Module 1

I am currently an IT administrator contractor, and I didn’t know that the NICE Workforce Framework was a thing, but after reading through it, I can definitely see that the enterprise foundation of the people I work for is based on this framework. The concepts I want to focus my career on are “Operate and Maintain” and “Protect and Defend”. These concepts align with my realm of interest because I am not really into developing people or tech; I prefer working on what’s already there and established, and to keep my career interesting, I want to defend what has been established.

What appeals to me the most is “Operate and Maintain” because that’s what I am already doing, and I just want to continue to grow in that concept. The area that appeals to me the least is “Oversight and Development” because I want hands-on interaction and do not want to lead or manage people.

Module 2

Cybersecurity is heavily related to science! For one, there are a lot of tests and data involved that help cybersecurity experts determine what will and will not be effective for a system/network. They may use some form of the scientific method to do so. Just like an environmental scientist monitoring the environment for events to report or take action on, cybersecurity experts monitor a network to see if there are any events happening within it. If they spot something, they will either report it or take actions to remediate the issue. Lastly, one of the biggest factors that make science, science, is cause and effect. When there is an effect on a system/network that is cybersecurity-related, an expert needs to find the root cause of why a situation happened to find answers and fix the issue.

Module 3

After reading through Privacyrights.org’s resources on data breaches, I believe that researchers can use this information to improve data protection and overall tech security. The various articles help researchers and IT professionals learn about past breaches so they can understand others’ vulnerabilities that caused them to get breached and ensure that they don’t have similar vulnerabilities in their systems. The articles also delve into legal protection and standards for data handling in an enterprise, allowing professionals to determine if their data storage systems are legally compliant and protected by internal measures. Professionals and researchers can use these articles to identify future types of breaches and start taking preventive measures to ensure data protection now and in the foreseeable future. Additionally, the provided insights can help organizations enhance their current systems to be more resilient against emerging threats.

Module 4

Maslow’s Hierarchy of Needs has five levels: physiological needs, safety needs, belongingness and love needs, esteem needs, and self-actualization. Here’s how each level relates to my experiences with technology as a system administrator in the Air Force:

1. Physiological Needs: These are the basics like food and water. In tech terms, it means having the essential tools and equipment to do your job. For example, making sure all computers and servers are up and running so everyone can work.
2. Safety Needs: This is about feeling secure. As a system admin, it’s my job to keep our network safe from hackers and viruses. For instance, setting up firewalls and security protocols to protect sensitive data.
3. Belongingness and Love Needs: This is about feeling connected with others. Technology helps us stay in touch and work together. For example, using email or chat apps to communicate with team members and collaborate on projects.
4. Esteem Needs: This is about feeling respected and valued. Successfully managing a network can earn you recognition and respect from your peers. For example, getting praised for fixing a major issue or improving system performance.
5. Self-Actualization: This is about reaching your full potential. In tech, it means constantly learning and growing. For example, taking courses or getting certifications to stay updated with the latest technology trends.

Module 5

Individual Motive Rankings

• Money
• Political
• Revenge
• Boredom
• Recognition
• Entertainment
• Multiple Reasons

Money is the motive for cybercrime 90% of the time, whether it’s money they are stealing, data they are selling, or if they are hired by an organization, which is a major factor in why it happens. I put multiple reasons at the bottom because it seems to be the motive in only 1% of cybercrime cases.

My thought process for listing these motives is dependent on the frequency with which I have seen them as reasons for the attacks. As I explained, I put money as number one because, like most crimes, people are driven by the money they can gain with their crimes. I put political at number two because every day, thousands of cyberattacks occur between countries. I did not put it as number one because various countries pay people to conduct these attacks. I put revenge at number three because revenge is such a strong emotion, and many people get a sense of pleasure knowing they got their revenge by any means. I put boredom at number four because many people will do crazy things out of boredom. Even kids have committed cybercrimes just out of boredom; this motive for cyberattacks happens more often than we think. I put recognition at number five because many narcissists want to make a name for themselves. The reason I didn’t rank it higher is because seeking recognition increases the chance of getting apprehended. I put entertainment second to last because I rarely see it as a motive for an attack. Lastly, I put multiple reasons last because, as I stated, it is too broad and constitutes a small percentage of cybercrime cases.

Module 6

Examples of a fake website

Suspicious URLs: many fake websites would intentionally miss spells a legit URL to trap a user who is trying find a legit web site Ex: www.youtubw.com as you can see YouTube was miss spelled in that URL taking advantage of the fact that the “w” can be accidently pressed since its right next to the “e”.

