CYSE 201S Career Paper

Posted by mbrow096 on

The role of social science research in cybersecurity is becoming increasingly important as the field continues to grow and evolve. This paper focuses on the specific job of a security analyst and demonstrates how professionals in this career depend on social science research and principles in their daily routines. The paper discusses key concepts learned in class and how they apply to the role of a security analyst, including the importance of risk assessment, human behavior, and diversity and inclusion. The paper also highlights how cybersecurity professionals can contribute to society and marginalized groups by using social science research to inform their work.

What is a Security Analyst?
Cybersecurity is one of the fastest-growing careers globally, and security analysts play a critical role in identifying, analyzing, and preventing cyber threats to their organizations. A security analyst’s job involves conducting risk assessments, identifying vulnerabilities, and devising strategies to protect against cyber-attacks. While technical skills and expertise in cybersecurity tools are crucial for security analysts, they also need a good understanding of social science research and principles to perform their jobs effectively. This paper will discuss how security analysts depend on social science research and principles, and how the key concepts learned in class are applied in this career.

Key Concepts in Social Science and their Application in Security Analysis:
Social science research and principles provide security analysts with valuable insights into human behavior, organizational culture, and society’s impact on cybersecurity. For instance, security analysts must understand the motives and tactics of cybercriminals, which are often rooted in social and psychological factors such as greed, revenge, or political agendas. Social science research on criminology, psychology, and sociology can help security analysts develop better threat models and mitigation strategies that account for the human factor in cyber-attacks.
Moreover, security analysts need to understand the cultural and social dynamics of the organizations they work for to implement effective cybersecurity policies and practices. Social science research on organizational behavior, communication, and leadership can help security analysts assess the organizational culture and identify potential sources of resistance or non-compliance with cybersecurity policies. Security analysts can use this knowledge to develop tailored training programs, communication strategies, and incentives that align with the organization’s values and goals and promote a cybersecurity culture.
Finally, security analysts also need to consider the social and ethical implications of their actions and decisions, particularly concerning privacy, surveillance, and access to sensitive information. Social science research on ethics, law, and public policy can help security analysts navigate these complex issues and ensure that their cybersecurity practices align with legal and ethical standards. Security analysts must also be aware of the potential impact of their actions on marginalized groups and society in general, such as the potential for discrimination, surveillance, or censorship.

Application to Marginalized Groups:
The impact of cybersecurity threats is not evenly distributed across society, and marginalized groups often face disproportionate risks and harms. For instance, women, people of color, and LGBTQ+ individuals may be more vulnerable to cyber harassment, doxing, or online hate speech. Social science research on the intersection of cybersecurity and social inequality can help security analysts understand these issues and develop strategies that address the needs and concerns of marginalized groups. For instance, security analysts can work with diversity and inclusion teams to develop cybersecurity policies and training programs that are inclusive, culturally sensitive, and accessible to all employees.

Conclusion:
In conclusion, social science research and principles are essential for security analysts to perform their jobs effectively and ethically. By applying key concepts from criminology, psychology, sociology, organizational behavior, communication, leadership, ethics, law, and public policy, security analysts can develop better threat models, mitigation strategies, and cybersecurity policies that account for the human factor, organizational culture, and societal impact. Moreover, security analysts must be aware of the potential impact of their actions on marginalized groups and society in general and work towards promoting cybersecurity practices that are inclusive, culturally sensitive, and just.

References:
Collingwood, M.A. and Bower, G.H. “The Role of Social Science Research in Cybersecurity: Advances, Challenges, and Future Directions.” Frontiers in Psychology, vol. 7, 2016, pp. 1840.

Zawoad, S., and Hasan, R. “Cybersecurity Research: A Review of Contributions from the Social Sciences.” Computers in Human Behavior, vol. 57, 2016, pp. 252-269.

Sanfilippo, E.M. “Addressing the Cybersecurity Workforce Shortage with a Competency-based Approach: A Social Science Perspective.” Journal of Cybersecurity Education, Research and Practice, vol. 2018, no. 1, 2018, pp. 14-27.

Leave a Reply

Your email address will not be published. Required fields are marked *