Journal Entry’s
Journal entry 1:
Review the NICE Workforce Framework. Are there certain areas that you would want to
focus your career on? Explain which areas would appeal the most to you and which
would appeal the least.
After reviewing the frameworks page and the different Cybersecurity categories. It was nice
to have come across this information as I struggled to picture what to do exactly after I got
my degree in Cybersecurity. Out of the seven I found Protection and Defense (PD),
Investigation (IN), and Cyber intelligence (Ci) to be the main three I would be interested in.
PD the classic Cybersecurity job I think most people would associate this line of work too,
is just about defending an organization for cyber threats. IN might be my top pic as I love
watching criminal investigation YouTube video of police investigator interrogating a
potential suspect. CI seems something that I might really enjoy gather intelligence makes
me feel like a spy or something on the lines of that. The rest of the work roles all seem
interesting and one of the ones I did not pick might be the one I love overall as I feel you
truly don’t know until you work for all categories but that seems unattainable, but I am
confident with the three I picked.
Journal entry 2:
Explain how the principles of science [Empiricism, Determinism, Parsimony, Objectivity
etc.,] relate to cybersecurity?
Empiricism is about the gathering of information through our senses. Empiricism in
Cybersecurity can be used to determine threats and help for better defenses using security
incidents and other data to draw conclusions and make decisions. Determinism is about
identifying and understanding patterns from events and behaviors from that event.
Determinism in cybersecurity helps understand attackers’ behaviors by analyzing patterns
from cyber-attacks. This knowledge aids in predicting future attacks and developing
effective defense strategies. Parsimony is where if you’re confronted by complex options,
choose the most efficient options if often the best approach. In cybersecurity, parsimony is
about not overcomplicating solutions. When faced with complex security options, it’s often
better to choose the simplest and most efficient approach.
Journal entry 3:
Visit PrivacyRights.orgLinks to an external site. to see the types of publicly available information about data breaches. How might researchers use this information to study breaches? Enter a paragraph in your journal.
When you access the website Privacyrights.org, you will find publicly available information regarding data breaches. The website includes details about law changes that have been enacted or updated around data. The Reports section allows the viewer to find valuable information about data breaches. You can also find analytics information about data breaching and breach trends. There is a grand library of reports from 2005 to the present time regarding companies and organizations experiencing data breaches. Additionally, the website offers educational resources, best practices for data protection, and tips for individuals and businesses on how to safeguard their personal information in this evolving digital landscape.
Journal entry 4:
Review Maslow’s Hierarchy of Needs and explain how each level relates to your
experiences with technology. Give specific examples of how your digital experiences relate to each level of need.
Physiological Needs is the first layer in the five-level pyramid of Maslow’s Hierarchy of
Needs, which focuses on basic human requirements for survival. For me, examples include
using kitchen appliances like a rice cooker and an air fryer to prepare meals. Additionally, I
rely on smart devices like my smartphone to set alarms and keep track of time, helping me
manage my daily routine effectively. For the second level of Maslow’s Hierarchy of Needs, I
use a doorbell camera for home security and rely on my phone for weather updates and
alerts. The third level, “Love and Belonging,” is about finding love and a place in life where
you feel wanted. Devices that access social media, messaging apps, and other
communication tools allow people to stay connected with friends and family. The fourth
level, “Esteem Needs,” is about recognition and respect. One device that comes to mind is
my race sim rig. I drive very competitively in racing sim games, and this device helps me
receive recognition and respect from other drivers. The fifth and final level, “Self-
Actualization,” is about realizing one’s full potential and personal growth. For me, online
software like Canvas helps me enhance my knowledge and skills, contributing to my sense
of fulfillment and growth.
Journal entry 6:
Can you spot three fake websites? [Refer Online Security Blogs, Public Awareness Sites,
Academic Resources etc., and cite the source].
Compare the three fake websites to three real websites and highlight the features that
identify them as fraudulent.
