Applying a social science framework, this course examines the social, political, legal, criminological, and economic aspects of cybersecurity. A human-factors approach to comprehending cybersecurity concerns is presented to the students. The social elements that lead to cyber incidents are discussed, as are the legislative and political measures designed to regulate the actions of people who pose a danger of cybersecurity mishaps. Additionally, the course examines the ways in which social scientists from a variety of social scientific fields, including psychology, political science, criminology, economics, sociology, and international studies, study cybersecurity.
Learning Outcomes: Students will be able to compare the ways in which cybersecurity is explained by fundamental ideas and models in the fields of psychology, sociology, criminology, politics, economics, and law after finishing this course.
Determine the theories’ advantages and disadvantages for comprehending the relationships between cybersecurity and human behavior.
Describe important terms such as digital forensics, human factors, cyber policy, cyber risk, cyber threats, cybercrime, cyber criminology, cyber law, and cyberwar. Find out how experts in different cybersecurity fields use these interdisciplinary ideas in their day-to-day work.
Explain the process by which research questions and hypotheses are developed in studies that use a social science perspective to examine cybersecurity.
Explain the methods used for data collection, measurement, and analysis in research projects that use a social science perspective to examine cybersecurity.
Determine how underrepresented groups have addressed cybersecurity-related issues and difficulties and how they have advanced our knowledge of the subject.
Describe the ways in which the application of social science ideas, concepts, and research methodologies has advanced our knowledge of cybersecurity from a societal perspective
Insider Threat
Last week, our CTO at my work changed the firewall in the server room in the office. For some reason, the server room door was slightly opened. I was going to the kitchen when I saw the door and my vice president in the kitchen. She was exhausted, and she told me, “You are studying cybersecurity. Can you hack the company for a few days so we can rest?” I told her, ” Well, the server room door is open. I can hack it easily.”
Unfortunately, sometimes employees can be stressed, overwhelmed, bored, unmotivated, etc. As a result, sometimes employees feel they want revenge from the society. Besides that, sometimes, there is hatred in the workplace that will result in data breaches, especially when the workplace has a toxic environment. Unfortunately, we are using technology in abominable ways. For instance, we encounter a lot of this day, and this is due to hatred of each other. We developed technology and intended to develop ourselves, but as we move forward, we move towards the dark side.
Nonetheless, those employees who hate are bored and exhausted and are called insider threats. As per Poremba in the article of Verizon, an insider threat is a person in an organization who uses their authorized access intentionally or unintentionally to reveal a company’s data. Insider threats can easily access endpoint systems, servers, networks, domains, and all critical network systems. Insider threats are unpredictable and difficult to detect or trace. Per Poremba ins, insider threats can be mitigated by behavior analytics solutions, which typically analyze employee behavior or actions. The trusted employee is difficult to hire, but there are signs that HR should see before hiring employees who might end up in server rooms or crucial roles.
Works Cited:
Poremba, Sue “ What are insider threats? Definition, types, and how to mitigate them.” Sept. 22, 2022
https://www.verizon.com/business/resources/articles/s/the-risk-of-insider-threat-actors/