For my cybersecurity career professional paper, I will be looking into the career as a Penetration & Vulnerability Tester. There are many ways this career requires and depends on social science research and social science principles. Penetration & Vulnerability Testers are usually referred to as pen testers. Their main job roles include helping “… organizations identify and resolve security vulnerabilities affecting their digital assets and computer networks” (Cyber Degrees, 2022). These professionals can either be hired directly by a company, such as a company having their own Penetration & Vulnerability Testing Team, or they can be hired through firms or companies that provide employees to test their systems.
Penetration testing for a tech company isn’t just hacking their systems. This professional career takes humans into consideration, not just by physically penetrating a company but also through social engineering. In recent years, social engineering has become a more popular type of hacking which has led to the integration of studying humans to expand methods and skills as a pen tester. Because a type of hacking is social engineering and because the core of being able to hack in this form is by understanding and manipulating humans, understanding and incorporating social studies into this professional career is crucial. While there are other strategies and avenues for penetration testers to infiltrate a system or company, this is a very common avenue because humans are the weakest links making it the easiest and most used way to get into a system. Unless your company is fully automated, humans run the risk of making errors and letting hackers into the system to exploit vulnerabilities. Studying what leads individuals to be more susceptible to baiting, spear phishing, tailgating, and pretexting is used to create better tools to help penetration testers. In an article describing how social studies are applied to social engineering, the author states that “people tend to put too much faith in technology to protect them” (Kortepeter, 2016) causing humans to be easy targets.
Women and minorities are constantly being underrepresented in not only research but also as individuals in the cybersecurity industry. This issue not only leaves out a larger number of groups of people that should be studied but also restricts creativity and knowledge for possibly better hacking tools and methods. Being that humans are at the core of social engineering, having a diverse representation in the career is crucial. In an article explaining the importance of diversity within cybersecurity careers, the authors state that “the lack of diversity blinds us to the myriad ways that actors can attack us and robs us of the talent and engagement of important parts of the global population. A lack of different perspectives and diverse representation mires us in the issues of today. It saps our energy and ability to look ahead to future threats” (Zabierek & Pipikaite, 2021). A successful career in penetration testing will require a strong understanding of not only technology but humans as well.
Resources
Kortepeter, D. (2016, October 23). Social Engineering: Why humans are the greatest security threat. TechGenix. Retrieved April 26, 2022, from https://techgenix.com/social-engineering-human-threat/
Kuczwara, D. (2016, October 23). Social Studies: Penetration tests for your human network. TechGenix. Retrieved April 26, 2022, from https://techgenix.com/penetration-testing-human-network/
Penetration tester career overview: Cyber degrees. Explore Cybersecurity Degrees and Careers | CyberDegrees.org. (2022, April 13). Retrieved April 26, 2022, from https://www.cyberdegrees.org/jobs/penetration-tester/
Zabierek, L., & Pipikaite, A. (2021, October 26). Here’s why cybersecurity needs to become more diverse . World Economic Forum. Retrieved April 27, 2022, from https://www.weforum.org/agenda/2021/10/why-cybersecurity-needs-a-more-diverse-and-inclusive-workforce/