory: This theory says people make decisions to maximize their benefit. After the breach, Glasswasherparts.com had to decide if the cost of beefing up security was worth it compared to the potential loss from future breaches. Clearly, they chose to invest in better security to avoid bigger losses down the line (Module 11 Notes, p. 13). Cost-Benefit Analysis (CBA): This involves comparing the costs of actions to their benefits. The company hired a cybersecurity firm and cooperated with law enforcement, which isn’t cheap. But the benefits, like preventing more breaches and maintaining customer trust, outweigh these costs (Module 11 Notes, p. 11). Behavioral Economics: This theory looks at how psychological factors affect economic decisions. Customers might hesitate to shop with Glasswasherparts.com again after the breach. By being transparent and taking strong action, the company aims to rebuild trust and reassure customers (Module 11 Notes, p. 11). Social Contract Theory: This theory is about the unwritten agreement between people and authorities. Customers trust companies to protect their data. When Glasswasherparts.com failed, they had to act quickly to restore this trust by communicating openly and fixing the issues (Module 11 Notes, p. 13).
Journal Entry 9
Ricardo Corpus
08/02/2024
The Social Media Disorder Scale is pretty spot-on in covering different ways social media can mess with our lives, from being obsessed with checking it all the time to how it impacts our relationships and daily activities. It’s relatable because we all know the feeling of needing to check our feeds or feeling left out when we can’t. Different patterns around the world come down to cultural and societal differences. In some places, social media is the main way to stay connected, while in others, there’s a huge pressure to show off a perfect life online. Economic factors also matter; in countries with less tech access, social media use and its issues look different. Generational differences play a role too, with younger people often more hooked. Overall, the scale highlights how deeply social media is embedded in our lives and how its impact varies based on our environment and personal circumstances.
Journal Entry 6
Ricardo Corpus
08/02/2024
Initially, I thought cybersecurity was only about technology and complex code. But as I learned more, I realized how critical human factors are. For example, social engineering exploits human psychology rather than technical flaws. So, cybersecurity isn’t just about firewalls and antivirus software. It is also about training people to recognize phishing scams and other tactics that hackers use to trick them. Another misconception I had was thinking that cybersecurity was mainly about protecting against external threats. I discovered that insider threats are just as significant. Employees, whether intentionally or accidentally, can pose huge risks to an organization’s security. This highlighted the importance of a comprehensive security strategy that includes monitoring internal activities and fostering a culture of security awareness. Overall, my studies have shown me that cybersecurity is a much broader and more nuanced field than I initially thought. It’s not just about stopping bad hackers with cool tech; it’s about understanding human behavior, implementing strong policies, and continuously adapting to new threats. My initial misconceptions have been proven wrong.
Journal Entry 5
Ricardo Corpus
08/02/2024
Ranking of Motives for Cyber Offending:
1. For Money
2. Recognition
3. Entertainment
4. Political
5. Revenge
6. Boredom
7. Multiple Reasons
Explanation:
For Money: It’s no surprise that cash is king in the cybercrime world. Cybercriminals can rake in serious dough, and they often spend it on everything from basic needs to luxurious splurges. Dr. Mike McGuire’s research shows that these criminals can earn a ton and use their earnings to buy fancy stuff, invest, or fund more crimes. The financial lure is a huge driver because who wouldn’t want to make a quick buck?
Recognition: Many hackers are in it for the clout. Just look at Bradley Niblock, who DDoS’d a Labour candidate’s website to gain followers on Twitter. For these cybercriminals, earning respect and fame within their circles can be as thrilling as the crime itself. It’s about standing out and proving their skills to peers.
Entertainment: Some cybercriminals are just in it for the kicks. Remember the LinkedIn scraping incident? The guy behind it did it “for fun” and then turned around and sold the data. It’s all about the thrill and the challenge, which can be pretty compelling motivations for some people.
Political: Hacktivism is making a comeback, with hackers using their skills to make political statements. From exposing surveillance programs to meddling in elections, politically motivated cybercrimes can have massive impacts. It’s a way for hackers to push their agenda and create change.
Revenge: Sometimes, cybercrime is personal. Revenge porn is a brutal example, where offenders post intimate photos to humiliate and hurt their victims. This motive is all about causing pain and getting back at someone, making it a dark but real driver of cybercrime.
Boredom: When people are bored, they can get into all sorts of trouble online. The pandemic lockdowns saw a rise in cyberbullying and online grooming as kids turned to the internet for entertainment. Boredom can push people to explore illegal activities just to pass the time.
Multiple Reasons: Often, it’s not just one thing driving someone to cybercrime. Wendy Zamora’s research highlights how complex these motivations can be, mixing money, power, and personal issues. Some hackers might feel marginalized and see cybercrime as a way to assert themselves and gain some control.
