Reflection 6 – CYSE 368
Victoria Sanderson
CYSE 368
Spring 2026
Professor Teresa Duvall
Vital Solutions
Reflection Paper 6
Now nearing the end of this semester and another two weeks of being a Cyber Incident Responder, my monitoring capabilities on the network have become stagnant, except for a few new tasks I pick up or am taught. I continue to identify potential insider threats and ensure compliance with all our company devices. These past two weeks have carried a few new tasks that I completed, including scanning for unauthorized wireless devices, reviewing potential unauthorized browsing activity across the network, and analyzing suspicious behaviors such as questionable search histories, inappropriate content access, and irregular login activity during work hours. While working on these tasks, all of them had something in common: using tools like Palo Alto security platforms and Splunk, both of which are used to monitor network activity and see in detail what’s going on.
When it came to scanning for unauthorized wireless devices across 100s of wireless networks and devices, I had to sift through them and enter them into an Excel file to be sent to our log storage. It’s not common for unauthorized wireless devices to pose a major security risk where I’m at. However, they can still create hidden access points into an otherwise secure network, especially around rooms they shouldn’t be in. The devices I come across include rogue routers, unauthorized hotspots, or even personal devices connected without proper authorization (phones or watches). My role involved using network monitoring tools to detect signals and device connections that did not match the list of approved hardware. This required careful attention to detail and a strong understanding of what normal network behavior should look like.
Another key responsibility I carried out involved reviewing possible unauthorized browsing activity across the network. This is another task that required me to comb through users’ devices and their browsing logs to identify questionable or suspicious activity conducted on company devices during work hours. These activities included accessing inappropriate content, such as pornographic websites, or visiting websites unrelated to work responsibilities. We do have a block in place that’s supposed to regulate these types of searches and websites, but some slip through. There were many cases where users logged into accounts or systems at times that did not align with expected work schedules, which could sometimes require hours of log splunking. These behaviors often included indications of misuse of company resources, policy violations, or even potential security threats.
Monitoring this kind of behavior often required me to maintain professionalism and objectivity, especially when it came to explicit content, which often could include CP. While reviewing logs that contained questionable or inappropriate content, it was important to focus on the technical and policy-related aspects of the activity rather than the personal nature of the content itself. This responsibility taught me the importance of confidentiality and ethical handling of sensitive information. Cybersecurity professionals often have access to highly sensitive user data, and it is critical to treat that information responsibly and use it only for legitimate security purposes.
All of these tasks made me rely heavily on Palo Alto security tools, which played a central role in monitoring web traffic and filtering network activity. Palo Alto platforms allowed me to view web-browsing patterns, identify blocked or flagged websites, and analyze traffic categories by risk level. The system categorized websites into categories such as social media, adult content, and potentially malicious domains. This made it easier to identify policy violations and suspicious behaviors. Learning how to navigate these dashboards improved my ability to interpret data quickly and accurately. I became more comfortable identifying patterns in user activity and determining whether a specific action warranted further investigation, which oftentimes it did when it came to adult content sites. Luckily, this is a rare occurrence and only happens around once or twice a year. I just so happened to be present during one of the investigations.
In addition to using Palo Alto, I used Splunk extensively to get the finer details of the activity that is going on. I had to do this by analyzing logs and investigating suspicious browsing activity after the occurrence with Palos. Splunk provides a more centralized platform for searching, filtering, and visualizing large volumes of data. I learned how to create queries that allowed me to search for specific keywords, timestamps, and user behaviors. For example, if there was concern about inappropriate browsing during work hours, I could filter logs to display activity occurring within specific time ranges and identify whether certain users accessed restricted categories of websites. Splunk also allowed me to correlate events across multiple data sources, which was especially useful when investigating irregular login activity or unusual browsing behavior.