According to an article titled “5 Recent Examples of Fake Websites” on Memcyco, PayPal
dealt with a series of fake websites in late 2023. Attackers used phishing methods to trick
users into clicking on sites like “paypaysecurity.com” or “paypa1.com,” which used similar
domain names to the real PayPal site. Additionally, there was a fake DMV website that
displayed an SSL certificate (padlock icon next to the search bar). While an SSL certificate
is usually a sign of security, it does not guarantee that the site is legitimate anymore. The
website “Save The Pacific Northwest Tree Octopus” is another example of a fake site. It
claims to advocate for a fictional species, using absurd claims and a humorous tone to
deceive users. This site is a legitimate page with false information about the octopus.
work cited:
Lakovics, Z. (2024, September 11). 5 recent examples of fake websites. Memcyco.
https://www.memcyco.com/5-recent-examples-of-fake-websites/
Toohil, R. (2025, January 15). How to identify fake websites: 11 warning signs. Aura.
https://www.aura.com/learn/how-to-identify-fake-websites
Zapato, L. (1998). Save The Pacific Northwest Tree Octopus. Retrieved from
https://zapatopi.net/treeoctopus/
Journal entry 10:
Read this and write a journal entry summarizing your response to the article on social cybersecurity
The overall main point of the article is that there are new emerging threats that cybersecurity analysts need to prepare for. The article emphasizes the importance of understanding human behavior and social interactions in the context of cyber threats. It discusses how Russian cyber aggression is focusing on cyber-attacks to influence human behavior changes. These attacks might target rival political parties or aim to disrupt relations between friendly countries. Additionally, the article explores how technological advancements like artificial intelligence and machine learning enhance cybersecurity measures and threat detection. It highlights the importance of collaboration between government agencies, the private sector, and international partners to address cybersecurity challenges.
Journy entry 15:
Watch this video and think about how the career of digital forensics investigators relate to
the social sciences. Write a journal entry describing what you think about the speaker’s
pathway to his career.
Listening to Davin Teo was very interesting to me, as digital forensics is something I want to
pursue in the long run. Davin’s start in the field was intriguing; he mentioned that he initially
went to school for accounting and later jumped into an IT-related job out of increasing
interest in the field, which he ended up loving. He shared how he took a leap of faith by
joining a new team in Australia that focused on digital forensics. He also described how,
back then, his team would store information on floppy disks, securing them in evidence
bags for safekeeping. He explained a real-world example where a customer called, wanting
to identify the “bad apple” in their network that was costing the company money. His
investigation revealed that the IT department was involved. Davin Teo does a great job
explaining the basics to Digital Forensics allowing more people to take an interest in this
line of work.
Article Review 1 and 2:
Article Review #1: Investigating the Intersection of AI and Cybercrime: Risks,
Trends, and Countermeasures
Describe how the topic relates to the principles of the social
sciences?
The article uses sociology to discuss how the behaviors of children and seniors
relate to cyber threats, addressing age-related vulnerabilities and the need for
tailored educational approaches (Shetty, Choi, & Park, 2024). It incorporates
criminology through Choi’s Cyber Routine Activities Theory, a theoretical framework
that examines the differences between offenders, targets, and guardians in the AI
world (Shetty, Choi, & Park, 2024). This theory helps explain how AI-driven
cybercrimes occur and what measures can be taken to prevent them.
Describe the study’s research questions or hypotheses?
- Do people overlook important aspects regarding online safety and daily life
impacts when the media discusses AI? (Shetty, Choi, & Park, 2024) - What are the interviewees’ attitudes towards AI, and should there be stricter
regulations or a halt in AI development to address concerns about ethics, privacy,
and safety? (Shetty, Choi, & Park, 2024) - How are perspectives and attitudes towards AI changing, and is there a need for
stricter regulations or a gradual reduction in AI deployment for safety and ethical
concerns? (Shetty, Choi, & Park, 2024) - How can the impact of malicious AI from the dark web on the clear web be
reduced, and what practical steps can governments, organizations, and individuals
take to mitigate these risks and protect against victimization? (Shetty, Choi, & Park,
2024)
These questions, gathered from written statements and recordings of virtual
interviews, were analyzed to identify recurring themes across expert responses.
