Article Review #1
Controlling Cyber Crime through Information Security Compliance
Behavior Review
Student Name: Donovan Jimenez
School of Cybersecurity, Old Dominion University
CYSE 201S: Cybersecurity and the Social Sciences
Instructor Name: Dr. Jordan Quinn
Date: 2/19/2026
Introduction/BLUF
This article covers the factors of why people do and don’t follow cybersecurity practices.
The main contributors for people to follow cybersecurity policies are cybersecurity awareness and a great, engaging workplace environment.
Relation/Connection to Social Science Principles
This article incorporates and relates to many social science principles. The main principles it covers are: human behavior, beliefs & perceptions, social norms & cultural expectations, social relationships & trust matters, and institutions & organizational effects. First, it states that human behavior is shaped by the social environment someone is in. This shows that the workplace can have an impact and influence whether people follow different security policies. Beliefs and perceptions also have a big influence on people; this shapes how they might determine a cybersecurity practice. It also talks about social norms and cultural expectations. The article states that these things are the foundation of what a cybersecurity worker might think is normal and influences how they are organized. Lastly, institutions and organizations have a major role in the thought process of cyber professionals. The foundation of everything they know
is what they learned. So, overall, this article ties in plenty of social science concepts that relate to cybercrime and treats it as a social issue, not just a technical issue.
Research Question /Hypothesis/ Independent Variable/Dependent Variable
This article covers one main question: What key factors make employees more likely to follow cybersecurity policies? The answer to this question comes in the form of a hypothesis from the authors. They state that if employees are knowledgeable about cybersecurity risks/policies and have a strong support system to lean on, then they will follow cybersecurity policies. They did plenty of experiments to test this hypothesis, and the main independent variable studied was cybersecurity awareness and the environment of employees. They measured this and treated it as a main predictor of the dependent variable. The dependent variable was the people following practices. This is what was being manipulated by how knowledgeable people were and the environment they were in.
Types of Research Methods and Data Analysis Used
The way they researched all the topics was through quantitative methods. They used questionnaires and surveys. These surveys would involve questions about cybersecurity awareness, workplace culture, how much they trusted management, employee engagement, and other questions of a similar nature. They would then analyze the results and see how these factors had an effect on the following cybersecurity practices. The main method used to analyze all this information was structural equation modeling (SEM). SEM uses multi-factor analysis to test lots of different factors at once. Here, it was used to examine the effects of a functional working environment as well as the awareness of cybersecurity.
Connections to other Course Concepts
This article heavily aligns with this course and the content covered. We have learned that cybersecurity is not just a technology-based field; rather, social sciences and factors are a key part of cybersecurity. This article is proving the same exact idea, going hand-in-hand with the topics covered. For example, the article states that employee engagement will help shape whether people will follow cyber policies or not. This article also covers human factors in cybersecurity, just like in module 4 of this course. Specifically, the PowerPoint mentions how humans influence numerous inventions and products. So, the article supports the fact covered in this course that cybersecurity is more than just technology and other devices and includes humans and social sciences as well.
Connections to the Concerns or Contributions of Marginalized Groups
This article didn’t specifically talk about the considerations of any marginalized groups, like women in cyber or different racial groups, or anything of that nature. However, it was indirectly talked about when we think about what a good workplace environment really is, as well as how to have trust in management. One of the key things about both of these is having a diverse workplace. That is an essential aspect of a great environment where people are comfortable and can trust each other. So, even though it is not mentioned directly, this article indirectly speaks to the great contributions of marginalized groups.
Overall societal contributions of the study/Conclusion
In summary, this study states that a great workplace with employee engagement, when paired with knowledgeable employees who are aware of cybersecurity are the main factors that get people to follow cybersecurity practices. This has great implications for the social sciences and advances our knowledge while analyzing those factors. It emphasizes just how much of an influence knowledge and other people have on a person’s decision-making skills and overall choices in the workplace.
Reference:
- International Journal of Cyber Criminology. (2025, January 1). International Journal of
Cyber Criminology Vol 19 issue 1 January – June 2025. Cybercrime Journal .
https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/download/
452/133/909
Article Link:
https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/437/123
Article Review #2
Exploring the Psychological Profile of Cybercriminal
Student Name: Donovan Jimenez
School of Cybersecurity, Old Dominion University
CYSE 201S: Cybersecurity and the Social Sciences
Instructor Name: Dr. Jordan Quinn
Date: 4/07/2026
Introduction/BLUF
This article covers the different aspects of cybercrime, including the psychological traits of cybercriminals, the impacts of cybercrime, and ways to prevent it. The main idea is that cybercrime is not just a technical issue, but also a human and social issue that requires multiple approaches to solve. It suggests that the more we learn about cyber criminals and why and how they do what they do, the better we can counter attacks before they happen.