Looking ahead, I believe the skills I developed during these two weeks will be highly beneficial for my future career as a Cyber Incident Responder and for my goal of becoming a forensic engineer. This is because the biggest things I learned from both experiences are the interesting aspects of reviewing browsing activity, such as identifying patterns of behavior that did not match expected usage. This reinforced my interest in cybersecurity operations, specifically in the parts to find the rotten apples. Another important part learned was documenting all this information found in the logs for potential use in legal terms I can’t go into. Overall, it was a great learning experience and made me feel more ready to further progress in my career.
Reflection 5 – CYSE 368
Victoria Sanderson
CYSE 368
Spring 2026
Professor Teresa Duvall
Vital Solutions
Reflection Paper 5
Following the end of March, and the government is getting a bit on edge, there have been lots of patches I had to do and look out for. I can’t mention the exact things I had to do, but I can give an overview of everything. Matters are becoming more serious, and having a secure network is more important than ever, so keeping up with patches and alerts is an absolute must. These experiences were not only technical in nature but also required communication, critical thinking, and fast response. The primary tasks I focused on all go hand in hand with each other, such as reviewing CVE alerts and distributing them across the company, analyzing and prioritizing necessary patches, and implementing various operational orders such as blocks, unblocks, product surveys, and security updates. All these tasks allow me to learn the responsibilities of keeping my environment safe, fast, and efficient.
Starting with reviewing CVEs (Common Vulnerabilities and Exposures) alerts and ensuring that relevant information was communicated effectively to the organization. At first, this task seems simple enough, but it’s not just about reading alerts and sending them out; you quickly realize it requires a bit more digging. Not every CVE is equal; some are sorted from unclassified to classified, and my job is to ensure CVEs are correctly identified and sent out based on importance. This meant paying close attention to severity ratings, affected systems, and potential exploitability.
CVEs aren’t like other alerts or patches we get at my company; these vulnerabilities demand immediate attention, whereas others can be monitored over time and patched over a longer timeframe. This is a very good way to learn how to prioritize threats, a critical skill in cybersecurity. Additionally, I had to ensure that the alerts I sent were clear and actionable. It wasn’t enough to simply forward information; I needed to contextualize it so that other team members could understand its significance and respond accordingly.
Following up with the second main task I had to do, which was reviewing and identifying necessary patches for both security and network systems, often based on the CVEs I had analyzed. This task required me to connect vulnerabilities to their corresponding fixes, based on multiple other companies/agencies’ patching requirements that they sent us. When doing this job, you need to have a basic understanding of what risks could be associated with delaying your company and other potential impacts on system stability.
There is one thing that can occur quite often, and that is patches that are wrong. Sometimes patches are sent to us that actually repeat something or say a legit device that’s actually crucial to our job that shouldn’t be messed with. If we were to go forward with these blocks or patch them, it could very well take down the company. This alone can reinforce the idea that cybersecurity is about being very thorough with everything, even from a trusted agency, because everything makes mistakes. By the end of the two weeks, I felt more confident in my ability to assess vulnerabilities, determine questionable changes, and follow appropriate remediation steps.
The third major component of my experience involved implementing various orders and tasks assigned by my supervisors. These included conducting product surveys, managing IP blocks and unblocks, and performing security updates (CVE’s and other agencies again). This aspect of the job was particularly dynamic, as it required me to adapt quickly to different types of tasks and priorities. Unlike the more structured processes of reviewing CVEs and patches, these assignments often came with less guidance, pushing me to think independently and make informed decisions. This lack of guidance came from the way the wording can go with these orders, and it often seems confusing because everything either has no information at all or is 3 paragraphs of filler.
Handling blocks and unblocks, for example, required careful consideration to avoid disrupting legitimate activity while still protecting the network from potential threats. This is the main task I get from these orders, and about once a month, there’s a chance they miss a letter or paste the wrong thing into Excel, and it can mess everything up. This responsibility is very important, and the level of precision and accountability can be high if something goes wrong. A single mistake could have significant consequences, either by allowing a threat to persist or by unnecessarily restricting user access. Then there is conducting product surveys, which also provides valuable insight into the tools and technologies used within the organization. This opens me up to different security solutions and helps me understand how they fit into the overall security architecture. It also gave me a chance to evaluate the effectiveness of these tools, which is an important aspect of maintaining a strong security posture.
