The career I have decided to focus on for this assignment is a job that I would like to get into myself with the company I currently work for, as they have a few cybersecurity related jobs to offer and this being one of them. The description for a risk analyst will slightly differ depending on whom you get your answer from, however it is generally described as an individual who is responsible for protecting and monitoring the organization’s computer network and systems from threats. The individual will be identifying these threats and staying up to date with the newest ways someone may try and hack into a system. Ensuring that the individual is kept up to date via annual testing is a great way to have them stay up to date and qualified to assess new threats. One key concept that was discussed throughout the class thus far is the mindset of a person and how human error is one of the biggest flaws in a company’s security measures. Ensuring that your employees are in a clear head space to accurately perform their jobs and understand their behavior is a key aspect of being a risk analyst.

There are many theories that can explain the criminology aspects of cybersecurity threats, some that can be seen on a day-to-day basis of a risk analyst in my opinion are routine activity and behavioral theories. A hacker is someone smart enough to know what companies they might need to target to get unauthorized access to valuable information that can be used for numerous reasons. This along with the behavioral theory suggest that this behavior is learned from what an individual has observed and surrounded themselves by to carry out these crimes. As a risk analyst these theories can also help you as the worker be better prepared for what threats might be at hand. If you were to have previously had an employee who was knowledgeable in the systems used and the networks of a company, that company could be an easier target for them to gain authorized access to get information that may be of some value to them. Both theories can be seen and justified daily depending on the target of the attack and what kind of information is at stake. Determinism is another way that an individual’s behavior could be influence for them to be able to predicate and be better prepared for an attack.

Understanding human behavior is a good way for risk analyst to understand the motivation behind a certain attack. This is also a good way for them to be more self-aware of their own mindset as an employee and as a human being. Having a bad state of mind in a career field that deals with different cyber threats daily is a recipe for disaster as it can lead to the employee not being as sharp on their instincts or training to assess all the possible risks. This can also lead to them being better prepared and ready to see vulnerabilities in a company’s security systems and can take precautionary measures to avoid certain risks.


Shelton, Sarah. “Home.” IACFP, 15 June 2021, www.myiacfp.org/the-application-of-social-learning-theory-to-the-correctional-setting-by-case-examples/.
Holbrook, Emily, et al. Risk Management Monitor, 12 June 2012, www.riskmanagementmonitor.com/security-and-risk-management-as-a-social-science/.
“Read ‘A Decadal Survey of the Social and Behavioral Sciences: A Research Agenda for Advancing Intelligence Analysis’ at Nap.Edu.” 6 Integrating Social and Behavioral Sciences (SBS) Research to Enhance Security in Cyberspace | A Decadal Survey of the Social and Behavioral Sciences: A Research Agenda for Advancing Intelligence Analysis | The National Academies Press, nap.nationalacademies.org/read/25335/chapter/10. Accessed 28 Oct. 2024.
Cybercrimejournal, cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/download/186/68/330. Accessed 18 Oct. 2024.
Hashemi-Pour, Cameron, and Wesley Chai. “What Is the CIA Triad?: Definition from TechTarget.” WhatIs, TechTarget, 21 Dec. 2023, www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA.