Category Archives: Journal Entries

Watch this video and think about how the career of digital forensics investigators relate to the social sciences. Write a journal entry describing what you think about the speaker’s pathway to his career.

After watching Davin Teo’s TEDx talk on digital forensics, I was struck by how his career path blends technical expertise with a deep understanding of human behavior. He emphasized that digital forensics isn’t just about analyzing data; it’s about interpreting digital evidence within the context of human actions and intentions. This intersection highlights the importance of social sciences, particularly psychology and sociology, in understanding the motivations behind cybercrimes.

Teo’s journey into digital forensics wasn’t linear. He shared experiences that led him to appreciate the nuances of human behavior in digital spaces. His ability to connect technical findings with psychological insights demonstrates how crucial social sciences are in this field. It made me realize that effective digital forensics requires not only technical skills but also the ability to empathize and understand the human elements behind digital footprints.

Overall, Teo’s talk reinforced the idea that careers in cybersecurity and digital forensics are deeply interdisciplinary. The integration of social sciences provides a more comprehensive approach to investigations, ensuring that behind every piece of data, the human story is not lost.

Andriy Slynchuk has described eleven things Internet users do that may be illegal. Review what the author says and write a paragraph describing the five most serious violations and why you think those offenses are serious.

After reviewing the article, the five most serious internet violations include streaming or downloading content from unofficial sources, sharing someone else’s personal information or photos without consent, cyberbullying or trolling, collecting data on children under 13, and making illegal searches online. These stand out because they can lead to real legal consequences and cause significant harm to others.

Pirating movies or shows might seem low-risk, but it is considered theft and can result in fines or legal action. Sharing personal information or images of others without permission can lead to serious privacy violations and even physical danger, especially if the person becomes a target. Cyberbullying, while often brushed off as just “online behavior,” can lead to charges and has been linked to emotional trauma and, in extreme cases, suicide. Collecting data on kids under 13 without following proper legal procedures violates federal COPPA law and puts vulnerable users at risk. Finally, certain online searches, especially those related to criminal content, can lead to investigations or even arrests depending on what is being accessed.

These actions highlight how important it is to understand that what is done online can have serious offline consequences. Many of these behaviors may seem minor or common, but they carry legal risks and can harm people in ways that are not always obvious.

A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company’s cyber infrastructure.  To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using their penetration testing skills.  The policies relate to economics in that they are based on cost/benefits principles.  Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=trueLinks to an external site.  and write a summary reaction to the use of the policies in your journal.  Focus primarily on the literature review and the discussion of the findings.

The article about bug bounty programs using HackerOne data shows how these programs help companies find security issues by paying freelance hackers. Even though they get paid, most hackers do it for other reasons like gaining experience or building a reputation. The study shows that even small or less popular companies can benefit from bug bounties, which makes them a good option for businesses without large budgets. The article points out that older programs get fewer bug reports unless they add more things for hackers to test, so while bug bounties are helpful and cheaper than hiring full-time staff, they’re not a perfect solution and don’t catch everything. There’s still a lot that’s not fully understood about how these programs work, but they’re a good tool to have as part of a company’s security plan.

Read this https://dojmt.gov/wp-content/uploads/Glasswasherparts.com_.pdfLinks to an external site. sample breach letter “SAMPLE DATA BREACH NOTIFICATION” and describe how two different economics theories and two different social sciences theories relate to the letter.

The Glasswasherparts.com data breach notice shows some key ideas from the module, especially Rational Choice Theory and Cost-Benefit Analysis. The company and their third-party provider probably made choices based on saving money in the short term. They didn’t invest in better security or tell customers right away, which makes sense under Rational Choice, they were trying to avoid immediate losses, even if it could cause bigger problems later. After the breach, they had to remove malware, work with law enforcement, and tell customers, which likely cost a lot more than preventing it in the first place.

Social science theories like Risk Assessment and Information Flow also connect to this. People, not just technology, made decisions about how risky the situation was and when to tell people. The delay shows that they thought it was fine to wait. The way the information was shared (or not shared) matters too. Because customers didn’t get told in time, they kept using the site without knowing their info was at risk. That kind of delay can hurt trust and have financial consequences. In the end, the breach shows that cybersecurity problems often come from human choices and priorities, not just technical issues.