Sources
Entertainment
Recognition https://www.theregister.com/2021/06/30/bradley_niblock_election_ddos/
Journal Entry 4
Ricardo Corpus
06/03/2024
Maslow’s Hierarchy of Needs makes a lot of sense when you think about how we use technology daily. Starting with physiological needs, while my phone and the internet aren’t as essential as food and water, they are important for staying connected and managing daily tasks. They help me keep track of schedules, communicate with others, and access important information. For safety needs, cybersecurity is crucial. For example, when my laptop gets a virus or there’s a data breach on a site I use, it’s like someone tampering with the lock on my door. Moving to belongingness and love needs, social media platforms like Facebook and Instagram help me stay connected with friends and family. These platforms are not just about posting updates but also about staying in the loop with what others are doing. Seeing updates from friends, sharing memes, and commenting on each other’s posts create a sense of community and keep relationships alive even when we can’t meet in person. It’s more about maintaining bonds and being part of each other’s lives in a casual, everyday manner. Regarding esteem needs, social media also plays a significant role. Positive feedback and engagement on my posts can be a nice boost, similar to getting recognition for something well done in real life. Engaging with others’ content and receiving thoughtful comments fosters a supportive environment. Even if there are negative comments, it’s all about keeping a level head and understanding that online interactions can be fleeting. Finally, for self-actualization, technology is a great enabler. I use online courses to learn new skills, watch tutorials to improve my hobbies, and join communities that share my interests. Technology provides the tools and resources to keep growing and achieving personal goals. For instance, using apps to track my fitness progress or participating in online challenges helps me stay motivated and strive for better health. Maslow’s hierarchy applies well to understanding how intertwined our digital and physical lives have become, and how technology meets various needs, from basic connectivity to personal growth.
Journal Entry 3
Ricardo Corpus
5/29/24
Researchers can leverage the Privacy Rights Clearinghouse Data Breach Chronology to study breaches by analyzing trends and patterns, such as the most common types of breaches, affected sectors, and the frequency and scale of incidents. This helps identify vulnerabilities and evaluate the effectiveness of security measures over time. Social science branches that would benefit most include sociology, economics, criminology, and psychology. Sociologists could examine societal impacts and public perception, economists could assess financial repercussions on businesses and economies, criminologists could study the methods and motivations behind cybercrimes, and psychologists could explore the effects on individuals, such as stress and trust issues. For example, economists might quantify financial losses from breaches, while criminologists might identify patterns in breach methods to develop better prevention strategies. The comprehensive data provided by the Privacy Rights Clearinghouse offers valuable insights for these fields, helping to enhance our understanding and response to data breaches.
Journal Entry 2
Ricardo Corpus
5/23/2024
The principles of science include relativism, objectivity, parsimony, skepticism, ethical neutrality, determinism, and empiricism. Relativism means everything is connected. So, in cybersecurity, if there’s a big tech change, it affects how people behave, the economy, policies, and society. It’s like a domino effect. For instance, new tech can change how people shop online, which impacts online security needs. Objectivity is about studying stuff without bias to truly advance knowledge. In cybersecurity, it means researchers need to keep their personal opinions out of it, especially when dealing with sensitive issues like online hate groups. You can’t let your feelings mess with the facts. Parsimony is all about simplicity. In cybersecurity, this means using simple theories to explain things like cybercrime. For example, the self-control theory suggests that people with low self-control might commit cybercrimes because they’re impulsive. Skepticism is questioning and testing everything. This is crucial in cybersecurity to make sure your defenses are solid and you’re not relying on unproven methods. It’s like always double-checking your locks before going to bed. Ethical neutrality means sticking to ethical standards. In cybersecurity research, this involves protecting people’s rights, like ensuring anonymity and getting consent when studying hackers’ behaviors. Determinism is the idea that behavior is influenced by past events. So, in cybersecurity, someone might be more likely to commit cybercrime if they’ve been exposed to certain online environments before. Finally, empiricism is about basing knowledge on observable and measurable data. In cybersecurity, this means studying real cyberattack patterns instead of just theorizing about them.
Journal Entry 1
Ricardo Corpus
5/18/24
- Strategic Planning and Policy is a specialty within the category of Oversee and Govern that is fascinating because it involves developing and advocating for policies that support cybersecurity initiatives. This role requires a big-picture perspective and the ability to influence organizational direction, which I find compelling. The chance to shape policy and strategy at a high level and drive meaningful changes in cybersecurity practices aligns with my interest in leadership and governance.
- Incident Response is a specialty within the category of Protect and Defend that appeals to me due to its critical role in handling crises and urgent situations. The need to mitigate immediate threats and recover from incidents requires quick thinking and decisive actions, which I enjoy. This specialty is vital in minimizing damage and ensuring the security of information, making it a high-stakes and rewarding field. The investigative aspect of analyzing response activities also adds a layer of complexity that I find exciting.
- Systems Analysis is a specialty within the category of Operate and Maintain that interests me because it bridges the gap between business needs and IT solutions. Designing secure and efficient information systems requires both technical expertise and a deep understanding of organizational processes. I appreciate the interdisciplinary nature of this role, which involves studying existing systems and procedures to create effective solutions. It’s a perfect blend of technical and business skills, making it intellectually stimulating.
Data Administration is a specialty within the category of Operate and Maintain that is the least interesting to me because it involves routine management and administration of databases, which I find less engaging compared to more dynamic and immediate-response roles. While it is crucial for maintaining data integrity and security, the tasks seem more repetitive and less challenging. I prefer roles that require rapid problem-solving and strategic thinking over those focused on ongoing maintenance and administration