Week 1 – Journal Entry
The Main areas I would be interested in are Protect and defend and securely provision. More in depth I would like to work as incident response or vulnerability assessment or management. Because I would love to be able to help defend or fight back when it comes to cyber attacks. I want to be the person who helps stop them and helps make it so that breach wont happen the same way again. For securely provision I would really like to be either a member of risk management or a software developer because the thought of making life easier with programs that I created really fascinates me.
Week 2 – Journal Entry
In cybersecurity the scientific method helps the research of weakness and the start of countermeasures. Observation includes monitoring systems to identify possible threats, while on the other hand experimentation simulates attacks to find and understand weaknesses. Gathering evidence through analysis helps in crafting more advanced defense systems. To add on to that, the scientific principles of repeatability and falsifiability are very important and needed. Security measures have to be available to re-use across multiple different scenarios. And hypotheses of said feasible threats must be falsifiable throughout testing. This evidence-driven approach is very much needed for adaptation to constantly stop these cyber threats that keep advancing day by day. Another aspect is interdisciplinary collaboration where principles of science come into play. Cybersecurity takes from very diverse places such as psychology, law, and computer science. And by adding knowledge from these fields and disciplines, the foundation of science strengthens the approach of securing digital systems.
Week 3 – Journal Entry
Using PrivacyRights.org I learned some of the many ways researchers use this public information. Such as, Incident analysis, Preventive measures, Public policy and advocacy, Regulatory compliance, and Impact assessment. Researchers leverage this information to conduct comprehensive studies on these incidents. They reconstruct the timelines, discern attacks, and pinpoint entryways. They identify adversaries, while motivation analyses go into the underlying reasons behind these breaches. Shedding light on the diverse landscape of cyber threats. Assessment of impact stretches to financial implications for organizations and cost that’s related to incident cost, fines, and damage. Researchers help make a more secured digital landscape by constantly advocating for policy changes and recommending improvements in cybersecurity standards.
Week 4 – Journal Entry
Maslow’s Hierarchy of Needs are; phycological needs, Safety needs, Love and belonging, Esteem Needs, and Self-Actualization. Lets start with phycological needs, In the modern world we need things such as the internet smart phones and other electronics to get by day to day. Next Safety Needs, Devices give a sense of security because with the touch of a button we can call our family, friends, or even the police if we need them in a dire situation. Love and belonging is for social medias and other outlets that let us feel like we have a connection with people or even ourselves, These digital places allow members to share experiences and connect to a broader group of individuals. Esteem Needs are things such as likes, comments, shares, or other forms of traction that gives the person a self esteem boost making them feel better about themselves. And Lastly Self-Actualization the highest form of Maslow’s hierarchy is realizing the potential you have and getting to a point of self-fulfillment. platforms, software, and communities help provided opportunities for personal growth.
Week 6 Journal Entry
The three main things I saw with fake websites were, Wrong URLs, poor quality, and content such as grammatical errors. Fake websites will try and fool the person looking for the legitimate one by trying to be as identical as possible as well as trying to steal the person’s information and data. There are lots of subtle give aways to every fake website, you just have to be cautious and be weary when going through websites that don’t look right.
Week 7 – Journal Entry
The 3 photos I chose were,
https://unsplash.com/photos/woman-in-white-button-up-shirt-holding-silver-iphone-6-R6dSBkz32B8
https://unsplash.com/photos/man-sitting-on-concrete-brick-with-opened-laptop-on-his-lap-Z3ownETsdNQ
For the first one, “When my girlfriend sends me outfit of the day”
For the second one, “Me emailing my vet with my owners email telling them i don’t need to go on a diet”
For the last one “Me finding the perfect spot to do my work just to write 1 sentence”
Week 9- Journal entry
On the social media disorder scale I answered yes 4/9 times. I think that the questions on the scale are basic and fair questions that make a person question how much they really use social media. If the amount of questions they answered yes to shocks them it allows them to realize what they need to do in order to change. The reason I think the same social media patterns are discovered across the world is because of how addicting social media is especially to children when that’s the only thing they want to do. We need to work harder to change how much we use it and especially how much our kids and siblings do as well.
Week 10 – Journal Entry
The journal outlines the emergence and significance of social cybersecurity, a field crucial in understanding and forecasting cyber-mediated changes in human behavior and societal outcomes. It highlights the shift in warfare dynamics, with information warfare becoming a primary tactic for state and nonstate actors, particularly exemplified by Russian strategies. Unlike traditional cybersecurity, social cybersecurity focuses on hacking human behavior using technology, with implications for national security and societal cohesion. The article stresses the need for interdisciplinary approaches, policy adaptation, and education to address emerging threats in the information domain.
