Journal Entry #1 <\/p>\n\n\n\n
Workforce Framework for Cybersecurity (NICE Framework) | NICCS (cisa.gov)
After reviewing the NICE Workforce Framework for Cybersecurity, I would be interested
in \u201cSecurely Provision\u201d category, particularly roles focused on Risk Management and
Systems Architecture. These areas align closely with my current experience as an
Information System Security Officer (ISSO) and my studies in cybersecurity. I currently
use systems and implementing strategies to mitigate potential threats, which this
category emphasizes.
What I would least be interested in is \u201cOperate and Maintain\u201d category, specifically
positions like Network Operations. While important, I prefer strategic and design oriented tasks. By focusing on risk assessment and security architecture, I aim to
strengthen my expertise in critical, high-level decision-making roles that shape
cybersecurity policies and frameworks.<\/p>\n\n\n\n
Journal Entry #2
The principles of science, including empiricism, determinism, parsimony, and objectivity, are
essential to cybersecurity. Empiricism ensures that decisions are grounded in real-world
evidence, such as analyzing data from breaches or identifying vulnerabilities. Determinism
shows how specific actions or events, like poor password practices, can lead to predictable
outcomes, enabling proactive prevention. Parsimony reminds us to keep security systems as
simple as possible to reduce errors and make them more user-friendly. Finally, objectivity helps
cybersecurity professionals make unbiased decisions, focusing on facts rather than assumptions.
By applying these principles, organizations can develop effective security strategies that address
threats while staying adaptable to changes.<\/p>\n\n\n\n
Journal Entry #3<\/p>\n\n\n\n
PrivacyRights.org provides vital information on data breaches, including the nature of the
breach, the affected entities, and the compromised data types. Researchers can utilize this
database to identify patterns in cyberattacks, such as which industries are most frequently
targeted and what types of data are at greatest risk. Analyzing this data enables researchers to
evaluate how specific security failures occur and to explore trends in attack methods over time.
Furthermore, the site offers insight into how organizations respond to breaches, which can
inform studies on the effectiveness of incident response strategies. By leveraging this
information, researchers can propose actionable solutions to enhance cybersecurity resilience and
better protect sensitive information.<\/p>\n\n\n\n
Journal Entry #4<\/p>\n\n\n\n
Maslow\u2019s Hierarchy of Needs connects to technology in my life. At the physiological level, I rely on technology for food delivery apps and health monitoring devices on my apple watch when I am exercising. For safety needs, cybersecurity tools and two-factor authentication protect my personal data. Social media and messaging apps fulfill my belongingness needs by helping me maintain relationships and stay connected with family and friends. The esteem level is supported through professional achievements shared on LinkedIn. Lastly, self-actualization is enhanced by learning platforms like YouTube, where I develop new skills and explore my interests. Technology shapes and fulfills needs at every level, blending seamlessly into daily life.\u00a0<\/p>\n\n\n\n
Journal Entry #5<\/p>\n\n\n\n
Journal Entry #6<\/p>\n\n\n\n
Week 6 – Journal Entry: Spotting Fake Websites
While researching fake websites, I was surprised at how realistic some of them look. I
found three examples of fraudulent websites and compared them to their real
counterparts, noticing key differences that can help identify scams.<\/p>\n\n\n\n
Journal Entry #7<\/p>\n\n\n\n
Meme 1: \u201cToo Good to Be True\u201d
Image Idea: A person excitedly clicking on an email with the subject line:
“Congratulations! You\u2019ve Won a $500 Gift Card!”
Text:
“Wow! A free gift card? Let me just enter my info real quick!”
Reality: Hackers collecting my credentials like it\u2019s Black Friday.
Relation to Human-Centered Cybersecurity:
This meme represents how phishing scams prey on emotions like excitement and
urgency. I\u2019ve seen so many fake giveaway emails that try to trick people into giving up
their information. A human-centered approach to cybersecurity means educating users
on recognizing these scams before they fall victim to them.
Meme 2: \u201cMy Password Strategy\u201d
Image Idea: A person confidently setting their password as “Password123!” and then
looking confused when they get a security breach notification.
Text:
“Who would ever guess my super-secret password?”
Reality: Literally everyone, including hackers.
Relation to Human-Centered Cybersecurity:
I used to think having a simple password was no big deal\u2014until I learned how easy it is
for hackers to crack common passwords. This meme reminds me why strong, unique
passwords and multi-factor authentication (MFA) are so important. A good security
system should also help users create secure passwords without making it frustrating.
Meme 3: \u201cSticky Note Security\u201d
Image Idea: A sticky note on a computer screen that says “Work Password:
Company123″ while an IT security professional looks horrified in the background.
Text:
Me: \u201cThis way, I won\u2019t forget my password!\u201d
Cybercriminals: \u201cThanks for making my job easy.\u201d
Relation to Human-Centered Cybersecurity:
I\u2019ve seen people do this\u2014writing passwords on sticky notes or saving them in plain text.
