Cybersecurity as a Social Science (CYSE 201S)

Cybersecurity is typically conceived as a technical topic. In reality, the topic is multi-
disciplinary, and some aspects of the topic are best understood through a social science lens.
This course addresses the social, political, legal, criminological, and economic dimensions of
cybersecurity through a social science framework. Students are introduced to a human-factors
approach to understanding cybersecurity threats. Attention is given to the social factors that
contribute to cyber incidents and the political and legal mechanisms that are developed to control
the behaviors of those who create risks cybersecurity incidents. The class also explores how
cybersecurity is studied by social scientists in psychology, political science, criminology,
economics, sociology, international studies, and other social science disciplines.

Learning Outcomes
After completing this class, students will be able to:
 Compare how basic psychological, sociological, criminological, political, economic, and
legal theories and models explain cybersecurity
 Identify the strengths and weaknesses of those theories in understanding the connections
between human behaviors and cybersecurity
 Define key concepts including cybersecurity, cybercrime, cyber criminology, cyber law,
digital forensics, human factors, cyber policy, cyber risk, cyber threats, and cyberwar.
 Identify how professionals in various cybersecurity careers apply these multidisciplinary
concepts in their daily routines
 Describe how hypotheses and research questions are formed in studies addressing
cybersecurity through a social science lens
 Describe how data are collected, measured, and analyzed in studies addressing
cybersecurity through a social science lens
 Identify how marginalized groups have confronted challenges and concerns related to
cybersecurity as well as how these groups have contributed to our understanding about
the topic.
 Explain how the application of social science theories, principles, and research strategies
have contributed to our understanding of cybersecurity at the societal level.

Course Material

Journal Entries By Week

1. NIce Framework – I think that the Oversee and Governance branch of the NICE Framework is the discipline of Cyber Security that I am most interested in. I think it would be interesting to balance the different sides of cyber security, such as overseeing the utilization of data, policies, procedures, and to gain the knowledge to develop plans or to manage plans already in place. It allows you to dip into different pots, so to speak. I’ve never been one with a narrow perspective, and I would dislike a job that has such requirements, such as data administration in the Operate and Maintain branch of Cyber Security. I would quickly get bored of that in my opinion. 
2. Scientific Principles in Cyber Security – Social Scientists in relation to Cyber Security use several different principles of science to conduct their research and come to their conclusions about several different topics and to several different questions. Principles such as determinism, objectivity, parsimony, and relativism are a few examples of the principles used in cyber security research to keep the results objective, free of opinions, ethical, and as simple as possible to explain.
3. Diversity in Cyber Security – I believe that it is important to have a diverse cyber security workforce because it is a big motivator and influence to the onlooking generation. It is important to promote a field as vast and steadily growing as cyber security as welcoming to all genders and ethnicities. It can also dissolve any notions of discrimination and prejudice towards cyber crimes and offenders as they can have workers in the field from all backgrounds and keep any work objective. 
4. Maslow’s hierarchy of needs and technology – I believe that technology does definitely serve all of the needs on Maslow’s hierarchy. My first physiological need is met by being able to use apps and services on my phone to order food, drinks, and to socialize and speak to people. My safety needs are met by being able to apply for jobs and seek employment through websites and using internet services to protect my information and personal data. Loving and belonging is met through the use of social media, such as facebook. My family posts pictures of my cousins and my old friends show glimpses of their life so I can see how they’re doing. Self-esteem is met by posting my accomplishments online. I make music, so getting props for my skills definitely boost my ego. Self-actualization is met by being motivated by everyone else posting their goals and accomplishments. There are also all sorts of planning apps that can help keep track of goal progress and keep me accountable. 
5. Ranking reasons for cyber crimes – 1. Multiple reasons- I think that many cyber criminals can have multiple reasons and motives for their crimes, so I think that looking at it from a multi-faceted perspective makes the most sense. 2. Money – I think the best and most understandable reason for any crime is for monetary gain. 3. Political – many of the biggest crimes in history were perpetrated for political reasons, as many people are willing to go to radical lengths for what they believe. 4. Revenge – humans have an intrinsic desire to get even when they feel like they’ve been hurt or wronged. 5. Recognition – some people want to have a name in history, be it for positive or negative reasons. 6. Entertainment and 7. Boredom. 
6. I wasn’t able to find any fake website myself, but a couple things that can alert someone to a fake website are the domain name, domain age, and deals that seem too good to be true. Most fake websites are designed to take advantage of social engineering and manipulate people. Many people won’t look to closely at the legitimacy of a website when they believe they are receiving a great value.
7. Humans Systems Integration memes – https://imgflip.com/i/7kwu25?herp=1683509003779, https://imgflip.com/i/7kwuc3, https://imgflip.com/i/7kwuir, https://imgflip.com/i/7kwupc, https://imgflip.com/i/7kwuwz, https://imgflip.com/i/7kwv2a, https://imgflip.com/i/7kwv7y, my memes represent either naive people, cyber bullies, or people who aren’t naive participating in either allowing cyber crime or not becoming victims.
8. Media influencing perception of cyber crime – I believe that in most movies and shows, cyber crime are depicted as grand gestures almost. It’s always a shady looking hacker typing their keyboard a lot and live hacking someone’s computer or camera maybe for black mail. Or they tap a few buttons on their phone and hack public electronics, or they plug in a usb drive and take control of a whole network. It almost makes these huge operations look easy, and also totally neglects the sometimes simple cyber attacks that do a lot of damage due to social engineering.
9. Social media scale – I scored about a 2/9 on the scale. I think the items on the scale are more about people who use social media enough to let it control a portion of their lives and have a hard time stepping away from it to tend to other things. Around the world, the scored would differ because of the inherent values of people in those countries as well as the changing culture of the younger generation clashing with their parents. 
10. Social Cybersecurity – I agree with the article. It is kind of reminiscent to yellow plagiarism used during WWII I believe. With the spreading of fake news and people gullible enough to believe it, a country’s unity can be weakened by people who can be influenced to believe otherwise. Social cyber security can very much hack humans and manipulate them to achieve any desired effect on a larger scale, such as people believing that Donald Trump won the election and feeling motivated enough to storm the capitol.
11. Social and economic theories – I believe that rational choice theorists relate to the letter because the rational choice after an incident such as this would be to contact the card company and mitigate any damage that might be done or to prevent further damage from being done. Marxian theory would probably feel a bit betrayed by the company for allowing such activities to take place for so long and only now being notified. The conflict perspective would view the attack negatively and probably no longer trust the provider while the functionalist perspective would probably appreciate the notice. 
12. 5 most illegal violations – I think that bullying, using copyrighted images, sharing addresses, collecting information about children, and recording calls are the biggest violations that people my make on the internet. These are harmful or extreme violations of privacy and clear neglect of consent. Using someone’s copyrighted images robs them of money and other compensation and basically makes someone out to be a thief. 

14. Ted Talk – I think that the speaker’s pathway into his field is  a very relatable one. Working at a dental practice myself, I have seen positions be created and careers being opened up due to a need arising and the management not wanting to outsource, and instead wanting to utilize current human resources. Having been able to dabble in his interest as an official work project, piquing his interest and also allowing him to gain more experience is pretty cool.