Overall, these experiences have given me a deep understanding of how the corporate IT field works and what it means to work in a cybersecurity role. I have seen firsthand how different aspects of security, threat intelligence, vulnerability management, and operational response are interconnected. With CVEs being the main head of these past two weeks, it helped me identify potential threats, analyzing patches allowed me to address those threats, and implementing tasks enabled me to take direct action to protect our company’s network.
Reflection 4 – CYSE 368
Victoria Sanderson
CYSE 368
Spring 2026
Professor Teresa Duvall
Vital Solutions
Reflection Paper 4
Over the past 2 weeks, work has been slowly calming down, giving me the opportunity to further develop my professional presence in the workplace. While many people assume internships are mostly about technical training, I have come to realize that they also involve building relationships, learning how teams operate, and lastly understanding the different kinds of people you will encounter. During this period, I also focused on work activities beyond communicating with coworkers and making my presence known in hopes of advancing my career, while analyzing intrusion prevention systems (IPS) to find out what users, Ips, and systems could be deemed malicious to our company
To start off, one of the most important things I focused on over the past two weeks was interacting more with my coworkers and making sure people at least knew who I was for future reference. At first, I did not want to do it and would much rather focus on my work skills, but I quickly realized that networking in the workplace can be just as valuable (depending on whom you talk to). I know the job I’m working with right now relies on open communication and collaboration. For example, we have a transparent agenda through our teams: our analysts, engineers, network administrators, and incident responders frequently work together to investigate threats and maintain secure systems. Because of this, it became clear that building relationships with coworkers could help me better understand the organization and also potentially open doors for future opportunities.
I think everyone can understand that when you first start a job, it’s a bit nerve-racking. I can 100% say that when I first started, I was more reserved and mainly focused on completing assigned tasks. However, over the past two weeks, I made a deliberate effort to speak with more members of the team when I found the time. I asked questions about their roles, how long they had been working here, what skills they believed were most valuable in the industry, and, depending on the person, whether they liked what they were doing. These conversations gave me an understanding of others’ wisdom that I could not get from textbooks or training modules. Many of my coworkers shared their own career paths, explaining how they started in entry-level positions and gradually moved into more specialized roles in which they are now.
The second major activity I focused on over the past two weeks was reviewing IPS alerts to determine which IPs were malicious. Intrusion Prevention Systems are critical as their main reason for existing is to monitor network traffic for suspicious patterns that may indicate attacks or unauthorized activity. However, not every alert generated by an IPS represents an actual threat. Many alerts turn out to be false positives, meaning they appear suspicious but are actually legitimate traffic. Because of this, analysts must carefully review alerts and determine whether action is needed.
I used security tools such as Cisco Firepower and Palo Alto platforms to review IPS alerts. These tools provide detailed information about network traffic, including source and destination IP addresses, their ports, protocols, and the initial reason why the alerts were triggered. When reviewing an alert, the first step was to examine the traffic’s context. For example, I would look at where the traffic originated by going on Whois or Virustotal. Then I would look at where the source was targeting, figure out which device it was attacking, and what type of activity was detected. Another thing to be wary of when looking at the source is that we do have monthly scans that can look like malicious traffic. It’s very important to carefully look into each individual IP, because one may be our very own, and we don’t want that blocked.
The third major responsibility I handled during the past two weeks was implementing blocks for malicious IP addresses. Once an IP address was confirmed to be associated with malicious activity, the next step was often to prevent further communication with that source. I do this by sending the block tickets to the networking team that works alongside the security team. As I’m about to place these blocks, it is important to ensure that the IP address is actually malicious before acting. Blocking legitimate traffic could disrupt business operations or prevent users from accessing important services; for example, unauthorized personnel attempted this with Google a few weeks back. Because of this, analysts must verify their findings before implementing blocks. This verification process usually involves reviewing logs and any previous tickets and confirming that the traffic clearly represents malicious behavior using services like VirusTotal.