Describe the types of research methods used?
The article utilizes both quantitative and qualitative methods. The quantitative
research focuses on AI-generated prompts from online forums, examining
discussions about their malicious use. The qualitative research, through expert
interviews, provides insights into legal, technical, and policy solutions needed to
address the findings from the quantitative analysis. (Shetty, Choi, & Park, 2024)
Describe the types of data and analysis done?
The data presented in this article is categorized into two types: quantitative and
qualitative. The quantitative data comprises 102 AI-generated prompts collected
from both the clear web and the dark web, specifically used for malicious purposes.
To analyze this data, thematic analysis and descriptive statistics were applied to
categorize the prompts into different types of malicious activities and identify the AI
tools used. The qualitative data consists of semi-structured interviews with six
experts in the fields of cybercrime, cybersecurity, and criminal justice. Thematic
analysis of these interviews helped identify recurring themes and insights related to
AI’s role in cybercrime, focusing on online lifestyle, media discourse, and digital
capable guardianship (Shetty, Choi, & Park, 2024). This comprehensive approach
provided both statistical trends and contextual explanations of AI-driven
cybercrime.
Describe how the topic relates to the challenges, concerns and
contributions of marginalized groups?
The article addresses age marginalization by highlighting that different age groups
have specific needs and vulnerabilities. It emphasizes that senior citizens should be
targeted through television advertising to raise awareness about better protecting
themselves online. It also mentions that seniors might be reluctant to report
incidents due to a lack of understanding or feelings of embarrassment. For younger
age groups, the article suggests creating interactive educational games for schools
and using the Homeland Security Investigations’ iGuardians program to educate
children about online safety and reporting abuse (Shetty, Choi, & Park, 2024).
Describe the overall contributions of the studies to society?
The studies contribute to society by emphasizing the importance of cyber hygiene,
urging individuals to be cautious about their online activities. Additionally, they
highlight the need for stronger communication and collaboration among educators,
policymakers, and cybersecurity experts to enhance cybersecurity measures. By
raising awareness and providing a comprehensive understanding of the intersection
between AI and cybercrime, the studies help in developing innovative approaches to
mitigate emerging threats in cyberspace (Shetty, Choi, & Park, 2024).
Conclusion:
From the article “Investigating the Intersection of AI and Cybercrime: Risks, Trends,
and Countermeasures,” we gain insights into AI-powered cybercrimes. It highlights
the importance of recognizing age-specific vulnerabilities, fostering cybersecurity
transparency, and promoting collaboration among experts. The study stresses
better cyber hygiene and innovative educational approaches to enhance
cybersecurity efforts against emerging threats.
Work Cited:
Shetty, S., Choi, K., & Park, I. (2024). Investigating the intersection of AI and
cybercrime: Risks, trends, and countermeasures. International Journal of
Cybersecurity Intelligence & Cybercrime, 7(2), 28-53. https://vc.bridgew.edu/cgi/viewcontent.cgi?article=1187&context=ijcic
Article Review #2:
Describe how the topic relates to the principles of the social
sciences?
This article about cyber victimization in the healthcare industry highlights several
principles of social science. It applies the Cyber-Routine Activities Theory (Cyber-
RAT) to analyze the interactions between motivated offenders, attractive targets,
and the absence of capable guardianship in digital environments. This framework
sheds light on the conditions that make healthcare institutions particularly
vulnerable to cyberattacks. The data presented in the article offers valuable insights
into the vulnerabilities and weaknesses within healthcare organizations. These
findings could drive changes in cybersecurity policies and practices, improving
defenses against future threats. Additionally, the article explores economic and
behavioral incentives, emphasizing that financial gain is one of the primary
motivations for these attacks. The allure of vast amounts of sensitive personal data
stored in healthcare systems make healthcare organizations attractive targets for
cybercriminals.
