Journal Entry 1: Review the NICE Workforce Framework. Are there certain areas that you would want to focus your career on? Explain which areas would appeal the most to you and which would appeal the least.
The main area I would most like to focus my career on is Protect and Defend. I would like my career to include protect and defend because cyber defense analysis is something that interests me and I would potentially have as a part of my future. Vulnerability assessment and management is also an important aspect of cybersecurity and that aspect interests me a little bit as well. The one that least appeals to me is Collect and Operate. I don’t want to be a gathering information and evidence from cybercrimes that would be used to develop intelligence. All of the other areas I would prefer to be in because they are more interesting in my opinion.
Journal Entry 2: Explain how the principles of science relate to cybersecurity
Some principles of science are easier to relate to cybersecurity than others. For example, determinism can be applied to cybersecurity by how a previous event may influence someone to commit a cybercrime. But empiricism can’t really be related to cybersecurity because it only involves studying behavior that is from the five senses. Determinism can be related to cybersecurity very easily in many ways. One way is a previous event influencing someone to commit a cybercrime. Another way is the development of technology led to cybersecurity being important to many people. The objectivity principle of science means that science exists to advance knowledge. This can be applied to cybersecurity because technology is a big part of advancing knowledge in many areas in the world and to many people. Relativism can be applied to cybersecurity because technological advancements influence many things like behavioral dynamics, economic/financial decisions, policy making, and social processes. Ethical issues in the cybersecurity world relate to the ethical neutrality principle of science which means scientists must follow ethical standards when researching.
Journal Entry 3: Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches? Enter a paragraph in your journal.
The publicly available information about data breaches is where it happened, how many records were affected, the type of breach, and the companies with the most breaches. Using the companies with the most breaches and how it happened can help look into what they need to do to not be getting breaches as much or at all. The companies with the most breaches may be in the same industry which could help researchers figure out the industries that are most targeted for data breaches. Using the type of breach can help companies use better protection against those types of breaches. Connecting all of the information together can help researchers figure out what type of breach is used against a specific company in a specific industry and how to help protect and prepare against that type of attack.
Journal Entry 4: Review Maslow’s Hierarchy of Needs and explain how each level relates to your experiences with technology. Give specific examples of how your digital experiences relate to each level of need.
Using technology relates greatly to belongingness and loving needs because I’m able to talk to my friends and schedule things with them because we don’t live very close to each other and I would have to drive somewhere to meet with them. I’m able to keep in touch with those friends because I have a way of communicating with technology. When I’m at college, I’m able to communicate with my family back home. At my house, I have cameras that would help with safety, so we know who is at the door or if someone was at our house while we weren’t there. This technology helps with the safety needs. Technology doesn’t relate as much with physiological needs because those are basic needs like food, water, and shelter. Since my major is cybersecurity and I will most likely be getting a job in the cybersecurity field, technology will relate to my self-actualization and esteem needs because it will be a part of my job that will help me make money and have things that would help me reach my full potential. It will relate to me graduating college and getting a job because technology is and will be a major part of my education and job.
Journal Entry 5: Review the articles linked with each individual motive. Rank the motives from 1 to 7 as the motives that you think make the most sense (being 1) to the least sense (being 7). Explain why you rank each motive the way you rank it.
1.For money
The reason money is ranked number one is because most criminals are in bad situations with money, so they will commit a crime to try to get money because they think it’s the easiest way to make money or they just don’t want to have to get a job. Most people that have been victims of cyber attacks were a target because of money being the reason for the attacker.
2.Multiple reasons
Multiple reasons is ranked number two because money could be a reason someone wants to commit this crime, but they also want the entertainment from it or are bored and choose to do that crime. There can be more than one reason that someone chooses to commit a crime.
3.Revenge
Revenge is ranked at number three because if someone has problems with someone else or an organization they may try to do something to that person or organization’s networks or servers. An example of revenge hacking is when someone gets fired and they want to get revenge on the company they worked at. Another example is if a student didn’t get into the school they wanted to, so they attempt to hack into that school’s servers.
4.Political
Political reasons can be a big reason for committing a crime because politics and government can change things in many people’s lives. Someone may try to change the outcome of an election because they dislike the other candidate or they wanted someone else to win that election.
5.Recognition
I ranked recognition at number 5 because I don’t think it is one of the top reasons, someone would commit a cybercrime. A group may try to gain recognition by committing multiple attacks, but the main reason they would be doing these attacks is most likely money. Recognition would only be the reason if they were trying to get known, but there would be other reasons that would cause them to do their attacks.
6.Entertainment
Some people when they are younger will learn to hack because they think it’s fun and it is a form of entertainment to them. I knew a couple of people in fourth grade that got in trouble for hacking because they did it in their free time. For these reasons, I have it ranked at 6 because it’s not the biggest reason a person would commit a cybercrime.
