Introduction

            The job title of Cybersecurity Analyst is one of the most common among those in the Cybersecurity industry and the demand for the occupation is only expected to grow as time goes on. From 2013 to 2021, the number of unfilled cybersecurity positions grew by 350% and is only expected to rise as time goes on, including the position of cybersecurity analyst (Morgan, 2021). With this in mind, understanding the different skills needed by analysts is important for anyone seeking to enter this field. Technical skills are necessary as analysts will spend a lot of time using technical skills to analyze breaches and implement new software. However, a social aspect is also required for the other duties of analysts, some of which is the writing of reports or discussing new changes with other members of a team. A healthy mix of both technical and social knowledge is needed to excel in the position of cybersecurity analyst.

Social Science Principles and Research

            Numerous aspects of social science principles and research are needed to be a Cybersecurity Analyst, the first of which being Parsimony. Parsimony is the concept of keeping explanations as simple as possible to reduce confusion, a skill very valuable for Cybersecurity Analysts. One of their jobs is to report on the current conditions of the networks and systems they are tasked with watching over, sometimes requiring entire reports to be written (wgu.edu). Overcomplicating the information or using terms that readers of the reports won’t understand would lead to confusion, wasted time, and possibly lost profits depending on the circumstances. This means that analysts must be able to translate their findings into easily understandable information, requiring an understanding of parsimony. Another important principle that analysts need knowledge of is Determinism or the idea that behavior is influenced or caused by preceding events. While it may not seem like it at first, determinism is important to the analyst’s job of “finding vulnerabilities so they can be corrected before a breach occurs” (techbootcamps.utexas.edu). Something mentioned in our curriculum was the idea that cybersecurity professionals must think like criminals when it comes to analyzing what attacks may be launched. It’s important for Analysts to understand why criminals may be committing crimes to pinpoint what they may target and what assets would be the most vulnerable to attack overall. By understanding what events may have led to criminals committing crimes, it’s easier to understand what they are targeting and why they may target, making defense much easier overall. The third principle of social science that Cybersecurity Analysts must understand is objectivity, which is also where cybersecurity research comes in. Analysts must keep up to date with the swathes of research that are constantly released in the ever-evolving field of cybersecurity. Objectivity emphasizes that no theories or opinions can be favored, and that scientist should base their theories on facts. They shouldn’t favor certain findings over others just because they support their assertations, but rather should base theories exclusively on the findings and facts provided to them. By doing this, they can ensure the strategies they use to prevent cyberattacks utilize the best information they have access to that is proven by social science studies to work effectively.  

Marginalized Groups and Society at Large

            Cybersecurity is an important field that is needed in almost every business due to the rapid increase in cyber criminality over the years. Society at large has become more reliant on technology, especially with the introduction of IoT devices and Smart City technology. These technologies have connected us on a wider scale than ever seen before and result in numerous devices exchanging information due to increased connectivity. While this makes our life easier, it also puts us at a greater risk of having our information stolen, as hackers would only need to gain access to one or two devices and could gain access to the rest much easier. This means that Cybersecurity Analysts not only protect the company they work for or the government but also must protect aspects of society at large. According to an article published by hornetsecurity.com, “…85 percent of 1,000 IT decision-makers surveyed said that data was as valuable as a means of payment for overcoming business challenges”, (Sempf, 2019). If data is this important to businesses, it must hold some value to hackers and thus would be a target of cyber-attacks. This means that Cybersecurity Analysts are at the forefront of defending one of the most valuable forms of currency in the world now. Every new stride and advancement in the field of cybersecurity helps society at large and every failure shows how vulnerable we really are. Analysts also have a duty to marginalized groups, as crimes committed against these groups have generally not been taken seriously in the past. While analysts most likely won’t work with these groups directly, marginalized groups still have data to defend and arguably will lose more if their data is breached. While those of higher status may have millions lost or may have to deal with a small inconvenience compared to what members of marginalized groups will lose. Marginalized groups tend to be more impoverished due to systemic factors and their data is one of the most valuable assets they have. If this is lost, it’s much more impactful than if someone of higher status has their data stolen or their accounts breached, and those of higher status will, unfortunately, be put at a higher priority. It’s up to Analysts to listen to the concerns of marginalized groups and take the cybercrimes they deal with seriously, as this will not only lead to fewer overall cybercriminals being successful but can also help prevent marginalized groups from becoming marginalized further.

