{"id":291,"date":"2025-04-28T23:23:20","date_gmt":"2025-04-28T23:23:20","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/mahad\/?p=291"},"modified":"2025-04-28T23:30:08","modified_gmt":"2025-04-28T23:30:08","slug":"how-social-science-shapes-security-engineering-in-cybersecurity","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/mahad\/2025\/04\/28\/how-social-science-shapes-security-engineering-in-cybersecurity\/","title":{"rendered":"Career Paper"},"content":{"rendered":"\n<p class=\"has-larger-font-size\"><strong>How Social Science Shapes Security Engineering in Cybersecurity<\/strong><\/p>\n\n\n\n<p><strong>Introduction<\/strong><br>Cybersecurity may seem like a field driven solely by technical expertise, but<br>professionals in this space increasingly rely on social science to do their jobs effectively.<br>Security engineers, in particular, work at the intersection of technology and human<br>behavior. While they are responsible for designing and implementing secure systems,<br>their success depends just as much on understanding how people think and act. This<br>paper explores how social science research and principles are essential to the work of<br>security engineers, especially in the context of building equitable systems that serve a<br>diverse society. It also highlights how these professionals help protect marginalized<br>communities in a rapidly evolving digital landscape.<\/p>\n\n\n\n<p><br><strong>The Social Side of Security Engineering<\/strong><br>Security engineers often work behind the scenes to build protections into digital<br>infrastructure, but many of the risks they manage are rooted in human behavior. People<br>fall for phishing scams, use weak passwords, ignore security updates, not because<br>they\u2019re careless, but because they\u2019re human. That\u2019s where social science comes in<br>(Hadnagy &amp; Fincher, 2015).<br>Psychology helps security engineers anticipate how users behave under stress,<br>distraction, or routine. Concepts like cognitive load, decision fatigue, and risk perception<br>guide the design of systems that are both secure and usable (National Academies of<br>Sciences, Engineering, and Medicine [NASEM], 2019). For example, instead of<br>overloading users with complex security tasks, engineers use principles from behavioral<br>science to streamline authentication or encourage safer habits through default settings.<br>Sociology and organizational behavior also play a role. Engineers need to understand<br>the cultural and structural dynamics of the companies or institutions they\u2019re securing.<br>Knowing how teams communicate, how decisions are made, and what kind of<br>resistance new protocols might face helps engineers design security processes that fit<br>within real-world environments, not just ideal technical ones (NASEM, 2019).<\/p>\n\n\n\n<p><br><strong>Addressing Equity and Inclusion<\/strong><br>Security engineering isn&#8217;t just about preventing hacks; it\u2019s also about protecting people,<br>especially those most vulnerable to digital harm. Cyberattacks can disproportionately<br>impact marginalized communities, who may lack the resources or knowledge to defend<br>themselves online (SecureWorld, 2024). Engineers who are informed by social science<br>are better equipped to anticipate these risks.<\/p>\n\n\n\n<p>For example, inclusive design ensures that security tools work for people with<br>disabilities, language barriers, or limited access to technology. Engineers might use<br>user research or ethnographic studies to understand how different populations interact<br>with technology (Forward Pathway, 2025). This helps avoid solutions that<br>unintentionally exclude or disadvantage certain groups.<br><\/p>\n\n\n\n<p>In addition, security engineers play a key role in addressing issues like surveillance,<br>data privacy, and algorithmic bias. These are not just technical problems; they\u2019re deeply<br>social ones. A security engineer who understands the historical and societal context of<br>these issues is more likely to advocate for ethical, fair, and transparent solutions<br>(NASEM, 2019; Forward Pathway, 2025).<\/p>\n\n\n\n<p><br><strong>Conclusion<\/strong><br>Security engineers are often seen as purely technical professionals, but their work is<br>grounded in both social science and human-centered thinking. From understanding user<br>behavior to designing inclusive systems, social science principles shape how they<br>approach everyday challenges. As society becomes more connected and more<br>vulnerable, this intersection between technology and the human experience will only<br>become more important. Security engineers who embrace this perspective help ensure<br>not just safer systems, but a more equitable digital world.<br><\/p>\n\n\n\n<p><strong>References<\/strong><br>Hadnagy, C., &amp; Fincher, M. (2015). Phishing Dark Waters: The Offensive and Defensive<br>Sides of Malicious Emails. Wiley.<br>National Academies of Sciences, Engineering, and Medicine. (2019). A Decadal Survey<br>of the Social and Behavioral Sciences: A Research Agenda for Advancing Intelligence<br>Analysis. The National Academies Press. https:\/\/doi.org\/10.17226\/25335<br>SecureWorld. (2024). Minorities and the Cybersecurity Skills Gap: A 2024 Update.<br>https:\/\/www.secureworld.io\/industry-news\/minorities-cybersecurity-skills-gap-2024<br>Forward Pathway. (2025). Marginalized Groups in Tech: Challenges, Inclusive Design,<br>and Cybersecurity Education for a Fairer Digital Future.<br>https:\/\/www.forwardpathway.us\/marginalized-groups-in-tech-challenges-inclusive-<br>design-and-cybersecurity-education-for-a-fairer-digital-future<\/p>\n","protected":false},"excerpt":{"rendered":"<p>How Social Science Shapes Security Engineering in Cybersecurity IntroductionCybersecurity may seem like a field driven solely by technical expertise, butprofessionals in this space increasingly rely on social science to do their jobs effectively.Security engineers, in particular, work at the intersection&#8230; <a class=\"more-link\" href=\"https:\/\/sites.wp.odu.edu\/mahad\/2025\/04\/28\/how-social-science-shapes-security-engineering-in-cybersecurity\/\">Continue Reading &rarr;<\/a><\/p>\n","protected":false},"author":30064,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":1},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/mahad\/wp-json\/wp\/v2\/posts\/291"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/mahad\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/mahad\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/mahad\/wp-json\/wp\/v2\/users\/30064"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/mahad\/wp-json\/wp\/v2\/comments?post=291"}],"version-history":[{"count":2,"href":"https:\/\/sites.wp.odu.edu\/mahad\/wp-json\/wp\/v2\/posts\/291\/revisions"}],"predecessor-version":[{"id":299,"href":"https:\/\/sites.wp.odu.edu\/mahad\/wp-json\/wp\/v2\/posts\/291\/revisions\/299"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/mahad\/wp-json\/wp\/v2\/media?parent=291"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/mahad\/wp-json\/wp\/v2\/categories?post=291"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/mahad\/wp-json\/wp\/v2\/tags?post=291"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}