Cybersecurity & Social Science
Course Material
Security breaches are common in organizations, and many of these breaches are caused by human errors. What are some ways to reduce human errors and improve security?
With many security breaches being caused by human errors, there are several avenues companies and organizations can and should take to avoid human mistakes within their cybersecurity infrastructure. An important yet often forgotten method would be to provide continuous, in-depth training to all of their employees. Complacency paired with a lack of knowledge can create a workforce that is more prone to human errors. While initial on-the-job training and certifications are essential, continuous and updated training can help bring everyone up to speed and on the same page about proactively working to avoid simple mistakes.
Another solution would be to implement some Artificial Intelligence (AI) screening to double-check work completed by humans or even to complete some work itself entirely (under human supervision). AI has been proven to be effective and efficient, although AI does pose a very serious risk within itself. AI is vulnerable to cyber attacks that can actually jeopardize the security of an organization’s network. When using this tool, security measures must be put in place to ensure the security of an organization’s cybersecurity infrastructure. Not to mention, AI can be incredibly expensive. This could prove to be an issue depending on the company’s technology infrastructure budget.
References
Bergadano, F., & Giacinto, G. (2023). Special Issue “AI for Cybersecurity: Robust Models for Authentication, Threat and Anomaly Detection”. Algorithms, Vol. 16(Issue 7), p327. EBSCOhost. 10.3390/a16070327
Grandhi, S. R., & Still, J. D. (2025). Deciphering Human Error: Improving Cybersecurity Reporting. Proceedings of the Human Factors and Ergonomics Society Annual Meeting. https://doi.org/10.1177/10711813251358790
“Apply the phrase victim precipitation to cyber victimization”
Does a victim’s choices and behaviors cause them to become victimized? That’s the question the phrase “victimization precipitation” attempts to answer. A more specific question to answer would be, “Why was this person vulnerable to this crime?” By exploring that question, I feel it could provide more beneficial answers as to why a victim was ultimately victimized. Now, how does victimization precipitation relate to cybercrime? Pretty much the same way, by understanding why an individual or a group of people became victims of cybercrime, we could possibly learn ways to prevent victimization in the future. Specifically looking at online habits and what exactly made them the target of a cybercrime, like having unsecure passwords or posting sensitive information on public forums. Learning why someone became a victim could provide a lot of answers to otherwise unknown questions of vulnerability and victimization. Not only does this protect the victims from being victimized again, but it could also warn other potential victims to ensure they aren’t a soft target when it comes to cybercrime. I honestly didn’t know this was an area of study before reading the lesson PowerPoint and doing research. It’s a pretty interesting theory that could potentially help understand victimization on a deeper level.
References
Angkasa. (2018). Legal Protection for Cyber Crime Victims on Victimological Perspective. SHS web of conferences, 54, 8004. https://doi.org/10.1051/shsconf/20185408004
Lasky, N. V. (2019, August). Victim Precipitation Theory. The Encyclopedia of Women and Crime Set, 1-2. https://doi-org.proxy.lib.odu.edu/10.1002/9781118929803.ewac0517
Identify which theories you think best explain cybercrime and discuss what you like about that theory.
All four theories mentioned in the lesson provide explanations for why cybercrime occurs. The best answer for why an individual would commit a cybercrime can be found within behavioral theories. Although the other three theories had interesting points of view, behavioral theory provided a more comprehensive answer as to why someone might commit a cybercrime. It makes sense to assume that an individual’s behavior and certain factors, such as who they are, who they surround themselves with, and what they know about cybercrime, can influence their online behavior. Understanding exactly what behavior leads to these decisions can help profile potential cyber perpetrators and prevent at-risk individuals from embarking on a life of cybercrime. A good question that arose during the lesson was what could deter cybercriminals from committing crimes online. Since behaviorally, they tend to heavily weigh the risks versus the rewards, finding ways to discourage cybercrime could prevent it altogether.
References
Wright, T., Ruhwanya, Z., & Ophoff, J. (2024). Using the theory of interpersonal behaviour to explain employees’ cybercrime preventative behaviour during the pandemic. Information and computer security, 32(4), 436–458. https://doi.org/10.1108/ICS-11-2023-0228
After watching the video, post an entry in the discussion board describing what you think about the “human firewall.”
The video talked about points that I feel have been continuously brought up during this course. No matter how advanced your security is on your network, the human factor will always play a huge role in the safety of information. The video spoke about the “human firewall,” and I think it brought up amazing points. Knowing that no one is immune to being manipulated into compromising information and access further extends the points that all people within an organization must be continuously trained in cybersecurity threats. Primarily because the threats to the cyber environment are continuously evolving. And our best shot at protecting information and securing a network is to properly educate the human factor in every scenario. I especially liked that he talked about the easy scam at the beginning of the video. It shows how easy it is to fall victim to divulging sensitive information when it is framed in a way to believe it was an innocent post meant to be fun, when really it was intended to phish personal answers out of unsuspecting individuals.
Pay attention to how he has embedded himself into the cybersecurity culture. Also, pay attention to how the ideas of knowledge, technology, and secrecy relate to his expertise. On the discussion board post an entry about how the video relates to something you read for this class – either from the readings or this module. Respond to two other students’ discussion board entries.