Describe the study’s research questions or hypotheses?
The main goal of this research, grounded in the Routine Activities Theory (RAT)
framework, is to explore the driving forces behind cyber attackers and pinpoint
weaknesses in healthcare cybersecurity systems. More specifically, the study aims
to answer crucial research questions:
(1) What are the primary motivations driving Advanced Persistent Threats (APTs) to
target the healthcare industry?
(2) What are the common characteristics and behaviors of APT groups (whether
state-sponsored or cybercriminal) that target healthcare institutions?
Describe the types of research methods used?
The primary method used in this study was secondary data analysis, with
information collected from multiple credible websites. The researchers utilized both
a dependent variable and independent variables to structure their analysis.
Descriptive statistics were applied to identify patterns and summarize the data,
while Chi-square tests were employed to examine relationships between variables
and measure the strength of their associations.
Describe the types of data and analysis done?
The study drew its dataset from secondary sources, with Hackmageddon serving as
the primary platform. This website’s database is well-regarded for organizing
detailed information on cyber incidents, including classifications by industry,
motives behind attacks, and their outcomes. To further enrich the data, additional
sources such as Databreaches.net, CSIDB.org, and HIPAA Journal were utilized,
ensuring a thorough exploration of cybercrime trends across various contexts.
These data selections focus specifically on healthcare-related cyberattacks that
occurred between 2018 and 2023. This time frame allowed the researchers to
capture evolving trends over a five-year period, including shifts in attacker behavior,
motivations, and targeted vulnerabilities.
Describe how the topic relates to the challenges, concerns and
contributions of marginalized groups?
Marginalized groups face greater risks from healthcare cyberattacks due
to their reliance on under-resourced services. Data breaches can
worsen discrimination and deepen social inequities. The study
emphasizes equitable cybersecurity practices and the importance of
including marginalized perspectives in shaping protective policies.
Describe the overall contributions of the studies to society?
The primary contribution of the article is to raise awareness about cybersecurity
threats facing the healthcare industry. It highlights that attackers are primarily
motivated by financial gain due to the vast amounts of sensitive personal data
stored in healthcare systems. This data is highly valuable and vulnerable to
exploitation. The study provides insights that can guide policymakers, healthcare
administrators, and cybersecurity professionals to develop stronger protective
measures and policies. By doing so, it contributes to the overall goal of fortifying
healthcare cybersecurity and ensuring the safety of sensitive patient information.
Conclusion:
The article highlights the urgent need to address healthcare cybersecurity vulnerabilities using the Cyber-Routine Activities Theory (Cyber-RAT). It examines cyber attackers’ motives and behaviors, revealing systemic weaknesses and economic incentives. The research offers practical steps to strengthen security policies while emphasizing equitable practices to protect marginalized groups. These insights are vital for safeguarding patient data in the digital age.
Worked Cited:
Praveen, Y., Kim, M., & Choi, K. (2024). Cyber victimization in the healthcare industry:
Analyzing offender motivations and target characteristics through Routine Activities Theory
(RAT) and Cyber-Routine Activities Theory (Cyber-RAT). International Journal of
Cybersecurity Intelligence & Cybercrime, 7(2), 4–27. https://doi.org/10.52306/2578-
3289.1186
Career Paper:
Name: John Chandler Williams
Professor: Diwakar Yalpi
Topic: Social Cybersecurity
Date: 04/13/2025
Social Science and Cybersecurity Forensic
Introduction
The field of cybersecurity forensic investigation has always intrigued me, and it is a career
path I may want to pursue in the future. A cybersecurity forensic investigator plays a critical
role in uncovering evidence of cybercrimes such as hacking, identity theft, fraud, and other
malicious online activities. Their ultimate goal is to gather sufficient evidence to ensure
perpetrators are held accountable in a court of law. Social science, which is fundamentally
about understanding human behavior, provides invaluable tools and principles that aid
investigators in analyzing motives, trends, and patterns behind cybercriminal activities. By
applying social science frameworks, investigators can gain deeper insights into the
underlying drivers of cybercrimes, enabling them to effectively track down offenders and
strengthen their cases.