It makes me realize that security needs to be convenient for people to actually follow
best practices. Using password managers and encouraging secure habits can help
prevent these everyday security risks.<\/p>\n\n\n\n
Journal Entry #8<\/p>\n\n\n\n
Watching the video made me realize how much movies and TV distort cybersecurity. Many films depict hackers as typing a few lines of code and instantly breaching systems, making hacking seem fast and effortless, when cyberattacks require careful planning, social engineering, and technical expertise. The media also overhyped certain threats, like making every hacker part of a global crime syndicate, while downplaying real-world risks like phishing attacks or weak passwords. While these portrayals make cybersecurity exciting, they often mislead the public into thinking attacks are only a concern for governments or large corporations. A more realistic portrayal of cybersecurity could help people take personal security measures more seriously.<\/p>\n\n\n\n
Journal Entry #9<\/p>\n\n\n\n
Social Media and Cybersecurity Reflection<\/p>\n\n\n\n
After completing the Social Media Disorder Scale, I scored a 1, which indicates “normative usage.” This suggests that while I do use social media, it has not significantly interfered with my responsibilities, relationships, or emotional well-being over the past year. I feel that I can maintain a healthy balance between my online and offline life.<\/p>\n\n\n\n
When reviewing the items on the scale, I thought they were well constructed and addressed key aspects of problematic social media behavior. The questions covered common warning signs such as preoccupation, withdrawal symptoms, and the neglect of other activities, which are consistent with behaviors often seen in addiction-related patterns. I appreciated how the scale didn\u2019t just focus on time spent but also included the emotional and social consequences of excessive social media use.<\/p>\n\n\n\n
I believe that patterns of social media use vary globally due to several factors. Cultural differences play a major role, as some cultures may place more value on in-person interactions, while others are more digitally integrated. Access to technology also shapes usage patterns in countries with widespread internet and smartphone availability may see higher engagement levels. Additionally, socioeconomic conditions and mental health awareness influence how people use social media, whether as a tool for connection, escapism, or information. Lastly, social norms and expectations regarding online behavior differ widely across regions, which helps explain these variations.<\/p>\n\n\n\n
Journal Entry #10<\/p>\n\n\n\n
The article on social cybersecurity highlights how misinformation and cyber
threats are shaping modern conflicts and national security. It emphasizes
that adversaries exploit social media and online platforms to manipulate
public opinion and destabilize societies. One key takeaway for me was the
importance of digital literacy in countering disinformation. As a cybersecurity
student, I found it insightful how the article connects human behavior to
cybersecurity, reinforcing that technology alone isn\u2019t enough\u2014education and
awareness are equally critical. This article broadened my understanding of
cybersecurity beyond technical measures, underscoring the need for a multi-layered approach to defense.<\/p>\n\n\n\n
Journal Entry #11<\/p>\n\n\n\n
The video “What Does a Cybersecurity Analyst Do?” by Nicole Enesse
provides a detailed look into the responsibilities, required skills, and job
outlook for cybersecurity analysts. One key takeaway is how cybersecurity
analysts must understand both technology and human behavior to protect
organizations from threats. Social engineering attacks, such as phishing,
exploiting human psychology rather than technical vulnerabilities,
highlighting the need for security awareness training. Additionally, the role
requires strong communication skills, as analysts often collaborate across
departments to enforce security policies. This video reinforced my
understanding that cybersecurity is not just about technical defenses\u2014it\u2019s
also about educating and influencing people to adopt safer digital habits.<\/p>\n\n\n\n
Journal Entry #12<\/p>\n\n\n\n
Student Analysis: Economic and Social Science Perspectives on a Data Breach Notification
As a cybersecurity student analyzing the sample data breach notification from
Glasswasherparts.com, I found it insightful to connect this real-world event to both economic
and social science theories. This incident involved a security breach on a third-party platform
that exposed customer payment information. The company eventually notified users, outlining
the breach and offering guidance. Below, I explain how two economic theories and two social
science theories relate to this scenario.
Economic Theories<\/p>\n\n\n\n
Journal Entry #13<\/p>\n\n\n\n
<\/p>\n\n\n\n
Journal Reflection \u2013 Bug Bounty Policies and Cybersecurity Strategy
As a cybersecurity student, reading “Hacking for Good: Leveraging HackerOne Data to Develop
an Economic Model of Bug Bounties” gave me a practical perspective on how policy and
economics work together to strengthen cyber defense. The article showed how bug bounty
programs are not just about hiring hackers\u2014they\u2019re about creating an ecosystem were ethical
hackers, or \u201cwhite hats,\u201d can contribute to security while being rewarded fairly.
Thoughts on the Literature Review
What really stood out to me in the literature review was how common it is for security
researchers to avoid reporting bugs due to fear of legal consequences. That surprised me. I had
always thought of bug bounty programs as inviting collaboration, but this made me realize the
importance of clearly written policies and formal agreements between companies and hackers.
It\u2019s not enough to say \u201cwe welcome feedback\u201d\u2014there needs to be a structure that protects
researchers.
