A Look into Cybersecurity Policy Advocates
Kevin McKenna
December 3rd, 2023
Introduction
The job of a Cybersecurity Policy Advocate is carried out by cybersecurity professionals who
possess a skillset of not only technical expertise in the field, but also skills relating to social sciences and
social principles. These professionals focus on the major components of their jobs which include
promoting the adoption of various security measures, as well as educating a variety of people in
different occupations such as politicians, executives, home users, and more. This career path
encompasses a few different roles in which this advocacy is needed such as security researchers, non-
profit cybersecurity staff, and various consultants.
A Human Centric Approach
Cybersecurity policy advocates are an emergent role that encompasses the job tasks of both a
“change agent” as well as a “risk communicator.” In order to do this, those that find themselves in this
role must focus more so on the education and empowerment of individuals to ensure that they are
forming good habits regarding their personal security attitudes and behaviors. To successfully fulfill
these job responsibilities, advocates are required to focus on the social sciences and principles that are
present in Cybersecurity rather than the technical aspects. These advocates possess adequate
interpersonal skills, as well as communication skills in order to understand human behavior and build
trust with their target audience and clientele. A study conducted by Julie M. Haney and Wayne G.
Lutters showed that participants stated that advocates also must possess “context awareness” meaning
that they must recognize “that unique audiences have different strengths, values and challenges” and
that a “one-size-fits-all” approach is not an adequate means of advocacy. Rather advocates must
account for marginalized groups such as the elderly and people with lower economic means in which
there is a significant gap of access to technology, as well as cybersecurity education and knowledge. To
summarize, these experts essentially bridge the gap between technology and society by utilizing social
sciences to effectively advocate for improved cybersecurity measures that are inclusive, accessible, and
effective for all groups of people.
Conclusion
In an ever-changing technological society full of social disparities, Cyber Security Policy
Advocates are essential in bridging the gap and ensuring that all technology users are well educated and
equipped to handle their own cyber hygiene, as well as the cyber hygiene of their companies. This role is
multi-faceted in nature meaning that these advocates not only advocate for the implementation of
security measures, but also engage actively in education and empowerment across varying
demographics that range from politicians and CEOs to those marginalized groups that may have lesser
means and understanding when it comes to technology. This career field requires a positive attitude,
empathy, and a good understanding of social sciences and human behavior in order to achieve success.
As emerging cyber threats continue to arise and evolve, advocates possess an imperative role in which
they must combine cybersecurity principles with social sciences an order to successfully build a safer
cyber landscape that is secure and considers the needs of every member of our society.
References:
Haney, J. M., & Lutters, W. G. (2021, March 22). Cybersecurity advocates: Discovering the
characteristics and skills of an emergent role. Information & Computer Security.
https://www.emerald.com/insight/content/doi/10.1108/ICS-08-2020-0131/full/html#sec012
Haney, J. M., & Lutters, W. G. (2018, August 12). “it’s {scary…it’s} {confusing…it’s} dull”:
How cybersecurity advocates overcome negative perceptions of security. USENIX.
https://www.usenix.org/conference/soups2018/presentation/haney-perceptions
Shane, P. M. (2012). Cybersecurity policy as if ordinary citizens mattered: The case for public
participation in cyber policy making. Isjlp, 8, 433.