As you watch the video https://www.youtube.com/watch?v=iYtmuHbhmS0, think about how the description of the cybersecurity analyst job relates to social behaviors. Write a paragraph describing social themes that arise in the presentation.

A cybersecurity analyst encompasses a few social themes that are required to conduct the job effectively. Communication skills are a must. They must be able to convey security topics to a range of different people, from experts to non-technical workers or clients. Collaboration is also vital in this job role. It’s sometimes necessary to work across different departments, and collaboration is key in these instances. Related to the previous two, is the ability to train and spread awareness to employees about best security practices and how employees may be vulnerable to social engineering attacks.

Read this and write a entry summarizing your response to the article on social cybersecurity

 https://www.armyupress.army.mil/Journals/Military-Review/English-Edition-Archives/Mar-Apr-2019/117-Cybersecurity/b/Links to an external site.

The article discusses the ever evolving field of social cybersecurity and its growing significance in national security and warfare. Social cybersecurity aims to understand and predict how information online influences human behavior and its outcomes in society. The article highlights how adversaries (particularly in Russia) are specifically targeting information sources that affect public opinion and destabilize societies without the need for military action.

The article proposes a few solutions to counter the problem. It calls for the development of policies that allow institutions to combat these threats without affecting the privacy of individuals. This could be through education, specifically, about the nature of information in today’s landscape and the risks of being targeted with misinformation.

Complete the Social Media Disorder scale. How did you score?  What do you think about the items in the scale? Why do you think that different patterns are found across the world?

I scored 2/9 but I actively try to keep social media to a minimum in my life. That’s not to say I don’t get caught scrolling through Instagram reels regularly, but I do try to keep some discipline in that department.

As humans, we strive for social acceptance and dread being rejected socially. I think that’s what social media ultimately taps into, and exploits in all of us. It is the ultimate way to keep in contact with our friends and family, but also has a dark side. They say that if something is free, you are the product. Social media companies engineer their algorithms to keep you in their apps and on their websites as long as possible, because they can push you more advertisements, and thus make them more money.

I do think it is important for the DSM to acknowledge that there is a problem here with social media addiction and “Social Media Disorder.” Social media is still relatively new, but it is apparent that there is an addictive nature to it, and should be clinically diagnosed as a “disorder.”

After watching the video, write a journal entry about how you think the media influences our understanding about cybersecurity

I think the media can often shape how people perceive the world of cybersecurity, and they tend to overexaggerate it. To keep engagement, they frequently depict it as fast-paced and flashy, speaking fake catch-phrases and terminology to make it sound “high-tech.” While this is entertaining, it creates unrealistic expectations about how cybersecurity actually functions on a day to day basis. There are a few examples in this video that do a pretty good job at sticking to some sort of reality. Mr. Robot, as she notes, does a good job depicting capture-the-flags, the environment, and the actual ideas and technology behind them. But, then again, Mr. Robot is a show specifically about cybersecurity and hacking. If it was not accurate to a certain degree, it would suffer critically, and not be nearly as good as it is.

Review the following photos through a human-centered cybersecurity framework. Create a meme for your favorite three, explaining what is going on in the individual’s or individuals’ mind(s).

Employee security training for everyone who fell for the fake phishing campaign.
“I knew I shouldn’t have clicked that link.”

“This should be enough security!”

“I thought I needed to do all of this extremely technical hacking, but an employee just sent their credentials to me in plaintext through email.”

I think my “memes” ironically highlight several aspects that human-centered cybersecurity. Training gaps in a workforce, misconceptions about security and over-reliance on security tools, and social engineering risks. These all play a critical role in cybersecurity, and are all human factors. Human-centered cybersecurity addresses these issues with systems that account for real-world human behavior.

Can you spot three fake websites? [Refer Online Security Blogs, Public Awareness Sites, Academic Resources etc., and cite the source]. Compare the three fake websites to three real websites and highlight the features that identify them as fraudulent.

Placeholder