Cited Sources:

1. Morgan, S. (2021, November 9). Cybersecurity Jobs Report: 3.5 million openings in 2025. Cybercrime Magazine. Retrieved December 5, 2022, from https://cybersecurityventures.com/jobs/#:~:text=Over%20the%20eight%2Dyear%20period,to%203.5%20million%20in%202021.
2. What does a cybersecurity analyst do? Western Governors University. (2022, April 30). Retrieved December 5, 2022, from https://www.wgu.edu/career-guide/information-technology/cybersecurity-analyst-career.html#close
3. Cybersecurity analyst job Description & Role breakdown. UT Austin Boot Camps. (2021, January 28). Retrieved December 5, 2022, from https://techbootcamps.utexas.edu/blog/cybersecurity-analyst-job-description-role-breakdown/
4. Sempf, J. (2019, October 8). The age of information: What makes your data so valuable? Hornetsecurity. Retrieved December 5, 2022, from https://www.hornetsecurity.com/us/security-information-us/data-value/

Of the 11 activities that most people do online without realizing they’re illegal, I think the top five most serious offenses are illegal searches, collecting information on children, sharing the personal information of others, recording voice calls without consent, and faking your identity online. I think faking your identity online is generally the least serious of the five because while there are situations of identity theft that are dangerous, I think most instances of people faking their identity are pranks or creating new identities to take advantage of certain opportunities. “Faking your identity online” could be as complex as stealing someone’s personal information or as simple as creating a fake email to get a free Netflix trial, so I think it really depends on how you are faking your identity. I think recording voice calls would be the next in terms of seriousness because you are violating the privacy of someone but only recording details they are comfortable sharing with you. Depending on who you are, most voice calls will probably contain information that won’t harm someone that badly unless they have said something truly heinous. While personal information could be captured by this process, I don’t think simply having a recording of someone would be dangerous, but sharing it definitely would be, which leads to the next most serious offense. Sharing the information of others online is the midpoint in terms of seriousness in my opinion because someone could get seriously hurt or even killed depending on what it is. For instance, sharing someone’s full legal name and address could simply lead to someone playing a prank on them or to them having a fake bomb threat called in and SWAT units showing up at their house (also known as Swatting). Regardless of what happens, I think the person who shared the information is partially responsible for whatever happens to the person after their information is shared. The second most serious would be illegal searches, as they can contain harmful information or lead to the harm of others depending on what they are. Illegal information can include ways to harm others and searches like this should be taken seriously because ignoring them could lead to the death of many individuals. Finally, I think the most serious offense is collecting information on children because of their position in the world in terms of vulnerability. While parents can protect their kids in the real world, most parents aren’t tech-savvy enough to protect their kids online and most kids are either too young to know better or don’t have the risk assessment abilities to understand the risks of online activities. Additional laws to protect children are necessary to prevent information about them from being gathered and possibly used for ill intentions.

Website: https://clario.co/blog/illegal-things-you-do-online/

Bug bounties are a practice of companies paying unhired cybersecurity and ethical hacking professionals to find vulnerabilities in their systems and paying them based on what is found. The study focuses on two core reasons for bug bounties being used, those being that smaller companies can use the policies to make up for the current cybersecurity specialist shortage and that bug bounty policies tend to locate bugs that members of the company staff may not find. The main goal of the study was to figure out if bug bounty policies actually help all companies and not just large ones, to figure out what motivates bug bounty hunters to submit bugs to organizations, and to find out if bug bounty hunters help find vulnerabilities that the internal teams missed (Sridhar-Ng, 2021). The findings tend to show that hackers are generally not motivated by revenue but usually are more motivated by the ability to gain experience and some may just be looking to do a good deed. Younger hackers may be more eager for experience while more experienced hackers tend to lean towards monetary gain. The findings also suggest that company size and payout does not seem to significantly affect the amount of reports they receive, meaning bug bounty policies are equally effective for all companies of all sizes. This is particularly good for smaller and medium sized companies who can’t afford a large number of skilled cybersecurity professionals (Sridhar-Ng, 2021). Bug bounties are also valuable for companies regardless of industry, although industries with a higher opportunity cost for vulnerabilities tend to receive a small amount more reports than others. New programs also tend to not have much of an effect on the number of reports that companies receive and programs that companies put out tend to receive less reports over time, partially due to a lack of increased bounties. The findings also show that a large amount of variation between programs is unexplained by the factors covered in this study, those being “… revenue, brand profile, and industry…” (Sridhar-Ng, 2021), with “… scope and bug severity…” (Sridhar-Ng, 2021) being two factors that may explain these variations. Overall, bug bounty policies seem to be effective for companies of all sizes and seem to be effective for finding most vulnerabilities as well. 