The literature review also linked these programs to economic theories, especially the cost benefit principle. For companies, offering a bounty may be less expensive than dealing with the
aftermath of a breach. That cost-efficiency argument made total sense to me, especially coming
from a background where we\u2019re constantly taught to assess risk versus reward in security.
My Take on the Findings
The findings showed that money isn\u2019t the only motivator for ethical hackers\u2014many do it for
skill-building, job opportunities, or even fun. I can relate to that. As someone who\u2019s taken part
in small Capture the Flag (CTF) challenges, the reward is often just solving the puzzle. But for
companies, knowing that non-monetary factors play a role could help them better design their
bounty programs.
I also learned that older bug bounty programs tend to get fewer valid reports, which was an
interesting pattern. It made me think about how attackers and researchers alike always shift to
newer, more vulnerable targets. So, companies can\u2019t just launch a bug bounty once and expect
it too always work they need to evolve and adapt<\/p>\n\n\n\n
Journal Entry #14<\/p>\n\n\n\n
After reviewing Andriy Slynchuk\u2019s article on illegal things people often do online, I believe the five most serious violations are hacking into someone\u2019s account, identity theft, online scams, cyberbullying, and downloading or distributing pirated content. I think hacking and identity theft are extremely serious because they invade a person\u2019s private life and can ruin their financial security and mental well-being. Online scams are also a major threat because they take advantage of people\u2019s trust and can cause real emotional and financial damage. Cyberbullying stands out to me because it often leads to long-term psychological harm, and sometimes even tragic outcomes like suicide. Finally, downloading pirated content might seem harmless at first, but it damages industries like film, music, and software development, hurting creators who deserve to be paid for their work. Reading this article made me more aware of how important it is to respect others online and think about the real consequences behind common internet behavior.<\/p>\n\n\n\n
Journal Entry #15<\/p>\n\n\n\n
After watching Davin Teo\u2019s TEDx talk on digital forensics, I was surprised by how deeply his career intertwines with the social sciences. At first glance, digital forensics sounds purely technical data recovery, investigating cybercrime, and working with machines. But the way Davin explained his work made me realize that understanding human behavior is just as important as understanding technology.<\/p>\n\n\n\n
Davin didn\u2019t start off in digital forensics. His journey took twists and turns, including time in corporate environments and different cultural settings, before he found his calling in forensics. What stood out to me was how his experiences with people, not just computers, helped shape his perspective. His work often involves thinking like the person who committed the crime asking questions like: Why would someone does this? What patterns of behavior led to this digital footprint?<\/em> That\u2019s where the social sciences come in.<\/p>\n\n\n\n Fields like psychology, sociology, and criminology help digital forensics investigators understand motivation, deception, and even social engineering tactics. Davin emphasized that his job is not just about analyzing hard drives it\u2019s about putting together stories and behaviors, kind of like a digital detective. This is really connected to the idea that technological crimes are still very human at their core.<\/p>\n\n\n\n His pathway made me reflect on how important it is to be open to different experiences and disciplines. Just because a career is technical doesn\u2019t mean it lacks a human side. In fact, the best investigators probably need<\/em> that social science mindset to really be effective. I admire how Davin brought empathy, curiosity, and critical thinking into his career, and it makes me more excited about blending cybersecurity with social understanding in my own path.<\/p>\n\n\n\n Article Review #1<\/p>\n\n\nArticle-review-1 Article Review #2<\/p>\n\n\nArticle-review-2 Journal Entries Journal Entry #1 Workforce Framework for Cybersecurity (NICE Framework) | NICCS (cisa.gov)After reviewing the NICE Workforce Framework for Cybersecurity, I would be interestedin \u201cSecurely Provision\u201d category, particularly roles focused on Risk Management andSystems Architecture. These areas align closely… Continue Reading →<\/a><\/p>\n","protected":false},"author":30482,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/student.wp.odu.edu\/cdard004\/wp-json\/wp\/v2\/pages\/13"}],"collection":[{"href":"https:\/\/student.wp.odu.edu\/cdard004\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/student.wp.odu.edu\/cdard004\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/student.wp.odu.edu\/cdard004\/wp-json\/wp\/v2\/users\/30482"}],"replies":[{"embeddable":true,"href":"https:\/\/student.wp.odu.edu\/cdard004\/wp-json\/wp\/v2\/comments?post=13"}],"version-history":[{"count":3,"href":"https:\/\/student.wp.odu.edu\/cdard004\/wp-json\/wp\/v2\/pages\/13\/revisions"}],"predecessor-version":[{"id":56,"href":"https:\/\/student.wp.odu.edu\/cdard004\/wp-json\/wp\/v2\/pages\/13\/revisions\/56"}],"wp:attachment":[{"href":"https:\/\/student.wp.odu.edu\/cdard004\/wp-json\/wp\/v2\/media?parent=13"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Article Reviews <\/h2>\n\n\n\n
Career Papers<\/h2>\n\n\nCareer-Paper