Unsecured Connections: Many legit websites would use HTTPS which is also indicated by the pad lock on the address bar. Ex: The current site i am using https://student.wp.odu.edu/ as shown on the URL the HTTPS means that the site i am using is legit and secure. Wear as a link that looks like this http://youtubw.com indicates that the site is possibly fake and unsecure.

Unusual payment methods: When a legit e-commerce website like amazon.com ask for a payment method they have pay within their secure system with a debit /credit card or gift card. an example of suspicious pay method is when an e-commerce website like amazonian.com is asking for untraceable payments like crypto or wire transfers.

Module 7

Memes

HSI perspective, it highlights that cybersecurity can be tricky when strict system rules clash with how people use them. For example, tough password policies can confuse or frustrate users, leading to mistakes or bad habits (like writing passwords down). To fix this, we need to make systems easier to use, like offering tools to save passwords or using simple, secure passphrases. This helps keep things safe without making life harder for users.

Module 8

The media plays a huge role in shaping how we view cybersecurity, whether it’s creating awareness or spreading fear. It often amplifies high-profile breaches or attacks, which grabs attention but can skew perceptions by focusing on dramatic events rather than everyday vulnerabilities. Sometimes, it simplifies complex issues, making them seem either more terrifying or easier to handle than they really are. On the flip side, good reporting can educate people about protecting themselves online and highlight the importance of digital security. The way stories are framed can either empower us with knowledge or leave us overwhelmed and unsure where to start. What’s your take? Feel like the media gets it right most of the time, or not so much?

Module 9

When I did the Social Media Disorder scale, it got me thinking about how I spend my time on social media. My results showed that sometimes I might get a bit too caught up in it or let it take my attention away from other things. The questions in the scale were pretty good at pointing out when social media might be becoming an issue, like when it distracts you or makes you feel uneasy if you can’t check it. I think it’s interesting how people in different parts of the world use social media differently. Stuff like culture, internet access, or everyday stress could all play a role in shaping those differences. It’s pretty eye-opening.

Module 10 -Entry 10

Social cybersecurity is about protecting society from cyber threats that manipulate human behavior, social structures, and politics. It highlights how technology enables bad actors to spread misinformation and disrupt trust in institutions. The focus is on building strong systems to safeguard our values and stability in a world where information can be weaponized.

Unlike regular cybersecurity, which defends systems from attacks, social cybersecurity studies how tech impacts people and society. By mixing social science with tech, it aims to predict and fight threats that could shake our communities and national security.

Module 10 -Entry 11

A cybersecurity analyst is like a digital guard, keeping a company safe from online attacks. They watch over computer systems, respond to security problems like phishing or hacking attempts, and help fix weaknesses. It’s a mix of tech work and research, sometimes including training others to stay safe online.

This job is in high demand, with starting pay around $95,000 per year in the U.S., depending on where you live. You don’t always need a degree—certifications like Security+ and hands-on experience can get you in. It’s a great field if you’re looking for good pay and job security!

Module 11 – Entry 12

Economics Theories:

1. Information Asymmetry: This means one side knows something the other doesn’t. Here, the company and its platform provider found out about the data breach months before telling customers. Because of this, customers couldn’t take steps to protect themselves right away, which could cause financial trouble. Sharing the news now helps fix the imbalance.
2. Cost-Benefit Analysis: Before sending the letter, the company thought about pros and cons. They delayed sharing the news so law enforcement could investigate, weighing the benefits of catching the hackers against the risk to customers. Customers are also asked to think about their own pros and cons—like whether getting a new card is worth avoiding potential fraud.

Social Sciences Theories:

1. Trust and Social Capital (Sociology): Trust is super important for relationships, including between customers and companies. A breach like this can make people lose trust in the company. By being honest and offering help, the company is trying to win back customers’ trust.
2. Responsibility and Risk Management (Psychology): The letter asks customers to protect themselves by taking steps like checking their bank accounts. This connects to the idea that people are more likely to act when they understand there’s a direct risk to them, like someone stealing their money.

Module 11 – Entry 13

Bug bounty programs let companies pay ethical hackers to find security problems in their systems. The article talks about why these programs are useful and what motivates hackers to help, like money, recognition, and making the internet safer. It also points out that hackers will still work even if the payment isn’t huge, which makes the programs affordable for most companies.

The findings show that industries like healthcare and finance are trickier to hack, so they get fewer reports. Plus, as these programs go on, hackers find fewer problems because the big ones were already fixed. To keep the program useful, companies can let hackers test more of their systems.