Article: https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true

Of the many economic theories listed in the Module 11 PowerPoint, the first one that I noticed that related to the sample letter was the idea of Laissez-fare economics, especially the idea of “Laissez-fare” cybersecurity. The letter informed us that the federal government was investigating the breach but we can infer that the government didn’t do anything to prevent it. The government seems to prefer to respond to the incidents after they happen rather than put controls in place at a federal level that stop cyberattacks from happening. While this isn’t necessarily a bad idea, it leaves the businesses to make their own cybersecurity choices for better or for worse, which was worse in this hypothetical scenario. The second theory I noticed that related to the sample letter was the theory of Rational Choice or the idea that individuals and businesses will make economic decisions that benefit them. The business in this scenario made choices preceding and following the incident that they believed to be in their best interest with varying outcomes. Their choice of platform provider seems to be questionable due to the intrusion, but their choice to lend their full power to the police to assist them as well as to tell customers once the time was right was strategic. They made choices based on what would ultimately benefit them in order to make the best recovery they could from the situation. The first social science principle that relates to this is the idea of Parsimony or the idea that explanations should be as simple as possible to avoid confusion. The sample letter explains the situation in a way that can be understood by someone with no cybersecurity knowledge, which is likely most of their customers. By doing this, they can explain the severity of the situation without confusing their customers, ensuring that they are transparent and clear about the incident. The second social science principle that relates to this article is the idea of Objectivity, or that no agenda or point of view should affect the decisions being made. The company is at fault for the attacks but is as objective as possible about what happened, admitting all the facts about the incident and being clear about what happened. By being objective, they can both show their customers that they are willing to own up to their mistakes and ensure that the best outcome is reached due to all information being exposed.

Cybersecurity analysts act as the first line of defense against incidents that may occur and constantly monitor the network for these instances. According to the video, when starting out as a Cybersecurity analyst you generally act as a help desk for cybersecurity incidents and respond to attacks that include phishing or intrusion detection. One social theme is that phishing attacks in general focus on exploiting the vulnerabilities of human workers rather than technology, also known as a social engineering attack. As a cybersecurity analyst, you need to also have good knowledge of social information and what vulnerabilities humans might have that attackers seek to exploit. You may also help patch vulnerabilities or explain new changes to employees, both requiring good social skills to do properly. When discussing possible changes with your employer, you need to have the skills to explain the possible options in terms they will understand and work with them to implement the best defenses. When speaking to employees about new changes or strategies to defend against social engineering attacks, you not only need to be able to explain in terms they understand but need to strategize about possible human vulnerabilities that could be exploited, before working with employees to teach them these strategies. In addition, the video mentions that job is in high demand and that almost every company is going to need a cybersecurity analyst, meaning switching between companies is likely. This means the job also requires the ability to get along well with others and adapt to change, as new companies mean new people to work with and new problems to solve. While being a cybersecurity analyst does require technical skills, a good balance of technical skills and social skills are needed to truly excel at the career.

The article raises an interesting point that information warfare is becoming more important as we move into a more digitized age. Nowadays, information warfare can help countries gain advantages in wars that haven’t even begun yet through various means. The article accurately describes that “By weakening trust in national institutions, consensus on national values, and commitment to those values across the international community, an actor can win the next war before it has even begun” (Beskow, 2019). In addition, social cybersecurity focuses more on the humans that operate devices rather than the devices themselves, which is where it differs from traditional cybersecurity. Russian state media has already combined these factors and has seemingly turned its focus away from its own affairs and towards conducting information warfare on an international scale. Valery Gerasimov, a Russian general, even identified information warfare as an important factor pertaining to Russian warfare in a 2013 article (Beskow, 2019). The article also mentions statements from KGB Maj. Gen. Oleg Kalugin describes Russia’s intentions to drive wedges between every possible crack within the United States and Nato. As the article even says, “A fractured nation is inherently a less potent nation in terms of its ability to withstand an attack” (Beskow, 2019). The article also emphasizes a change in the center of gravity in terms of a shift from focusing on the physical aspect to the human aspect of warfare. This is emphasized by events like the Arab Spring, where numerous regimes were overthrown in the Arab World, showing the power of social media and the human ability to organize against governments. Another important shift is the combination of the decentralization of information and the fact that the internet has eliminated the need for physical proximity when influencing the masses (Beskow, 2019). Overall, nations need to put more focus on the importance of cybersecurity, especially its social and human aspects, when concerning themselves with matters of national defense and information warfare. 