Week 11 – Journal Entry
In the field of cybersecurity analysis, it’s not only about deciphering complex codes and algorithms; it’s also about understanding people. Analysts dive into the social aspects behind cyber threats, like how trust is exploited, how misinformation spreads, and how individuals interact online. By grasping these human dynamics, analysts can craft more effective defense strategies against cyber risks and mitigate the broader societal impacts of attacks, such as eroded trust and compromised privacy. So, alongside technical expertise, a solid grasp of human behavior is crucial for tackling cybersecurity challenges in today’s digital landscape.
Week 12 – Journal Entry
The data breach reflects economic theories like information asymmetry and market failure, where customers pay the costs of the breach. From a social sciences perspective, it creates low levels of trust between consumers and businesses and highlights the vulnerability of individuals to cybercrimes, creating the need for victim support and preventive measures.
Week 13 – Journal Entry
The adoption of vulnerability disclosure policies (VDPs) marks a crucial step forward in cybersecurity practices, The literature review underscores the importance of VDPs in encouraging vulnerability reporting. Additionally, the findings help us look into bug bounty programs, including hacker behavior and industry-specific trends. These findings offer guidance for organizations trying to strengthen their security, emphasizing the need for further research.
Week 14 – Journal Entry
This week I was told to look at 11 things internet users do that might be illegal and to pick the top five serious violations and why those offenses should be serious. First we have collecting information about children, not only are they not fully able to understand what is happening but they have little to no involvement in the real world. Second Sharing peoples personal information and passwords, these details about a person could lead them to become a target not just in the online world but also in real life. Third, Bullying I believe that hardcore bullying should have some backspin towards you, telling someone to hurt themselves or even shaming them for things they cannot control should not go without punishment. Fourth, Illegal searches on the internet, not only is this not the smartest thing to do but it also leads the authorities right to you if need be. And finally recording someone’s call without permission, calls are a private matter even if you can hear them doesn’t mean that others need to, spreading this information about others should not be allowed.
Week 15 – Journal Entry
Digital forensics investigators use principles that came from social sciences to help them to understand the human tendencies shown in interactions. This informs their approach to criminal profiling, ethical considerations, and policy development, while also following the design of user friendly tools for a thorough analysis, their careers connect human behavior and technology relying on the foundation of social sciences. I like how the speaker picked his career at random he didn’t know what digital forensics was but he tried it and ended up loving it.
Career Paper
Introduction:
Blue team members are very important in defending a company’s information and network from cyber attacks. The typical day for a blue team member is making sure that unauthorized users do not get access to the data or networks, and being the backbone of security or the company. To actively do these jobs these professionals use research in all parts of their work. This paper will go over how the concepts we learned in class are applied to the lives of blue team members, with attention towards relevance in cybersecurity challenges and marginalized groups and society.
Human Behavior in Cybersecurity:
Understanding human tendencies is very important for blue team members to be able to predict and control possible social engineering attacks, like phishing or pretexting. Using research from social sciences on human psychology and decision-making, cybersecurity pros make awareness programs and create strategies to battle against these tactics used by criminals. By using these sightlines into human behavior, blue team members can make policies that inspire people to work together, making the defenses within the company stronger against these threats.
Social Science in Risk Assessment:
Social science research methods are influential when it comes to assessing risks and familiarizing oneself with the impact of different cyber threats on various parts of society. Blue team members use sociodemographic data and social standards to highlight resources and alter security measures to protect marginalized groups who might be unreasonably affected by these cyber crimes and possible threats. By mixing research from social science into risk assessment models, cyber professionals can identify vulnerabilities and move resources easier and more effectively to help diminish risks for all those involved.
Ethics in Cybersecurity:
Ethical considerations are central for the work of the blue team members, who dive deep into ethical predicaments in their daily lives. Picking from social science principles, cyber security pros help to keep ethical standards in place and make sure that no one’s privacy is more important. Understanding the ethical indications of their actions, blue team members keep trust and credibility within their company as well as society. Creating a future of accountable and ethical cyber practices.
Cultural Sensitivity in Defense:
In today’s time, cultural awareness and diversity are needed for efficient cybersecurity practices. Research helps blue team members develop cultural proficiency and sensitivity to help accurately convey security risks and concerns across various different communities. By acknowledging and respecting cultural differences, cybersecurity professionals build a level of trust and willingness with stakeholders from various backgrounds all over the earth highlighting the peculiar challenges faced by marginalized groups and encouraging depth in cybersecurity efforts.