7.Boredom
I think boredom and entertainment go together because if someone is bored, they will try to find something that entertains them, but most likely hacking and committing cyber crimes will not be the thing that they choose for entertainment. I ranked boredom at number 7 because I don’t think it would be as big of a reason as wanting money when committing a cyber crime.
Journal Entry 6: Can you spot three fake websites and compare the three fake websites to three real websites, plus showcase what makes the fake websites fake?
amazon-01.com
This website is meant to be a fake amazon.com website and it will send you a phishing email or text to try to get you to open it and steal your information.
B3smg.info
This website is a fake website for FedEx and USPS. They will send you a phishing email or text saying that there is a package update, so if you press on the link you’d be expecting an update. If you click the link and give your information to the fake website, then they now have your information that they want.
This is a fake website where you can buy clothes and other things and you will get scammed. They will even send you a fake USPS delivery tracking number, but when you track it, it will say that USPS is currently awaiting the package.
Journal Entry 7: Review the following ten photos through a cybersecurity human systems integration framework.
Create a meme explaining what is going on in the individual’s or individuals’ mind(s). Explain how your memes relate to Human Systems Integration.
This meme relates to Human Systems Integration because this person received the email that they are getting the new Human Systems Integration at their work place.
This meme relates to human systems integration because it shows somebody looking at their device with the new human systems integration.
This guy is happy because the new Human systems integration is good and it was his idea to get it at his company.
This guy likes the new human systems integration at his company so he is taking it all in while watching the sunset.
This guy has to argue with someone because they said something that was negative about the human systems integration when it has benefited the company in a big way.
This meme has someone getting promoted because they helped out with the very successful human systems integration.
This person works at a company with the new Human Systems Integration and wants to know what other people think about it because she loves it.
This meme is saying that this stick man is the guy behind the Human Systems Integration.
This meme is showing someone trying to sell another company on the new Human Systems Integration.
This meme is about someone who worked on the Human Systems integration and now gets to enjoy a little more vacation time.
Journal Entry 8: Watch this video and pay attention to the way that movies distort hackers. Hacker Rates 12 Hacking Scenes In Movies And TV | How Real Is It? – YouTube
After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity
Hackers can be anybody that is using a computer or device to hack and almost anyone can be the victim of a cyber attack. Movies make it seem like the hacker will be someone hidden away, not showing their face in public, when in reality it can be anybody that you see in public. Movies also make it seem like the hacker has a big setup with multiple computers and monitors, but in reality they could only be using a singular laptop or a desktop. It doesn’t seem that many movies include or think of multi-factor authentication when it comes to hacking because a lot of people have at least one additional layer of security, but with movies it appears that the hackers find out the passwords and then are automatically into whatever they are wanting to get into. The media doesn’t really help anyone learn anything or understand anything more about cybersecurity through these movies presented in the video.
Journal Entry 9: Complete the social media disorder scale. How did you score? What do you think about the items on the scale? Why do you think that different patterns are found across the world?
I scored a 0 on the social media disorder scale. I think the items on the social media disorder scale are a fair measurement of having a social media disorder. I think there should also be a how long do you spend on social media every day or week question. I used to use social media more and sometimes it could be distracting, but I never was addicted to it. Now, I don’t use social media as much as I used to and I also don’t post very often. There are definitely people I know that use social media a lot more and post many things in their life that sometimes shouldn’t be posted on the internet. There are different patterns around the world because in some places, people think they should be posting their whole life on social media and in other places, people almost never use social media or post anything on there. There are different patterns across the world on where social media is used the most and where people with social media disorders are because not everyone uses the internet and not everyone has access to different social media platforms. Los Angeles and Miami are probably some of the social media hotspots because of the location while rural areas and poorer areas probably have less social media users and people with social media disorders.
Journal Entry 10: Read this and write a journal entry summarizing your response to the article on social cybersecurity. Social Cybersecurity An Emerging National Security Requirement (army.mil)
Social cybersecurity is the effect human behavior has on aspects of cybersecurity. Social cybersecurity is going to affect the future of cyber warfare and everything cybersecurity related. Cyber infrastructure will have to be built based on social cybersecurity because of human behavior and the cyber environment. Russia has been engaging in information warfare to use propaganda to make them look like the good guys or to make an enemy look like a justifiable enemy. They will spread misinformation and try to use that to their advantage. They can use false information whether it is partly false or completely false. In the future, information warfare will continue to be important because the manipulation of information will continue to cause misdirection for people and countries. Information warfare can lead to different election outcomes, different decisions made, and different reactions to certain situations. Different people will have different reactions to certain situations online because of different behaviors which is a part of social cybersecurity, human behavior being different for different people.