However, there is one problem with blocking, even if it does get rid of that one IP, one more is soon to follow, that’s by the exact same attacker. That’s because attackers often change IP addresses or use a distributed infrastructure to launch attacks. Because of this, cybersecurity defenses must constantly adapt. Blocking a single IP address might temporarily stop a specific attacker, but monitoring must continue to ensure new threats are detected. Most of our services already have auto-block IPs at the firewall, but these permanent blocks prevent them from appearing at all.
Overall, the past two weeks of my internship have been different. By making an effort to talk with coworkers and build professional relationships, I made a good introduction that will hopefully help me in the future. Then I had a good time analyzing IPS alerts, and I improved my ability to evaluate network activity and distinguish between false positives and genuine threats. Finally, I got to implement blocks for malicious IP addresses, allowing me to actively participate in protecting the organization’s network from potential attacks.
Reflection Paper 3 – CYSE 368
Victoria Sanderson
CYSE 368
Spring 2026
Professor Teresa Duvall
Vital Solutions
Reflection Paper 3
For the last two weeks, it’s been getting a little wild with the amount of work that’s been given to all of us. However, the amount of work and stress did give me a new understanding of how daily operational tasks can go from calm to hectic rather quickly. My department of cybersecurity incident response may not have gotten the worst of the paperwork storm, but this prepared me for future reference: things can become much worse. While my tasks haven’t changed as much as others’, my main responsibilities have focused on updating tickets, tracking down information related to IPs and numerous tickets, and updating/ reviewing logs. This is where I started setting up a routine on the surface, and I learned very quickly that each of these tasks plays a critical role in maintaining situational awareness, accountability, and response readiness within an IT and security environment.
Now, going over one of my primary activities from the last two weeks, I worked on updating some of the many tickets that we accumulated from this busy month. Each day, I set a goal for what I would do and began by reviewing open and newly assigned tickets in the ticketing system. These tickets ranged from alerts, updates, and compliance issues. My responsibility was to carefully read each ticket, verify the reported issue, and ensure all required fields were completed correctly. This included confirming the device information, the user involved, the time the issue occurred, any actions that had already been taken, and ensuring all the correct information was filled out.
While going through and updating tickets, I learned that keeping them up to date isn’t simply about getting them done, but allows you to have archives. Having good documentation of what was done, what was discovered, and what the next steps should be can make future issues go a whole lot smoother. I often had to add detailed notes on troubleshooting steps, user communications, and any evidence gathered from logs or monitoring tools. I also updated ticket statuses appropriately based on the ticket’s situation. Having clear ticket updates prevents duplicated effort and ensures continuity between your shifts and other teams.
There was another main thing I did that was closely tied to ticket updates: tracking down information onIP addresses and tickets. Many of the tickets require investigating specific IP addresses that appear in alerts, logs, or user reports. During these two weeks, I spent significant time identifying where an IP address originated, which system it was associated with, and whether it was associated with an internal asset or an external source. I often had to cross-reference multiple systems, such as our data center assets, network monitoring tools, or mixed-up previous tickets, to determine whether the IP had been seen before or was linked to a known device or user.
There were several cases in which the tickets initially lacked sufficient information, requiring additional investigation. I learned how to follow small clues from looking up timestamps, usernames, or hostnames, which I used to locate more complete records. This investigative process helped me develop stronger critical thinking skills, which all reminded me of a really tricky easter egg hunt. It also showed me how even a small detail in a ticket can become extremely important when determining whether an issue is simply a configuration problem or something that may require a deeper security review.
There was another responsibility that went along with updating the tickets; it was updating the logs along with it. Whenever actions were taken on devices, tickets, or systems, I made sure they were properly recorded in my personal internal logs. This included logging configuration changes, device updates, system movements, and any follow-up actions taken after user communication. I learned that accurate logs are essential in the workplace because, when the day comes for an audit, all the information will be there. Overall, this routine I’m following with updating everything allows me to understand the normal baseline behavior of systems. By becoming more familiar with what typical activity looks like, I will be better able to notice anomalies in our systems.