Wow! It’s incredibly impressive to see such a young person so knowledgeable on a subject many adults do not fully understand. With his parent working in cyber, I’m sure that had plenty to do with their children’s interest in cybersecurity. Having a young person so passionate about showing real-life cyber vulnerabilities in everyday devices can put the severity of risk in perspective for many people. I am especially impressed by both the 12-year-olds’ and the six-year-olds’ ability to present these topics in conferences in front of many people. That is a skill many people struggle with even into adulthood. A lot of what he brought awareness to covered what we have gone over in class, and how easy it is for anyone to exploit vulnerabilities in everyday items. I think the recording bear was a scary reminder that these seemingly harmless devices can infringe on basic privacy within your own home.
Identify two research questions that researchers might address related to the social aspects of cybersecurity.
Two Research Questions Relating the Social Sciences to Cybersecurity:
- How do international cybersecurity laws affect the way different countries interact with one another? This question can provide understanding as to how cybercrime and laws can impact country relations and the globe. What laws are universally accepted and effective at preventing international cybercrime? How does the agreement of the laws between countries affect how the world interacts with one another? These research questions can offer a deeper understanding of how cyber laws can have significant impacts on foreign relations and international cybersecurity. It can also provide a united front against all cyber criminals around the world.
- What privacy violations do healthcare entities face during a cybersecurity breach that exposes sensitive health information? A primary cybersecurity concern is the impact of a data breach on sensitive health information and how it could affect patient care. If patient information isn’t kept private, it could cause lifelong problems and have serious negative consequences. The greater impact this could have from a social standpoint is substantial. Cyber breaches with personal health information will erode public trust and make routine medical care a privacy risk. A society without trust in the healthcare system could have lasting and profound impacts on the world around us.
What does economics have to do with cybersecurity?
Believe it or not, cybersecurity has a tremendous influence on modern-day economics. That influence holds when cyber incidents occur, causing companies and sometimes governments to spend enormous amounts of money. In fact, it is estimated that “the economic impact of cybercrime on businesses is expected to reach US$10.5 trillion by 2025” (Kuzior et al., 2022, p.9). It costs a lot of money to protect a network infrastructure. It costs even more money to fix the aftermath of a cyber incident. Maintaining public trust in cybersecurity systems can also have an impact on the global economy (Kaur et al., 2024, p.1). When private information is protected, people are more likely to use those systems and trust that they will protect their personal information. Public trust directly affects a company’s revenue, thus improving the economy as a whole. And preserving sensitive government infrastructure is just as important as it creates a level of trust and confidence within the citizens of a country. And when a country is performing well economically, other countries are also positively affected. By protecting sensitive information, countries around the globe can maintain their information effectively and confidently. This directly impacts the global economy by enhancing country relations and improving trust, which is a crucial component in fostering economic growth and success.
References
Kaur, G., Dalei, N. N., Mahapatra, S. K., & Kandpal, V. (Eds.). (2024). Cybersecurity, Law, and Economics: The Case of India. Taylor & Francis Group.
Kuzior, A., Vasylieva, T., Kuzmenko, O., Koibichuk, V., & Brożek, P. (2022, December). Global digital convergence: Impact of cybersecurity, business transparency, economic transformation, and AML efficiency. Journal of Open Innovation, 8(4), 1-24, Article 195. https://doi.org/10.3390/joitmc8040195
Why do you think individuals don’t report cybercrime victimization?
Not all victims of cybercrime report what happened to them. There are several reasons why a victim may not report a cybercrime (van de Weijer et al., 2020, p.18). A significant reason may be the lack of awareness that they are victims in the first place (Mikkola et al., 2024, p. 450). Or they may know but don’t understand how to report the crime in the first place. This stems from a lack of cyber education among the general population, leaving the vulnerable at risk. Training programs and PSA ads could do a lot of good in educating the public on the dangers of cybercrime and how prevention and reporting could help. When the general public is educated on the warning signs of cybercrime, how to prevent victimization, and how to report it if it does occur, it can lead to a better outcome for everyone.
On the broader scale, companies and corporations may be hesitant to report cybercrime due to the publicity of an information breach. The bad publicity on its own could erode public trust and create a lasting, tarnished reputation for the business. This also raises ethical concerns, as customers should be notified when their information has been compromised in a cyberattack. This applies to sensitive user information and personal health information, including data from hospitals and medical organizations.
References
Mikkola, M., Oksanen, A., Kaakinen, M., Miller, B. L., Savolainen, I., Sirola, A., Zych, I., & Paek, H.-J. (2024, April). Situational and Individual Risk Factors for Cybercrime Victimization in a Cross-national Context. International journal of offender therapy and comparative criminology, 68(5), 449-467. https://doi.org/10.1177/0306624X20981041
van de Weijer, S., Leukfeldt, R., & Van der Zee, S. (2020, April). Reporting cybercrime victimization: determinants, motives, and previous experiences. Policing : an international journal of police strategies & management, 43(1), 17-34. https://doi.org/10.1108/PIJPSM-07-2019-0122