January 13, 2025 – 1st Journal Entry
Reviewing NICE Framework and figure out which one is more interesting.
“Looking at the NICE Workforce Framework, certain areas that appealed to me the most was CI (cybersecurity intelligence) and IN (Investigation) because it sounds and looks interesting. I have family that does cybersecurity intelligence and I always wanted to get into it because they were financially stable. Investigation also sounds interesting because it deals with crimes so I could kind of be like a lawyer. The one that seems the least appealing to me was OG (Oversight and Governance), it just didn’t interest me. Most of it has management in the area and I don’t really want to be responsible for managing other people. It seems like a lot of work and not as fun as the other areas I’m interested.”<\/p>\n\n\n\n
January 26, 2025 – 2nd Journal Entry
Explain how the principles of science relate to cybersecurity.
“The principles of science are closely related to cybersecurity. Like scientists, cybersecurity experts observe patterns in attacks and study the data to understand vulnerabilities. They also test different solutions to cyber threats just like how scientists tests theories. While new threats emerges, cybersecurity experts adapt by improving their tools and methods which is similar to scientific knowledge evolves over time. Additionally, problem-solving is important in both fields, as experts use systematic ways to figure out how some attacks could happen again and how to prevent them.”<\/p>\n\n\n\n
February 2, 2025 – 3rd Journal Entry
This is about data breaches and how researchers might use the information to study breaches.
“PrivacyRights.org provides a lot of useful information about data breaches, it includes details like when each breach happened, the type of data that was data, how many records were affected, and which industries were involved. Researchers can look at this data to spot patterns like whether certain types of breaches happen more often or which security flaws are most targeted. Analyzing how often breaches happen and how severe they are, researches can also see if changes in laws or security measures are working. For example, they might look at trends in the breaches before and after new regulations are introduced to determine if they reduce the number of incidents. This can help researchers understand how breaches occur and how to improve strategies for protecting sensitive data. Overall, having access to this information allows researchers to better understand the causes of breaches and develop better ways to prevent them from happening as frequently.”<\/p>\n\n\n\n
February 9, 2025 – 4th Journal Entry
This was about Maslow’s Hierarchy of Needs and explaining how it connects to my\/peoples’ experience with technology.
“Maslow’s hierarchy of Needs can be easily connected to our experiences with technology. In general, technology helps meet our physiological needs by offering services like food delivery apps or sleep trackers, which provide our meals and improve our health. For peoples’ safety, secure online banking, GPS apps, and two factor authentication help keep people’s information protected from harm like hackers. Technology also support our love and belonging needs by enabling communication through social media, messaging apps, and video calls. All of these help keep people connected with their friends and family. In terms of esteem, platforms like TikTok and Instagram provide us ways to gain recognition and showcase accomplishments which boosts self-esteem tremendously. Ultimately, technology supports the process of becoming a better self. Offering better opportunities for personal growth, such as learning new skills through online courses or creating content on social media platforms like YouTube, Instagram, TikTok, Facebook, etc. can help allow us to explore our creativity and see our true potential.”<\/p>\n\n\n\n
February 16, 2025 – 5th Journal Entry
[No Entry]<\/p>\n\n\n\n
February 23, 2025 – 6th Journal Entry
This is about spotting fake websites compared to actual websites. (With examples included)
“Fake websites compared to real websites can be hard to spot sometimes. As someone who is on the internet all the time, I’ve fell victim to these fake websites because I wouldn’t look at the link closely enough to truly see the discrepancy. For example, “amaz0n-shop.com” & “amazon.com”. The first link is the fake website because it has a zero in replace of the “o” and “shop” in it. Amazon has always been just one word and it’s users always say “amazon” not “amazon shop”. Another example of a fake website is “Bankofamerca.com” & “Bankofamerica.com”. This one is harder to spot but the missing letter in the first link is “i”, which is in the actual website’s link. America is spelled with an “i” and not without it but some people might not see it when trying to access their bank accounts online. The last example is “bbc-news.co” & “bbc.com”, This fake website can easily target older people who search for their news online. They could fall into the trap of not realizing that “bbc-news.co” is the wrong website until the click on the link and see the large amount of ads plastered on the website compared to “bbc.com”. Simple grammatical errors can also make it easier for people to see that the website is fake but it can take a few moments of being on that website for them to realize it’s fake.”<\/p>\n\n\n\n
March 2, 2025 – 7th Journal Entry
[No Entry]<\/p>\n\n\n\n
March 9, 2025 – 8th Journal Entry
[No Entry]<\/p>\n\n\n\n
March 23, 2025 – 9th Journal Entry
[No Entry]<\/p>\n\n\n\n
March 30, 2025 – 10th & 11th Journal Entry
This is a summarization about how I felt about the article I read on social cybersecurity.
“Col. David M. Beskow and Dr. Kathleen M. Carley explain in their article, “Emerging National Security Requirement: Social Cybersecurity,” that social cybersecurity has become an urgent need for national defense strategy. The authors argue that cybersecurity should extend beyond systems to address the effects of cyberspace and cyber attacks on human behavior and society in the information warfare domain. In this technological era, they state that misinformation spreads quickly and has become a strategic weapon for various state and non-state actors.