Reflection Paper 2 – CYSE 368
Victoria Sanderson
CYSE 368
Spring 2026
Professor Teresa Duvall
Vital Solutions
Reflection Paper 2
For the past two weeks, I’ve been working; there have been multiple new things that I had to get my hands into. The main thing I had to get into was the hardware devices and organizational communication that my job uses on a daily basis. That includes learning how to be practical and to sort them all out from one another. Leading me to contact some of the system owners and find the device locations to properly assign them to the right category for future tickets or problems I may have to solve. Then there was a surprise tabletop simulation that everyone in the IT department was required to do.
To help me get accustomed to my job and ensure everyone receives their annual training, a tabletop simulation was held on Feb 10. This was a very convenient time for me to be here, since it would be my first cybersecurity tabletop simulation. During this exercise, I was presented with various scenarios, including detecting suspicious network traffic and responding to potential security threats. The simulation helped everyone get a fresh update on their job. It also showed how to think critically and make real-time decisions while understanding the importance of following proper protocols. The only bad thing about the whole simulation was that most of the questions were something we don’t handle in my group as much, but if it were to ever occur, I would at least know the right answer.
The biggest part of my job this week, apart from the tabletop, was familiarizing myself with the devices and products used within the company, specifically IBM and Cisco devices. This included understanding the basic functionality, configuration, and purpose of each device. As becoming comfortable with these technologies is a crucial part of my learning process, it allows me to get direct experience, so I can hopefully find it without help. This is especially useful, given that we work with a large-scale IT infrastructure that operates multiple devices with distinct functions to maintain network security and efficiency. This isn’t just for me, either; having someone keep everything up to date on the hardware end can help everyone have up-to-date spreadsheets so they can properly do their jobs.
As I further sorted through all the devices and learned where they all went, I also had to learn to communicate with these system owners. This allowed me to further progress in experience in communication and organizational tasks. That was because I had to contact a vast number of users for updates and determine where each device should be allocated. This task required careful attention to detail, clarity in communication, and proper documentation on my part. This was a long and tedious process that will continue to update as people come and go, leading me to learn how to make a well-made spreadsheet and update previous ones. This showed me the importance of keeping IT systems organized and up to date, which is essential for both operational efficiency and security.
Overall, through my experience, I think I’m finally becoming comfortable in my workspace and getting accustomed to all the tasks I have to do. That is because I not only improved my technical knowledge in this field but also learned a bit about networking devices. Then the Tabletop helped me better understand certain situations if they were to ever arise. So I can say these last 2 weeks were a success in my book, and I do hope to further learn more about my job to hopefully make it easier for the long run.
Reflection 1 – CYSE 368
Victoria Sanderson
CYSE 368
Spring 2026
Professor Teresa Duvall
Vital Solutions
Reflection Paper 1
Following my first couple of weeks in my cyber internship, I had to review many different types of tools that were used over the course of the 2 weeks. The second thing was completing ongoing training, such as cyber awareness courses, which need to be done annually in the job description. The third major thing I was focusing on was actively helping users with security concerns. The big point I learned while working here was that technology alone cannot protect an organization; there indeed needs to be a third party in the middle that makes sure all goes smoothly. To make this process easier its best to understand how to evaluate tools, stay current through training, and translate technical knowledge into practical help for everyday users.
To get more in-depth, each tool I had to learn and maneuver around really helped my understanding of cybersecurity further. The tools we are given are extensions to protect all their users, and it is an important responsibility in modern cybersecurity work. The company I work for, like many others rely on a wide range of tools that monitor endpoints, have response platforms, intrusion detection systems, vulnerability scanners, log management systems, and digital forensics tools. Each tool is designed to address a different part of the network and any vulnerabilities it may have, as there is no single solution that is sufficient on its own. For a thorough review, it involves understanding what a tool is designed to do, such as how it integrates with existing infrastructure, and whether it produces accurate and actionable alerts. In practice, this means testing tools in realistic environments, examining false positives, and determining whether analysts can easily interpret the results. For people working in security operations, incident response, or auditing roles, having the proper evaluation tools includes reviewing logging capabilities, data retention, reporting features, and compliance alignment. Alongside technical tool evaluation, continuous training is equally critical.
