The career of a Security Analyst and how Social Science is incorporated
in the career
Kaedon Denton
04-13-25

Introduction
Being able to protect enterprises from online threats and cyberattacks is just one of the
many important duties that falls under the responsibility of a Security Analyst. The position of a
Security Analyst takes and combines their deep expertise of cybersecurity tactics and knowledge
and blends it with their understanding of human behavior. Through social science which deals
with the study of human behavior, interaction, and social trends, Security Analyst must be able to
formulate a understanding of their fellow employees to be able to predict risks that might arise,
be able to inform the users, and create inclusive and ethical tactics. With their goal being that of
being able to understand user behavior, formulate awareness campaigns, and help solve social
problems that do not guarantee proper cybersecurity benefits to all communities fairly.

Security Analyst Responsibilities
The responsibilities of a Security analyst include them, looking in to breaches in their
system(s), find weaknesses in their system(s), eradicate current/possible threats, and play a key
role in formulating the company’s incident response plan. While this is plenty in terms of
responsibilities, they also have to include one of the biggest factors/responsibilities that requires
if most if not all their attention and that is, human error. Human error includes things such as a
user having a weak password and username, social engineering, and phishing emails. For
Security Analyst to be able to address human error, they must have an understanding of
behavioral patterns and be able to develop systems that consider the case of human error in it.
The problem of human error is then further exacerbated with technology increasingly affecting
vulnerable people more and more as time goes on, Security analyst have to consider social and
ethical problems when they go about implementing security solutions to current and future
problems.

A Understanding of User Behavior
When it comes to the “why” of people that choose to reuse usernames and passwords, it
comes down to behavioral psychology since the user is most likely overconfident in their
credentials and experience a case of “optimism bias”, which is them expecting their chance of
something negative happening is lower than that of those around them. This optimism bias can
lead to a user that has had notifications, that either their username or reused password was in a
data breach incident and their information is now compromised, “blowing” it off believing they
were not affected by it since nothing that they could see has changed. Based off of cases like that
of optimism bias, Security have to analyst develop their plans around risk reducing, and user
centric problem solving.

Cyber Awareness Training (CAT) and Incident Response plan (IRP)
Communication as a social science not only plays a major factor in the position of a
Security Analyst but just in general for the position. This is a concept that is shown off in an IT’s
department for cyber training their users. A Security Analyst has to be able to breakdown the
complexity of cyber security topics, tactics, and problems that are implemented, and be able to
engage the users (employees) in a training that is able to show and display realistic scenarios.
The training is created is more than often mandatory since, not only is the training going the
distance in further protecting the companies’ systems, it is also educating users on what might be
a phishing email, fake link, etc., which in turn is creates and strengthens the “human firewall”,
that is in place with proper Cyber Awareness Training, but also helps decrease chance of victim
precipitation taking place. While CAT is effective it does not eliminate the possibility of a cyber
incident occurring 100%. When an incident occurs, it falls on the IT department especially the
Security analyst to have had a IRP made to follow in the event of a cyber incident/breach
occurring. An IRP is a document that should be made since is an outline for how the organization
will detect, respond to, and recover from cyber based incidents.

Marginalized Communities and Accessible Security Inclusion
Marginalized communities more often than not do not have access to the proper resources
and information that can help to serve in defending themselves from cyber-attacks. By being able
to help with supporting accessible instructional programs and fairly priced security services,
security analyst can help to provide these services to the communities. The systems and services
that are provided to the communities must be able to be accessible as technology advances,
especially now Analyst need to consider how security measures such as those now using AI can
impact these marginalized communities. For what systems are implemented they must not be
used or seen in a light of violating these people and their community privacy. With this even
more that other parts, this is where social science concepts are applied by security analyst to find
a solution that is both socially correct but ethically as well.

Conclusion
While the position of a Security Analyst requires a vast amount of technical knowledge,
it also requires being able to understand human behavior and social influences. As seen in the
concepts applied social science not only provide a backbone for security analyst to follow, it also
plays a role in the continuous development improving their awareness trainings/campaigns,
security procedures, and minimizing human error. Taking this into account it shows that a
interdisciplinary approach is what allows analyst to do their job with both technology and people
and be able to tackle current and future cybersecurity threats as time goes on as well as with
technology and problems old and new constantly changing.

References
Lin, T., Capecci, D. E., Ellis, D. M., Rocha, H. A., Dommaraju, S.,
Oliveira, D. S., & Ebner, N. C. (2019, September). Susceptibility to
spear-phishing emails: Effects of internet user demographics and
email content. ACM transactions on computer-human interaction : a
publication of the Association for Computing Machinery.
https://pmc.ncbi.nlm.nih.gov/articles/PMC7274040/
Expanding cybersecurity in underserved communities. Nascio. (2024b,
November). https://www.nascio.org/wpcontent/uploads/2024/11/NASCIO_Cybersecurity-in-UnderservedCommunities_2024_a11y.pdf
Anthony, A. (2023, March 13). Cyber resilience must focus on
marginalized individuals, not just institutions. Carnegie Endowment
for International Peace.
https://carnegieendowment.org/research/2023/03/cyber-resiliencemust-focus-on-marginalized-individuals-not-justinstitutions?lang=en