They note that there are groups that take advantage of this situation to manipulate public opinion, foster distrust in institutions, and to further divide society. This trend is increasing, as it allows their adversaries to achieve significant results while keeping a distance from deploying physical force against any nation. These tactics are, figuratively, used to launch deception and influence people’s minds, rather than sending in troops. So now, this issue has gone from a purely technical cybersecurity to something entrenched in social and psychological issues.
Some of the ideas raised in the reading made me realize that cybersecurity is not limited to the protection of networks and data but also goes on to protect societies against manipulation and disinformation. This and more shows the gravity of the situation, owing to the quickness of electronic communication. Even a sloth could tell you that people have started sharing information before verifying the sources. There lies the urgent need for media literacy and also the socio-political and economic implications of disinformation detection and cyber threat policies.”
Second Entry
[No Entry]<\/p>\n\n\n\n
April 6, 2025 – 12th & 13th Journal Entry
This about reading a letter about a breach and describing how two different economics theories and two different social sciences theories.
“Upon reviewing the the letter, I started to observe how economic and social science theories apply to real-life situations with respect to cybersecurity: the letter mentioned an instance in which a server belonging to a third-party company was compromised, leading to malware-induced loss of customer information. Unfortunately, the company did not learn its lesson until it was too late; customers had to be notified, and authorities were involved. There is an economic principle that stands out clearly, and that is cost-benefit analysis. The attackers can successfully determine the possible reward of pilfered credit card information against the risk associated with being caught. On the other hand, the company spent very little on security prior to the breach, which resulted in the underestimation of any possible losses. In the long run, the losses from the breach promise to exceed any security measures they would have taken. Another important economics concept worth mentioning is market failure. Due to the breach in the security of third-party system operations, customers suffered. This exemplifies what a flaw in a market mechanism brings to others, especially innocent buyers. From the point of view of social science, I have begun to think about social contract theories. Consumers trust companies with their data, assuming that these companies safeguard private information. Whoever is to blame, the breach of trust continues due to the parent company’s poor security of user data or warnings that are insufficient. Lastly, I also considered the theory of social capital. Once broken, consumers’ trust in an organization is hardly restored. The letter does provide an explanation on the matter to consumers, but the injury to an organization’s reputation could last for ages according to theory.”
Second Entry
This entry is about reading an article and a summary reaction about it.
“Bug bounty programs are fun to get up close and personal with; as easy bounties, they allow organizations to pay ethical hackers for finding and reporting flaws in the systems. Most importantly, organizations are encouraged to unleash bounties to make individuals active participants in finding and fixing potential challenges instead of just waiting for an attack, which really makes it ingenious. All these, among other reasons, were discussed in their literature over increasing interest on Bug Bounty programs specifics among most big corporations like Google and Facebook. The authors discuss the promotion of concept as based on economic principles: payment-reward incentives had always proved to be effective in eliciting normal public behavior. Organizations could now afford to go beyond very high expenditure for the internal security team and benefit from significant savings by engaging external participants who probably perform real bounties in this case. When executed in the right way, this can be favorable to all parties involved. Berghoff has to agree that there are enormous advantages that bug bounty programmers can bestow. Its main use is that it actuates a global talent pool per se. Unfortunately, this talent pool will have some restrictions because most ethical hackers attempt to go after vulnerabilities beyond those typically found by in-house teams. On the other hand, competition among hackers sometimes affects collaboration. Some ethical hackers voice their displeasure about spending long hours on a report that would eventually be ignored. Overall, I believe bug bounty programs are well-structured systems but as the article states, careful design is very important. It is essential to pay respect to ethical hackers with some sort of reward; otherwise, the whole system might collapse.”<\/p>\n\n\n\n
April 13, 2025 – 14th Journal Entry
[No Entry]<\/p>\n\n\n\n
April 27, 2025 – 15th Journal Entry
Talking about Devin Teo TedTalk and how I feel about his ability to transition from one career to another one.
“The David Teo Ted Talk got me inspired and really pondering about how easy it is to transition into digital forensics. His journey from law to a digital forensic career clearly showcases the unique intertwining of different fields – technology versus social sciences – for within Teo’s work lies the typical line between technical analysis and a comprehensive understanding of human behavior, motives, and their effects on society – the key contours of social sciences. He integrates social science theories to broaden the scope of digital evidence and thereby to enhance the depth and success of investigations. His career path denounces the one-dimensional approach to the ever-evolving challenges of cybercrime.”<\/p>\n","protected":false},"excerpt":{"rendered":"
January 13, 2025 – 1st Journal EntryReviewing NICE Framework and figure out which one is more interesting.“Looking at the NICE Workforce Framework, certain areas that appealed to me the most was CI (cybersecurity intelligence) and IN (Investigation) because it sounds and looks interesting. I have family that does cybersecurity intelligence and I always wanted to… <\/p>\n