The Role of Social Science Principles in the Information Security Field.  

Posted by cjone132 on

Casey Jones

CYSE 201S 

Old Dominion University 

October 24, 2026 
 

Professionals within the Information Security Industry including penetration testers, ethical or white hat hackers, infosec analysts, and others involved in protecting technology while administering services, would benefit greatly from understanding the psychology of the adversaries who would threaten those vary systems. “To know your enemy, you must become your enemy.” (Sun Tzu, The art of war). Multiple concurrent sources have listed humans as the weakest link within any cyber infrastructure, which elevates the importance of understanding the methodology of both sides of the field here using principles of sociology. Some of the key concepts applicable to information security analysts include: a thorough understanding of social engineering, human behavior, organizational culture, the digital divide present within marginalized groups, risk perception, ethical decision making, and communication theory; a vast knowledge area which covers both technical and sociological principles, and is essential for the survival of these professionals.  

For a daily routine, information security analysts plan and carry out security measures to protect an organization’s networks and systems. Some of their key responsibilities include monitoring an organizations network and reporting unauthorized activity, finding and repairing vulnerabilities within a system, preparing paperwork as necessary for documentation and reporting, and assisting other users (BLS, 2025). Traditionally, an information security analyst performing the role of a penetration tester would probe the network using tools such as Nmap, Wireshark, Metasploit, Burp Suite, and others. These tools are primarily used to identify and assess vulnerabilities within hardware and software systems however, with social engineering being reported as the top attack vector of 2022, the need for supplemental testing which includes the human element has also become essential.  

Armed with the knowledge and understanding of the sociological principles, infosec analysts can use the same technique as intruders might utilize to test employees and provide corrective education before a breach occurs due to a slip-up. Steps they would take include reconnaissance to identify as much information about the organization, employees, and infrastructure. Once the professional had their information, they would then craft a plan which may include deception, phishing, manipulation, or impersonation with the overall goal being to gain access to unauthorized or sensitive information (Mukherjee, 2023). Once the professional identified a successful simulated attack, they could approach that employee and explain to them what just happened, why it was bad, and how they could better protect themselves to avoid social engineering, ensure validate authorization and authentication before giving up any information that shouldn’t be distributed.  

Regular testing within an organization like this would serve to further awareness of cyber security threats, how they can be mitigated, and provide a better connection within the work cultural environment while fostering support for cybersecurity best practices. Better communication and inclusion will result in more compliance with security policies as they are implemented. In certain critical areas, non-compliance with security policies that result in a breach can lead to significant fines or even imprisonment for those responsible for the data exposure. The healthcare industry is one of the most regulated industries in the world and at its heart lies HIPAA, a regulation built around protecting the sensitive private information of a patient, providing that only authorized and necessary parties can access that data (Cambridge). Failures in sectors dealing with information such as that which falls under HIPAA compliance results in damage to the individuals who had their data compromised, reputation and financial damage to the organization, and can result in on-going consequences such as the sale / transfer of the compromised data to other malicious actors.  

In industries outside of finance and government, information security analysts may encounter challenges in supporting marginalized groups who face the digital divide. In many regions, including parts of Africa, cybersecurity has not been prioritized in the design of individual services, often due to limited infrastructure, funding, or awareness. This lack of integration can leave vulnerable populations exposed to cyber threats and limit their access to secure digital resources. While losses are reportedly not as high in individual cases compared to industrial ones, the impact of losing a day or perhaps a week’s pay to someone living in a place like Kenya could be devastating. “It is not uncommon for DFS fraud to be perceived as causing significant losses, frequently surpassing a day’s pay” (Anthony 2023).  

It is clear to see that the cybersecurity field, while technical, also benefits heavily from the integration of sociology, which allows for understanding everything from the why’s to the how’s. By incorporating the knowledge of human behavior, psychology, communication theory, and ethical decision-making information security analysts are better equipped to understand the motivations behind cyber threats, anticipate human vulnerabilities, and foster a culture which supports security awareness.  

References:  

  • Anthony, A. (2023, March 13). Cyber resilience must focus on marginalized individuals, not just institutions. Carnegie Endowment for International Peace. https://carnegieendowment.org/research/2023/03/cyber-resilience-must-focus-on-marginalized-individuals-not-just-institutions?lang=en [carnegieen…owment.org] 

Leave a Reply

Your email address will not be published. Required fields are marked *