The job of an information security analyst, also known as a cybersecurity analyst or IT
security analyst, is to protect an organization’s computer systems and networks from security
breaches, data leaks, and other cyber threats. Information security analysts play a crucial role in
safeguarding sensitive information and ensuring the confidentiality, integrity, and availability of
data. Information security analysts assess an organization’s current security measures and
identify potential vulnerabilities and threats. They conduct risk assessments to understand the
security posture and prioritize security efforts. Information security analysts ensure that the
organization complies with relevant laws and regulations, such as GDPR, HIPAA, or industry-
specific standards. They may also participate in audits and assessments to verify compliance.
They promote security awareness and best practices throughout the organization, ensuring that
employees understand their role in maintaining security.
Information security analysts depend on social science research and principles in several
ways in their careers. Social science research helps information security analysts understand user
behavior, which is critical for developing effective security strategies. By studying how
individuals and groups interact with technology, analysts can identify vulnerabilities and design
security measures that align with human behaviors. For instance, they might study how people
respond to phishing emails or how they manage passwords. Social science principles, such as
human-centered design and usability, play a significant role in making security systems more
user-friendly and effective. Analysts consider human factors, like cognitive psychology and user
experience, to ensure that security measures are not overly burdensome for users, reducing the
likelihood of security lapses. Social science research contributes to risk assessment and
management by helping analysts understand the sociotechnical aspects of security threats. This
includes assessing the motivations of threat actors, their methods, and the impact of security

ncidents on individuals and communities. Such insights are valuable in prioritizing security
measures and resources. Social science research provides valuable insights into privacy and
ethics, helping analysts navigate complex ethical issues related to data collection, surveillance,
and data sharing. They must consider the societal implications of their security decisions,
especially when dealing with sensitive data, and ensure that they are following legal and ethical
standards.
Information security analysts have a responsibility to consider marginalized groups and
underrepresented communities. Cybersecurity measures should be designed to be inclusive and
accessible to all users, regardless of their background or abilities. Neglecting this can lead to
discrimination, bias, and exclusion. Information security breaches and incidents can have
significant societal impacts, from financial losses to breaches of privacy and trust. Analysts play
a role in safeguarding the well-being of individuals and society by protecting critical
infrastructure, sensitive data, and communication systems.
In conclusion, information security analysts use social science research and ideas to
better understand human behavior, create user-friendly security measures, and address ethical
and societal issues. Their efforts to protect data, privacy, and vital infrastructure as well as to
uphold diversity and moral behavior in the industry directly benefit marginalized groups and
society at large.
References
“6 Integrating Social and Behavioral Sciences (SBS) Research to Enhance Security in
Cyberspace.” National Academies of Sciences, Engineering, and Medicine. 2019. A Decadal

Survey of the Social and Behavioral Sciences: A Research Agenda for Advancing Intelligence
Analysis. Washington, DC: The National Academies Press. doi: 10.17226/25335.
National Academies of Sciences, Engineering, and Medicine. 2019. A Decadal Survey of the
Social and Behavioral Sciences: A Research Agenda for Advancing Intelligence Analysis.
Washington, DC: The National Academies Press. https://doi.org/10.17226/25335.
Carley, K.M. Social cybersecurity: an emerging science. Comput Math Organ Theory 26, 365–
381 (2020). https://doi.org/10.1007/s10588-020-09322-9
Joubert, S. (2023, August 31). Information security analysts: Who they are & what they do.
Graduate Blog. https://graduate.northeastern.edu/resources/information-security-analysts/