Article Review #1

Analyzing Expert and Novice Decision Making in Cybersecurity: A Grounded Theory Perspective

Introduction

This article looks at how cybersecurity experts and novices make decisions when working through security scenarios. The authors used interviews and observations to understand the ways people process information, the mental shortcuts they rely on, and how experience shapes their choices (Nurse et al., 2016). The study helps us see the human side of cybersecurity decision making and shows how social science ideas such as behavior and thought connect with technical security issues.

Relationship to Social Science Principles

The study reflects several core ideas of social science. It shows that decision making is not just technical but strongly shaped by human judgment and thinking. It also highlights how experience changes behavior, linking to social science theories about learning and expertise (Nurse et al., 2016). The work recognizes that context matters. Decisions are influenced by the environment, tools, and roles people have at organizations. Finally, the use of grounded research methods fits with social science traditions of building knowledge directly from data rather than only testing preset theories.

Research Question, Variables

The main question guiding the study is how experts and beginners differ in the way they think and decide during cybersecurity tasks. Instead of formal hypotheses, the authors focused on finding patterns in reasoning (Nurse et al., 2016). The independent variable was the level of experience (expert or novice) along with the type of scenario, while the dependent variable was the way decisions were made, including the reasoning steps, use of shortcuts, and final outcomes.

Research Methods

The study used a qualitative strategy. Participants completed security analysis exercises while being observed and are asked to explain their rational. Their responses were recorded and later assessed using grounded theory, which involves coding the data, grouping ideas, and building themes to explain behavior (Nurse et al., 2016). This methodology allowed the researchers to map out the decision process in greater detail.

Data and Analysis

The main data came from interview transcripts, observations, and records of the decisions participants made. The researchers applied coding in steps to organize the data and identify common patterns. Throughout this process they found the different approaches and shortcuts experts and novices used, and how those influenced the quality and speed of their decisions.

Relationship to Class Concepts

This article ties closely to ideas covered in class, such as cognitive biases, heuristics, and bounded rationality. It shows how human judgment plays an important role in technical work and connects with models of situational awareness and mental models that we have studied. The research emphasizes the idea that cybersecurity is both technical and social, and that people’s thinking has a direct effect on outcomes (Nurse et al., 2016).

Relationship to Marginalized Groups

Although the study does not directly focus on marginalized groups, there are important points to consider. Access to training and recognition as an expert is not always equal, which can limit who gets represented in studies such as this. Decision making may also be shaped by cultural or social background, which the article does not go into much depth. This shows the importance of including diverse voices in cybersecurity research and practice to avoid “echo chambers” or narrow views of expertise.

Contributions to Society

The study offers several useful contributions. It can help improve training by showing how beginners can learn from the strategies experts use. It also provides insights for designing tools that better support human reasoning. By identifying common mistakes and blind spots, the research can reduce mistakes in real security analysis. Most importantly, it highlights how combining social science with cybersecurity can lead to stronger, more human oriented security practices.

Conclusion

This article gives a clear picture of how decisions are made in cybersecurity work and how expertise shapes those choices. It demonstrates the value of using social science methods to understand technical fields. The findings can improve training, guide the design of better tools, and ultimately strengthen security by focusing on the human side of decision making. While the study did not fully address issues of diversity, its overall contributions to society are meaningful.

References

Hanan Hibshi, Travis D. Breaux, Maria Riaz, Laurie Williams, A grounded analysis of experts’ decision-making during security assessments, Journal of Cybersecurity, Volume 2, Issue 2, December 2016, Pages 147–163, https://doi.org/10.1093/cybsec/tyw010

 

Article Review #2: Going from bad to worse: from Internet voting to blockchain voting

https://academic.oup.com/cybersecurity/article/7/1/tyaa025/6137886

Introduction

This article examines whether Internet and blockchain voting can meet the minimum standards for secure, trustworthy elections. The authors argue that remote, electronic only voting introduces large scale, hard to detect failures that paper backed systems resist. They emphasize evidence based elections, where outcomes are auditable and verifiable, and they conclude that convenience cannot outweigh integrity and public trust (Park, Specter, Narula, & Rivest, 2021).

Relation to Social Science Principles

Elections are social systems with technical components. The paper focuses on legitimacy, accountability, and collective trust, core social science concepts. It shows how incentives and power asymmetries matter: nation state adversaries, vendors, and voters have different goals. The analysis also touches on institutions and governance by stressing transparency, contestability, and verifiable evidence as the foundation for public acceptance of results (Park et al., 2021).

Research Question, Hypotheses, Independent Variable, and Dependent Variable

The central question asks whether Internet and blockchain voting can satisfy minimal election security requirements in practice. The working hypothesis is that they cannot do so in the foreseeable future. The independent variable is the voting system type and architecture (paper based precinct voting, mail-in ballots, direct recording electronic machines, and remote Internet or blockchain systems). The dependent variable is the system’s ability to achieve evidence based elections. Ballot secrecy, software independence, voter verifiable records, contestability, and effective auditing, all without enabling scalable or undetectable failures (Park et al., 2021).

Research Methods

The study is a literature review and conceptual analysis. It blends prior technical breakages and deployments, legal standards, and election science. The authors build a framework that categorizes voting by location and by whether the ballot is a voter verifiable paper record. They also use threat modeling to reason about adversaries, attack costs, and feasibility (Park et al., 2021).

Data and Analysis

Evidence is drawn from documented vulnerabilities and case studies, including the Voatz mobile app, the Washington, DC and Swiss Internet voting pilots, and the Moscow blockchain trial. The analysis explains how malware, zero day exploits, and denial of service enable wholesale attacks that can be both scalable and undetectable. The paper argues that blockchains function as public bulletin boards and cannot fix endpoint compromise, coercion risk, or brittle key management. They may also add governance and upgrade complexity (Park et al., 2021).

Relation to Class Concepts

The article reinforces human centered cybersecurity and the socio-technical lens: integrity and verifiability come before convenience. It aligns with class discussions on risk, threat modeling, and trust, and with the idea that auditing and transparency provide credible assurance. The focus on software independence mirrors our course emphasis on verifiable outcomes instead of blind reliance on software (Park et al., 2021).

Relation to Marginalized Groups

The authors cite evidence that online voting does not reliably raise turnout and that effects can favor higher income and higher education groups. Smartphone and broadband gaps can compound inequities. Remote electronic voting also increases exposure to targeted coercion or suppression. Paper backed, auditable systems with transparent oversight are more likely to protect voters who already face barriers to participation (Park et al., 2021).

Contributions to Society

The article provides a practical lens for evaluating new voting technologies and redirects enthusiasm away from unproven electronic only schemes toward resilient, auditable processes. By centering evidence based elections, it supports policies that strengthen democratic legitimacy through voter verifiable paper ballots, risk limiting audits, and operational transparency (Park et al., 2021).

Conclusion

The authors make a clear case that adding a blockchain does not resolve core security problems of online voting and can introduce new ones. Until systems can deliver convincing, publicly verifiable evidence that results are correct and resist scalable, undetectable failures, remote electronic only voting should not be used for political elections. Paper backed audits remain essential (Park et al., 2021).

References

Park, S., Specter, M., Narula, N., & Rivest, R. L. (2021). Going from bad to worse: From Internet voting to blockchain voting. Journal of Cybersecurity, 7(1). https://doi.org/10.1093/cybsec/tyaa025