A big part of any company is training, as it allows for a hopefully safer environment for all its users. Cyber awareness and security training programs are one of the biggest courses you have to take annually to allow everyone to be taught how to keep their network safe. Even if there are technical tools that can detect many threats, they are often most effective when users are trained to recognize early warning signs and report them quickly. Cyber awareness training reinforces how phishing attacks work, why attackers use social engineering, and how even small mistakes can lead to larger compromises. As someone who regularly assists users, this training helps me communicate clearly and without technical jargon, making security guidance easier to understand and follow.
The third major part I had to do a lot of while working here was helping users who believe they are experiencing security problems. This helped me learn how to communicate with many different types of personalities and deal with some unnecessary problems that couldn’t have been learned through the training I stated earlier. Users are quick to rush to us for every issue, some include unexpected traffic, strange emails, account lockouts (not our job), strange login notifications (also not our job), or unusual system slowdowns (its windows updates). When a user reports a concern, we must carefully assess whether the problem is caused by malicious activity, misconfiguration, or routine system behavior. This process requires asking the right questions, preserving potential evidence, and avoiding actions that could unintentionally destroy valuable forensic data if need of an investigation. Even when a reported issue turns out to be benign, the response still matters. Providing clear explanations and practical guidance builds trust and encourages users to report future incidents rather than ignoring them.
Journal 15
When it came to watching the video on digital forensics investigators have a challenging job that requires them to solve puzzles that fit snugly with social sciences. While their primary responsibility is to investigate digital clues to catch cyber criminals, their discoveries have far-reaching consequences in our social world. To get to the root of cyber crimes, these investigators must deeply understand what motivates people – their behaviors, thoughts, and the overall role of society. It’s crucial to realize that cyber crimes don’t just affect technology; they devastate people’s lives, communities, and occasionally even entire countries. Therefore, digital forensics investigators must be part hackers, psychologists, and sociologists. By the video and how it dives into what drives people and understanding the broader social landscape, they can solve cases and help us all make sense of the complex world of cybercrime. Thus, it’s not just a matter of finding digital clues; it’s also about comprehending how our digital and social worlds intersect and ensuring that we’re all safer online. The video not only proven my believe as he goes over details of the job and what there job is to do.
Career Paper
Victoria Sanderson
4/4/2024
Career Paper
There are many jobs in the cyber security field that work with social sciences, but cybersecurity incident responders play a major role in safeguarding digital assets and mitigating the impact of cyber threats on organizations. But what do incident responders have to do with social science? These responders have technical skills crucial for incorporating principles and research that cooperate with social science. This paper will examine the critical concepts learned in class and how they apply to addressing cyber threats. By exploring the integration of technical skills with principles from social science research, we can better understand how incident responders safeguard digital assets and mitigate the impact of cyber threats. Let us not underestimate the importance of this work and the vital role of incident responders in protecting digital assets.
Social science research provides insights into factors influencing cybercrime trends and vulnerabilities. For instance, studies have shown that marginalized communities often face large amounts of exposure to cyber threats due to factors such as limited access to resources, education, and support systems. As such, incident responders must prioritize efforts to protect these vulnerable groups to address systemic cyber risks. Understanding human behavior processes goes with these factors, which is critical in anticipating and mitigating cyber threats. Social engineering attacks exploit human psychology to manipulate people into divulging sensitive information or performing harmful actions are a prime example. By drawing from social science research on behavioral patterns, responders can develop more effective strategies for identifying and thwarting social engineering tactics.
Lastly, to add incident responders, rely on social science principles such as communication and collaboration to effectively coordinate responses to cyber incidents. They must involve incident responders and utilize these principles. Coordination includes all types of businesses and corporations, such as stakeholders, technical experts, legal advisors, and public relations professionals. Communication channels and collaborative teamwork are critical, especially in complex and high-pressure situations, especially when working with higher-tier corps. By applying principles from social science research on effective communication and teamwork dynamics, responders can improve their crisis management abilities and reduce the impact of cyber incidents on organizations and society.