Article: https://www.armyupress.army.mil/Journals/Military-Review/English-Edition-Archives/Mar-Apr-2019/117-Cybersecurity/b/

Article Review Two

By Ned Smith

Introduction

            The paper chosen is titled “The impact of Low Self-control on Past and Future Cyber Offending” and is published by the International Journal of Cyber Criminology. The article was written by Brook Nodeland and published in June 2020 as part of Volume Fourteen, Part One of the International Journal of Cyber Criminology. The article seeks to “empirically examine the relationship between self-control theory and cyber offending”, or to be more specific, “… we examine the role of self-control in the past and anticipated cyber offending behaviors… to explore differences in the influence of self-control on past behavior and likelihood of engaging in future cyber offences” (Nodeland-Morris, 2020).

Methodology

            Data was collected from a midsize southern university from undergraduate students at the college through self-administered questionnaires. Nodeland and Morris note that while the study was conducted in 2010 and may limit the data, it shouldn’t take away from the findings of the study, citing a 2019 Reyns study about the matter. The survey was administered by contacting a variety of professors from a variety of different majors to get the largest and most accurate sample size. The departments contacted included required higher enrollment classes in majors such as political science, computer science, macroeconomics, and as well as criminology classes. The professors were asked to administer the survey at the beginning of their class and to let the students know that the participation was voluntary and that their answers would not be confidential and would only be used for the study. 11 out of 17 teachers agreed, resulting in the participation of 857 students in total, as students were also told not to take the survey if they took it in another class. Only 428 cases ended up being used due to missing data, meaning over half of the total responses were not used in the findings.

Data and Analysis

51.5% of the respondents were non-technical majors while 48.5% were technical majors while 43% of respondents were female and 57% were male. The average age was 22 and the race makeup consisted of 54% White, 21% Asian, 14% Hispanic, 6% other, and 5% African American. 99% of the respondents also reported feeling some level of comfort using a computer. Within the report, table two presents the relationship between cyber-offending and the level of self-control, as the report states “Column 1 establishes a base model for examining cyber offending while column 2 explores the relationship between self-control and cyber offending” (Nodeland-Morris, 2020). The findings indicate a positive relationship between familiarity or knowledge with computers and the rate of cyber offending, as well as a correlation between race and cyber offending. This correlation suggests that non-white individuals are more likely to participate in activities that would be classified as “cyber offending”. While the second column did suggest that higher rates of self-control decreased the likelihood of participating in cyber offending, “…its effect on cyber offending was not statistically significant in this model” (Nodeland-Morris, 2020).

Cyber Principles and Class Material

The most obvious connection this study has to social principles is its connection to the principle of determinism. Determinism is the idea that events one has experienced in the past influence behavior and the decisions one makes down the line. Self-control is something that is learned rather than something people are just born with and its most developed by parents and through the educational system. If people are not taught to have better management of self-control, it can lead to outcomes later in life that impacts people in a negative way. This can include cyber-offending and, as the study has suggested, those who have lower levels of self-control are more likely to participate in cyber offending overall. Another social principle that was important to this study, although not as important as determinism, was ethical neutrality. Ethical neutrality ensures scientist approach and conducts studies from an ethical standpoint and has certain ethics they don’t break. An example of this was the scientist ensuring that no revealing information was released on the identities of the students in the survey and that their answers were anonymous. Another example of this was the scantiest discarding roughly half of the results because of missing information, showing that even if the information would have proved their point, they would not provide it if it wasn’t up to their ethical standards. A topic it relates to from class would be in Module Four when we discussed the various factors that could increase the risk of cyber offending. Among these factors was low self-control, like what the study was discussed in the first place and ultimately sought to prove.

Impact and Relation to Marginalized Groups

The study impacts a variety of subjects, but it mainly serves to provide a link between self-control and the likelihood that an individual will participate in cyber offending. While the study doesn’t provide a definite link, it adds to the idea that the less self-control an individual has, the more likely they are to cyber offend. There are many different possible causes of cybercrime but identifying the root causes that can lead to it can help us prevent it from happening in the future. This knowledge allows experts to have better insight into which individuals are likely to participate in this behavior and thus, which individuals to provide more assistance to help them steer clear of a possible dark future. Examples of assistance could be educating these individuals on the wrongs of cyber offending and, more importantly, the consequences these actions have on others as well as themselves. Another important impact of this study is the fact that it showed information that non-white individuals are more likely to participate in cyber offending than white individuals. The best and most supported explanation for this is that, due to the long history of disenfranchisement and inequality that non-whites have experienced in America, they are generally at a lower economic level than most whites. Inequality is one of the number one indicators of crime and that also pertains to cybercrime, meaning nonwhites are more likely to commit cybercrimes than whites due to a lower economic status. This allows information will add to already overwhelming evidence that something must be done to help lower-income communities. By helping these communities, we can not only raise these communities out of poverty, but we can also prevent a percentage of crime, including cyber offenses.