Social Science in Cyber Policy:
Social Science research teaches strategy creation and regular obedience efforts in cybersecurity. Blue team members stay alongside changing social, political, and legal orders to make sure that the company’s security measures go with up to date regulations and standards. Embracing insight from social science research into policy structure, cybersecurity professionals encourage fairness, clarity, and depth in all security policies and practices, helping to make a more safe and equitable environment for all.
Conclusion:
In conclusion, the combination of social science research and concepts into the day to day lives of blue team members is necessary for confronting changing problems of cyber security, especially involving marginalized groups and society altogether. By using insights from human tendencies, risk evaluation, ethics, and strategy development, cyber security professionals can increase the successfulness of their security measures, reduce threats more constructively, and help to contribute to a more fair digital landscape. In the future, social science and cyber security should continue to work alongside each other to help create complete approaches to cybersecurity that make inclusivity, fairness, and responsibility number one
Article Reviews.
ARTICLE REVIEW 1
Introduction
The approach taken to digital research in artificial intelligence involves social science principles
such as participatory research, theory development and testing, ethical considerations, objective
and fair AI research and how instruments played an important role. Legal and ethical
responsibilities are also considered.
Research questions and methods
The questions posed in this article were: What are the developments and applications of ai in
criminal investigations? What is the role of ai in digital searches? What are the rules and
regulations governing information derived from AI? How can AI be used to help develop legal
guidance that helps protect individual rights? Methods in this article include descriptive research,
survey research, scientific research methods, and content analysis methods.
Data and analysis
The data and analyzes in this article are authentic digital evidence, privacy concerns and security,
exploratory and descriptive analysis, and authentic digital evidence. These ways of collecting
data and analyzing them are a great way to help make sure all data was collected lawfully.
Challenges, Concerns, and contributions One of the problems discussed in this article is the divide between communities with communication technology and others without equal access. Often there are barriers that prevent certain individuals from accessing data that everyone should be free to access such as race and ethnicity. Another problem is privacy, the statement said there are people and communities who may be at high risk of data use or even surveillance. Contributions discussed in this article
include improving cybersecurity, developing legal frameworks, and promoting everyone’s right
to privacy
Conclusion
The article I reviewed goes to the increasing use of AI for law enforcement to help combat
cybercrime. Its primary use is facial and voice recognition to track down certain criminals. AI is
constantly expanding and being used more and more as the days go by, but that also means a lot
of potential risks. Law enforcement leads AI to target high-risk through data collection and
analysis and help shape society while protecting the rights of every individual. AI also helps in
cases like arrest, punishment and even release. AI also aids surveillance by analyzing real-life
scenarios to help identify potentially criminal behavior, and contributes to a small signal through
body language and verbal communication This research seeks to establish trust and confidence in
courtrooms. Preventing the use of illegally obtained information, or fraudulently obtained
evidence.
ARTICLE REVIEW 2
Introduction
No matter the advancements made in enterprise cyber security, criminals still are able to develop
tools used to aid their cyber attacks. Usual defense measures use random network targeting, but
advanced persistent threats (APTs) choose targets no matter the defenses in its way. They keep
attacking relentlessly until they find a breach. APTs use different attack tools, tactics, and stages
making it very difficult to detect them. Open-source intelligence helps APT detection from
analyzing public data using models like MITRE ATT&CK and the cyber kill chain increases the
chances of early detection and responses to these APT threats.
Related Work
Tons of cybersecurity methods help fight these non stopping threats but face problems due to
complex attack vectors and multi staged advances. Models such as the cyber kill chain and
MITRE ATT&CK benefit APT detection. An increase in APT solution sales shows a concern
throughout industries. Regardless of the studies on multi staged attacks, reviews are lackluster.
This study goes through an intricate literature review. Categorizing APT detection techniques,
going over methods already being used, and offering the idea of enhancements, trying to fill in
the gaps in the research.
Discussion
Figures 5 and 6 show four primary ways APT is detected and used in the industry. With similar
methods being most used, with 60% and 69% in their own categories. Other techniques include
case-based, casual, and structural correlations. Each with their own usage and examination.
Detection relies on susceptibility, identifying, and gaining knowledge of multi stage threats.
Models such as the MITRE ATT&CK and cyber kill chain, help understand uses and implement
strategies for defense.
Conclusion
This article goes into a literature review from January 2015 up until April of 2022, with its main
focus on APTs and their secretive multi targeted attacks. It gives information from both the
academic and business side of things. Showing key themes in detection, with urgency on multi
staged attacks and tactics used by them. Although, it shows a gap in corresponding weaknesses
in APT behavior. To showcase and fix this the article gives the idea of an advanced detection
technique introducing the APT attributes and network weaknesses to aid success.