To conclude, cybersecurity incident responders are crucial in protecting digital assets and minimizing the impact of cyber threats on organizations. Despite their technical focus, incident responders have main principles and research around social sciences. This paper reviewed many technical skills and insights from social science research incident responders can develop comprehensive strategies to address cyber threats. Social science research provides valuable insights into the factors that influence cybercrime trends and vulnerabilities, including the disproportionate exposure of marginalized communities to cyber threats. These are why Incident responders are an excellent example when dealing with social science.
Citations
Alexander, L., Athanassoulis, N., Bbc, Bezuidenhout, M., Chantler, A. N., ComputingCases, Debrosse, J., Gowdy, L. N., Gragg, D., Granger, S., Hadnagy, C., & Harman, G. (2015, September 9). Necessity for Ethics in Social Engineering Research. Computers & Security. https://www.sciencedirect.com/science/article/abs/pii/S0167404815001224
Ebert , N. a. (2023, August 19). Learning from safety science: A way forward for studying cybersecurity incidents in organizations. Computers & Security. https://www.sciencedirect.com/science/article/pii/S0167404823003450
Moore, T., & Pym, D. (2015, January 20). Editorial. OUP Academic. https://academic.oup.com/cybersecurity/article/2/2/119/2909320
Article Review 2
Victoria Sanderson
3/21/2024
Article review #2.
Chosen Article: Understanding the Relationship between Digital Literacy, Privacy Concerns, and Cybersecurity Behavior
- Intro
The chosen article, titled “Impact of Digital Literacy and Online Privacy Concerns on Cybersecurity Behavior,” has been published in the International Journal of Cyber Criminology. While reading over, the relationship between digital literacy, concerns regarding online privacy, and the resultant behaviors in the world of cybersecurity are thoroughly examined (Elrayah & Jamil, 2023). So, in this article review, I wish to delve into the facts of the study and explain its core components, and to start with I will go into the research studies conducted.
- Research questions and studies.
This study thoroughly examines how various aspects of digital literacy impact people’s cybersecurity behavior. It uses surveys to gather data from individuals in different cities in Saudi Arabia and analyzes the relationships between different variables using regression and moderation analysis. To add on, the study explores how human behavior in the digital world relates to broader social science principles, focusing on factors like digital literacy, citizenship, content curation, networking, and privacy concerns (Elrayah & Jamil, 2023). Overall, it offers valuable insights into the complex relationship between technology and society in shaping cybersecurity practices.
- Key points
In this research article, many findings highlighted several noteworthy points. Firstly, there’s a positive correlation between copyright awareness and cybersecurity behavior, despite copyright knowledge potentially hindering proactive cybersecurity practices. Secondly, responsible digital citizenship, content curation, networking, and online privacy concerns positively influence cybersecurity behavior. Lastly, cybersecurity awareness moderates the relationship between digital literacy variables and cybersecurity behavior (Elrayah & Jamil, 2023).
- Contributions
To add it mentioned in the requirements if there are any Marginalized groups, while the article does not explicitly address these groups, its implications are pertinent to them. Access to digital literacy resources and online privacy concerns may vary based on geographical and demographic factors. Connecting the digital divide and addressing privacy issues can contribute to empowering marginalized communities in the digital sphere. This article may not have a direct connection to groups, but they do contribute quite a bit to society. The study contributes significantly to society by bringing up the complex dynamics between digital literacy, privacy concerns, and cybersecurity behavior. It underscores the importance of cybersecurity awareness and responsible digital citizenship in promoting safer online practices. Its findings also inform policymakers and organizations in tailoring cybersecurity education programs and developing privacy-centric technologies.
- Conclusion
To conclude this experience, it’s to be said that the study advances our understanding of the relationship between digital literacy, privacy concerns, and cybersecurity behavior. By addressing these factors, it creates a way for a more secure and inclusive digital future.