Cited Study

1. Nodeland, B., & Morris, R. (2020). The Impact of Low Self-control on Past and Future Cyber Offending. International Journal of Cyber Criminology, 14(1), 106-120. http://proxy.lib.odu.edu/login?url=https://www.proquest.com/scholarly-journals/impact-low-self-control-on-past-future-cyber/docview/2404395000/se-2

I scored a 38 out of 135 total, or roughly a 28%, on the test which I was unsurprised by. I’ve never been big on social media, posting occasionally but mainly using it to talk to friends and for entertainment sometimes. I did score higher than I thought in the preoccupation, tolerance, and problems tiers, but it wasn’t a high enough score to really be worried about in my opinion. While I have had trouble in the past going to sleep because I got distracted or having problems not responding to messages, it’s something I’m working on and I’m slowly getting better at. As for the items themselves, I think the questions are perfectly reasonable and line up well with the subject matter of the test. There are a few that I was surprised at and didn’t understand how they would apply to someone, but I think that’s because I’ve never thought about social media addiction and the causes or symptoms of it until now. Overall, I think that while a few individual questions could be worded better, or example situations could be added to make them more clear, the test is a good way to identify those with social media addiction or other harmful disorders linked to social media. I think the reason that we may see different scores in various places across the world is because different cultures may value social media in different ways, as well as developed countries having more access to the technology. For example, the US puts more emphasis on individualism and things of that nature while collectivist countries may value aspects like this much less. This may lead to countries like the US having higher issues because individuals may value social media more, as it allows them to express their individuality better than other avenues.

The media has always influenced our perceptions of numerous issues and topics, and the topic of hacking is no exception. The media often portrays hacking as one of the greatest evils that can be committed during the modern age and movies that include hacking will usually have the hacking result in catastrophic disasters. The hacking will result in leaked information that only causes harm or systems being hacked that cause mass damage to both people and property. While hacking can result in these outcomes, most incidents aren’t this dangerous and usually include small-scale crimes that result in the loss of money or important information, but not world-ending. Another way the media distorts our perception is the way they portray hackers, typically as extremely smart individuals. While hackers are intelligent, they’re gifted mainly in their field and aren’t always extremely intelligent in every field. However, the media will often portray hackers as geniuses who are skilled in many things, as well as being socially inept and having poor hygiene typically. Hackers can have these characteristics but are generally normal people who are simply talented in the field of hacking. The media will also usually treat hacking as something that is always bad or malicious, but this is the most deceptive of all the ways they portray hackers. Many hackers act maliciously, but many also work for companies to help them find vulnerabilities or work for the companies to defend against threats. This is why there are terms for good and bad hackers (white, grey, and black hat hackers) and hacking itself is an activity, rather than a blanketed crime. Overall, the media hasn’t been kind to hackers, but as awareness of cybersecurity increases, hopefully, the reputation of those gifted in the field will as well.

The meme I created shows a group of individuals sitting around a table, all looking distressed while one stands near the front of the room, seemingly the leader of the workers. This individual seems to be emphasizing something and seems to not be in the best of moods, most likely due to the actions of the workers. The top text of the meme says “We have meetings like this every week because people think those ‘free car’ emails are legitimate”, referencing a common spam email tactic. Hackers will sometimes email users that they’ve won something free like a car, acting as a generous organization or as a car manufacturing company. They’ll then request sensitive information or spread a virus to the user’s computer once the link is clicked, leading to disastrous outcomes, especially if the information provided relates to the user’s work or financial information. The bottom text says “But a human factors program would be ‘too costly’ and ‘time-consuming’ right?”, implying that higher management does not want to implement the program due to its cost. The joke is that the company has a cyber-breach due to human vulnerabilities every week, but refuses to implement a program or department that could fix the problem due to fears about the cost. This is sort of ironic because they are losing more money in the long term by allowing these breaches to continually happen instead of spending money to maintain a human factors department to prevent cyber breaches from happening due to human vulnerabilities.