Relation/Connection to Social Science Principles
This article clearly connects to several social science principles we’ve discussed in this course. These include human behavior, beliefs and perceptions, social norms, and trust in institutions. For example, the article emphasizes that cybercriminals are not just code writers — they are people with various motivations like financial gain, revenge, or status, which are all shaped by psychological and social influences. This reflects human behavior theory, showing that people’s choices are influenced by more than logic or skill alone. The authors also explain how online group norms and peer communities can normalize cybercrime; they highlight social norms and cultural expectations. Trust and institutions are discussed through the role of law enforcement agencies like the FBI and Europol, showing that formal structures and shared belief in those structures matter when combating cybercrime. Throughout, the article treats cybercrime as a social topic that intersects with human decisions and organizational systems — not just computers and technical work.
Research Question /Hypothesis/ Independent Variable/Dependent Variable While this article isn’t a traditional experiment with a formal hypothesis, it has one main
question that is answered throughout the article: What insights from psychology, technology, and
organizational strategy can improve how cybercrime is understood and prevented? The hypothesis is that combining the understanding of hacker psychology with coordinated prevention strategies will lead to better outcomes in reducing cybercrime. Some of the strategies are better education, legal frameworks, and technical defenses. The independent variables in this context are the preventative measures like psychological profiling, incident response planning, international cooperation, and technology-based strategies. The dependent variable is the effectiveness of cybercrime prevention. It is measured by improved incident responses, reduced vulnerability, and stronger institutional resilience.
Types of Research Methods and Data Analysis Used
The authors used a systematic literature review method. Instead of collecting new data, they reviewed lots of stuff that already existed. This includes studies, case reports, and threat analyses to build a comprehensive picture of cybercrime. They referenced historical attacks, international legal frameworks, and emerging threat trends like APTs and IoT vulnerabilities. There was no statistical analysis of primary data; instead, they analyzed findings from multiple sources to see different gaps in current research and from there made future directions. This approach allowed them to cover psychological, legal, and technical aspects across disciplines. For example, they analyzed studies on cybercriminal motivations, reports on international laws like GDPR and CISA, and technical research on AI in cybersecurity.
Connections to other Course Concepts
This article strongly aligns with lots of different topics from the course. One of the main ones is the idea that cybersecurity is not just about firewalls and passwords, it’s about people. The article does this by explaining how criminal motivations, social environments, and institutional responses affect cyber threats. It also connects to the behavioral aspects of security, such as how social engineering takes advantage of human psychology. This is something we constantly discuss in different discussion posts and assignments. In addition to that, the topic of incident response planning and organizational roles is talked about in class when we talk about risk management concepts. For example, the question of why policies and procedures matter just as much as antivirus software. Also, the article places an emphasis on technological trends like AI and IoT. This mirrors the constant exploration of modern cybersecurity challenges. Overall, it reinforces the fact that cybersecurity is very complex, requiring both technical skills and human understanding.
Connections to the Concerns or Contributions of Marginalized Groups
Although the article does not specifically focus on marginalized groups, it indirectly brushes over topics that are related to equity in cybersecurity education and workforce development. For example, the authors stress the importance of expanding cybersecurity education and building a larger, highly skilled workforce. This aligns closely with broader concerns in cybersecurity about increasing diversity and inclusion. This is important when we consider how different backgrounds and perspectives help to improve problem-solving. A diverse cybersecurity workforce is more likely to create inclusive policies and reduce blind spots in defenses. Even though they don’t say it specifically, the article’s call for education and collaboration supports the idea of expanding opportunities for underrepresented populations in
the field.
Overall societal contributions of the study/Conclusion In summary, the study argues that cybercrime has to be approached from different angles. Specifically, psychological, social, organizational, and technical angles, instead of just relying solely on technology-based defenses. It shows that understanding the motivations and behaviors of cybercriminals, combined with incident response, legal compliance, and, more recently, tools like AI, is necessary to have good cybersecurity strategies. This has major implications for society because cybercrime is constantly evolving, and only using reactive solutions is not enough. The article recommends that we implement better education, incorporate global cooperation, and focus on human behavior studies to help contribute to our understanding of cybersecurity as a worldwide challenge. They believe that the more we do that, the more we can be more proactive in mitigating attacks. Lastly, it reinforces the idea from class that solving
cyber problems requires technical knowledge, social understanding, and strategic coordination across institutions. Not just one of them, but the combination of all of them.
Reference:
- Thuyen, D., Ha Dinh, T. C., & Kim Tran, T. N. (2025, June). International Journal of Cyber
Criminology Vol 19 issue 1 January – June 2025. Exploring the Psychological Profile of
Cybercriminals: A Comprehensive Review for Improved Cybercrime Prevention.
https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/download/452/13
3/909
Article Link:
https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/452/133