The Cyber Analyst

Introduction

The rapid advancement of technology in the modern world has opened up the possibilities to innovation as well as new opportunities for financial gain. The digitization of critical industries, government and private business operations, law enforcement and everyday activities requires more robust cybersecurity and data privacy. Information has become a valuable commodity on the dark web leading to more aggressive and cleverly disguised cyber-attacks. Cyber professionals like Cybersecurity Analysts have the ongoing task of determining who performs cyber-attacks, how these attacks are carried out, and what targets are most susceptible to cyber victimization. This paper will discuss the role of Cyber Analysts and how they employ the social sciences to develop cybersecurity policies, response plans and procedures in the workplace.

Social Science Principles

Social science research such as social cybersecurity is grounded in the human and social aspects of cyber threats and cyber victimization (Mulahuwaish, A., et al. 2025) Researchers use psychology to gain an understanding of the motivating factors that lead to hacking, cyber bullying, identity theft, online fraud, etc. Some offenders are motivated by financial gain, status, adrenaline rush or boredom, while others are emotionally unstable or lack the logical cognitive functions that prevent them from engaging in these activities. “Cybersecurity analysts (sometimes called information security analysts) plan and implement security measures and vulnerability assessments to protect an organization’s computer systems from cyberattacks” (Zuritsky, K. 2025). They use social science research to understand human-computer interactions and how they lead to threats and vulnerabilities.

Cybersecurity practices incorporate several principles of social sciences. For example, Cyber analysts use empiricism and parsimony to ensure that response plans, risk assessments and cyber awareness training are done using factual data and simplistic language that can be understood by all employees. Ethical neutrality ensures that any data collected for research, cyber incident investigations or security monitoring is done in an ethical manner and complies with privacy laws and policies. Determinism focuses on known human behavior and past events that cause humans to be susceptible to cyber-attacks, to improve human-computer interactions. Analysts also employ the principle of relativism as they consider the cause and effect relationship between human error and cyber-attacks, as well as the effect on businesses and society at large.

Application of Key Concepts

Key concepts recognized by cybersecurity professionals include compliance, risk, cost-benefit analysis, behavioral analysis and human factors of cybersecurity. Cybersecurity analysts study behavioral analysis to determine the psychological factors like agreeableness that lead individuals to fall victim to social engineering. This helps professionals tailor awareness training to focus on phishing, whaling and smishing attempts. Cost-benefit analysis, an economics concept, is used in cybersecurity to compare the benefit of a robust security posture against the cost of implementation. This analysis ensures that organizations can be protected according to compliance laws and security needs while maintaining operational capability.

Marginalization

Cybersecurity is just as necessary in marginalized communities such as low-income, elderly, rural and Black, Indigenous and People of Color (BIPOC) communities. These communities tend to have limited access to technology, and outdated cybersecurity software, making them easier targets for cyber-attacks. Additionally, studies show that only 3% of malware targets technical deficiencies while 97% focuses on social engineering through various platforms (Almutairi, B. & Alghamdi, A. 2022). This means that researchers must focus more on providing education to disadvantaged populations who are vulnerable to social engineering attacks and cultivate a cyber-safety culture. Lawmakers in the U.S. have also stepped in to assist by providing free safety tips and public hotlines such as the FBI Internet Crimes Complaint Center (IC3) to enable incident reporting and access to information. Cybersecurity analysts also devise simple but effective authentication procedures like biometrics and multi-factor authentication to assist elderly people with safe online activities like banking.

Career Connection to Society

Cybersecurity professionals perform threat detection, risk assessment and security recommendations to ensure the protection of critical infrastructure like education, healthcare, transportation, water and sewerage processing, electricity and fuel systems. These systems, if compromised, can cause millions of dollars in damage and losses to businesses and consumers. In 2023, the Department of Health and Human Services reported an average of 1.99 data breaches involving 500 or more health records (Zuritsky, K. 2025). Since health records contain sensitive personal information, these records can be used to commit identity theft and medical fraud, causing heavy financial losses to victims and organizations. Lawmakers enforce data privacy compliance laws like the Health Information Portability and Accountability Act (HIPAA) to hold organizations accountable and prevent data breaches.

References

Almutairi, B.S. and Alghamdi, A. (2022) The Role of Social Engineering in Cybersecurity and Its Impact. Journal of Information Security, 13, 363-379. https://doi.org/10.4236/jis.2022.134020

Mulahuwaish, A. et al, (2025) A survey of social cybersecurity: Techniques for attack detection, evaluations, challenges, and future prospects. Science Direct, 18 100668. https://doi.org/10.1016/j.chbr.2025.100668

Zuritsky, Kate. (2025) What Does a Cybersecurity Analyst Do? Sorting Through the Misconceptions. Rasmussen University. https://www.rasmussen.edu/degrees/technology/blog/what-does-a-cybersecurity-analyst-do/