Journal Entry 11: Watch this video. As you watch the video, think about how the description of the cybersecurity analyst job relates to social behaviors. Write a paragraph describing social themes that arise in this presentation.
The five locations that cybersecurity analysts will get paid the most are big cities which will also have high living costs. Cybersecurity analysts usually monitor networks and respond to incidents. For people that want a cybersecurity analyst position, they will have to choose where they want to live and work. People that would like to be in a fast pace city environment can live and work in the cities and make more money, but have to pay more to live while other people can get paid not as much, but also not have to pay as much to live. It depends on what the person wants, if they want a city or not and how much they want to get paid or pay to live. Some cybersecurity analysts will have to work shifts that will be during the night, so the hours wouldn’t be the same every day or week, which is something that people wanting the job will have to take into consideration.
Journal Entry 12: Read this https://dojmt.gov/wp-content/uploads/Glasswasherparts.com_.pdf sample breach letter “SAMPLE DATA BREACH NOTIFICATION” and describe how two different economics theories and two different social sciences theories relate to the letter.
The two economics theories that relate to this data breach are the Laissez-Faire economic theory and the classical economic theory. The Laissez-Faire economic theory relates to this data breach because the Laissez-Faire economic theory states that the government should not intervene unless it is to protect an individual’s unalienable rights, and the government intervened in this case because they were contacted after the breach was learned by the company because many customers had their information stolen in this breach. This data breach relates to the Classical economic theory because that theory states that the government should not intervene, but in this breach, the government did intervene and that theory breaks in this case. The two social science theories that relate to this data breach are the personality theory and the behavioral theory. The personality theory relates to this theory because whoever the intruder or intruders most likely had a personality that could link them to what most black hat hackers are like. The behavioral theory states that behavior is learned and these intruders did this attack because they knew how to and probably have attempted to do different cyber attacks before this one.
Journal Entry 13: A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company’s cyber infrastructure. To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using their penetration testing skills. The policies relate to economics in that they are based on cost/benefits principles. Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true and write a summary reaction to the use of the policies in your journal. Focus primarily on the literature review and the discussion of the findings.
This company, HackerOne, studied bug bounties which are when ethical hackers hired by a company will try to hack into the company’s systems and find weaknesses, so that company can try to patch those weaknesses or improve them as much as they can. The ethical hackers that are hired are called penetration testers. Penetration testers get paid to test the cyber infrastructure of a company to see if there are any vulnerabilities and they report them to the company and the company does its best to fix them. Different penetration testers have different techniques and skill sets when it comes to ethical hacking, so it is good to use more than one, so you can’t get as much feedback as possible from bug bounties. HackerOne is still trying to convince people that there is value in bug bounties as time goes on and the companies they may be under contract with can still benefit from bug bounties. Bug bounties have become more popular and will continue to rise in popularity as time goes on and they will become pretty common.
Journal Entry 14: Andriy Slynchuk has described eleven things Internet users do that may be illegal. Review what the author says and write a paragraph describing the five most serious violations and why you think those offenses are serious.
The 5 most serious out of the 11 are recording a VOIP call without consent, faking your identity online, using other people’s internet networks, collecting information about children, and bullying and trolling. Recording a VOIP call without consent is serious because you could be invading someone’s privacy if they were talking to someone close to them or something important that should be kept private. Faking your identity online is also serious because you could be fooling someone into thinking you are someone else and could be scamming people or giving someone false hope no matter what that person is faking their identity for. Using other people’s internet networks is serious because you are using their internet which they pay for to use themselves and people that are their friends or family. They don’t get their internet to let some random person use it, and doing so could be considered stealing since someone is paying for that service. Collecting information about children is wrong and nobody should be doing that since these are children and people shouldn’t be collecting information about them online. Finally, bullying and trolling online is also wrong once it gets to a certain level because there are certain people that don’t show their emotion and it could give them mental harm which could lead to them doing physical harm to themselves.
Journal Entry 15: Digital Forensics | Davin Teo | TEDxHongKongSalon – YouTube Watch this video and think about how the career of digital forensics investigators relate to the social sciences. Write a journal entry describing what you think about the speaker’s pathway to his career.
There weren’t many educational opportunities in the IT field for the speaker, so he was put into it for a job and stuck with it. He started in a small accounting practice and they were looking for an IT person to help with their networks and thought he would be able to handle it. IT started to grow on him and he became more interested in it. He worked in the first digital forensics practice in Australia. He wasn’t sure what it would entail, but he took the opportunity from an email he received and went through with it. I think his journey to his career was a good way to just find where you want to be. He started with accounting and ended up in the IT field and enjoyed where he was and stuck with IT. With not many educational options to get in the IT field, you have to find your way there and that is what the speaker did with his situation.