What is Social Cybersecurity
Cybersecurity analysts are professionals tasked with defending against cybercrimes using
technical measures, but their roles increasingly require a strong reliance on social science
principles. Social cybersecurity, as an emerging field, emphasizes understanding human
behavior as a critical factor in cybercrime prevention. By leveraging insights from
behavioral psychology, cybersecurity experts can anticipate how users might react to
manipulative content, such as phishing attempts or disinformation campaigns. This
knowledge allows them to create targeted countermeasures that effectively address these
threats. Their work represents a fusion of technical expertise and social science, which is
essential in combating modern cybercrimes and ensuring a safer digital environment.
Identifying At-Risk Groups
Recent research shows that vulnerability to disinformation is not limited to those who are
economically or socially disadvantaged but also includes factors like higher media
consumption and older age. While educated people are found to be more aware of false
news, many people are still highly susceptible to misinformation because personalized
algorithms, echo chambers, and cognitive biases reinforce their preexisting beliefs. This
vulnerability is further amplified by social media platforms that design feeds to display
content aligning with past interactions, thereby deepening users’ immersion in narrow
informational bubbles. Even when people are confronted with factual evidence they still
hold on to initial false beliefs. This complicates public understanding and challenges
forensic investigators decoding digital manipulation. Ultimately, these dynamics call for
strategies that merge social science insights with technological solutions to combat
disinformation.
Social Science and Forensic Science
Katharine Browning published an article titled Social Science Research on Forensic
Science: The Story Behind One of NIJ’s Newest Research Portfolios, where she illustrates
how integrating social science research with forensic science can significantly enhance
investigative practices. Browning explains that as new forensic technologies such as DNA
analysis and other advanced tools emerged, it became evident that understanding human
behavior and organizational dynamics is equally crucial. While the article primarily
addresses traditional forensic science, many of its underlying principles directly connect to
cybersecurity forensic investigation. In the digital realm, forensic investigators must
consider the human element—from uncovering the motivations driving cybercriminal
activities to analyzing how human errors or biases might influence the interpretation of
digital evidence. By blending technical expertise with social science insights, this
interdisciplinary approach equips cybersecurity forensic investigators with a
comprehensive skill set, strengthening their ability to construct compelling cases that
withstand rigorous legal scrutiny.
Conclusion
Integrating social science with cybersecurity forensics is essential for tackling modern
cybercrimes. Cognitive biases, echo chambers, and personalized algorithms reveal that
technical evidence alone is not enough. Combining behavioral psychology with forensic
methods helps investigators uncover the human motives behind attacks and build stronger
cases. This interdisciplinary approach not only improves legal outcomes but also protects
at-risk groups in our evolving digital landscape.
Worked Cited:
Carley, Kathleen M. “Social cybersecurity: an emerging science.” Computational and
Mathematical Organization Theory, vol. 26, no. 3, 2020, pp. 365–381. Springer,
https://doi.org/10.1007/s10588-020-09322-9
Browning, Katharine. “Social Science Research on Forensic Science: The Story Behind One
of NIJ’s Newest Research Portfolios.” National Institute of Justice, 1 July 2015,
https://nij.ojp.gov/topics/articles/social-science-research-forensic-science-story-behind-
one-nijs-newest-research
National Academies of Sciences, Engineering, and Medicine. “6 Integrating Social and
Behavioral Sciences (SBS) Research to Enhance Security in Cyberspace.” A Decadal Survey
of the Social and Behavioral Sciences: A Research Agenda for Advancing Intelligence
Analysis, The National Academies Press, 2019,
https://nap.nationalacademies.org/read/25335/chapter/10. Accessed 13 Apr. 2025.