The Cyber Analyst Role and its Connection to the Social Sciences
Cybersecurity is a burgeoning field, with a myriad of jobs tackling specific challenges and filling narrow niches in the digital world. Cybersecurity is interdisciplinary, and many jobs bleed across technical and social science areas through their tasks and missions. One job in particular, the Cybersecurity Analyst, or CYSA, has distinct connections between the fields of social science and mechanical areas of cybersecurity. As CompTIA describes themselves, the job of a CYSA is to ensure security operations, understand threat intelligence and threat hunting, respond and manage incidents, as well as understand vulnerability management and reporting. (CompTIA 2023) To accomplish these goals, an analyst may use intrusion detection and prevention systems or a system information/event manager. It takes more than knowledge of these, more technology-based devices to keep systems secure. There are four social science principles that I feel are essential to be successful in the cybersecurity analysis field, those being the understanding of human factors, relativism, sociology, and the understanding of the unique interdisciplinary nature of the field. On top of this, I will discuss the cybersecurity analyst’s broader, positive impact on society. With cybersecurity rapidly growing, there are a multitude of unique jobs that help keep cyberspace safe.
As previously stated, there are social science principles that have an outsized role within the cybersecurity analysis field. Looking at how human factors are involved with technology is key. Humans may interact with technology in a way that wasn’t intended, allowing users to become victims, with their actions being leveraged against them, their systems, and their networks. As stated previously, this doesn’t always mean that technology is involved. Social engineering feeds off distinctly human factors, such as being too trusting. This can be exploited, as seen specifically with elicitation. Christopher Hadnagy writes in his book “Social Engineering: The Art of Human Hacking” on the more human side of cybersecurity. Hadnagy uses a poignant example of elicitation, where whilst testing the security of a company, a benign conversation at a bar resulted in a company-wide breach. As he says, “Elicitation skills are what made the questions flow smoothly and what made the target feel comfortable answering my questions.” (Hadnagy 2011) A cybersecurity analyst would understand the potential threat of unintentional employee leaks, and host companywide training against social engineering, attempting to mitigate or prevent human vulnerabilities. On an aside, the principle of parsimony assists in this. When creating a training course, it should be as simple as possible, with no extra, redundant, or overly complex procedures. Sociology bleeds right into this conversation. As stated in the course, sociology is the study of social life and interactions. As seen above, social engineering done through casual interactions can be devastating. Sometimes, an attack can be a broad barrage of information, with the goal of subverting an institution. A cybersecurity analyst’s job is to ensure proper procedures are followed, recognizing and identifying potential hazards. Sociology within the analyst role lends to this idea of “social cybersecurity”. Meaning, that analysts utilize mitigation techniques to “…identify, counter, and measure (or assess) the impact of influence campaigns…” (Kathleen, 2020) Understanding social engineering as well as sociology is paramount in the cyber analyst role, as you must understand the process of how an attacker and potential victim may think in any given scenario. Lastly, and most importantly in my opinion, a cybersecurity analyst must have an interdisciplinary and relativistic mindset whilst working in the field. When conducting analysis, one mustn’t rely upon one area. As the infosec institute describes, one must have an understanding of computing, security tools, human interactions, communications, critical thinking, and analytic skills. (infosecinstitute, 2023) The work of an analyst is extremely broad, involving areas from sociology to computer engineering. All this to say, if not already accentuated, cybersecurity analysts must combine multiple skills through interdisciplinary study and research to be successful.
Cybersecurity affects everybody. Breaches occur daily, affecting every group, rich or poor, large or small. In particular, though, the cybersecurity analyst can assist best in defending small businesses. Large companies and corporations can afford third-party institutions and software to facilitate monitoring and mitigation. A lone analyst may be all a small company, or ‘mom and pop’ shop can recruit, making these cybersecurity analysts crucial in the defense of these businesses. On top of this, freelance analysts in many cases volunteer their time and resources to small web and indie projects. This volunteerism in many cases assists in keeping small, grassroots projects safe from the basic vulnerability pitfalls. The cybersecurity analyst’s role is multifaceted, being not the only one to provide training material and first respond to incidents, but in many cases, the last line of defense in disaster recovery and mitigation.
References
“Cybersecurity Analyst+.” CompTIA.Org, Computer Technology Industry Association , www.comptia.org/certifications/cybersecurity-analyst. Accessed 20 Nov. 2023.
“Cybersecurity Analyst Job Description & Role Breakdown.” UT Austin Boot Camps, UTAustin, 28 Jan. 2021, techbootcamps.utexas.edu/blog/cybersecurity-analyst-job-description-role-breakdown/.
Morrow, Susan. “Cybersecurity Analyst Job Description.” Infosec, infosec institute , 24 Mar. 2022, resources.infosecinstitute.com/careers/soc-analyst/cybersecurity-analyst-job-description/.
Hadnagy, Christopher. “Social Engineering: The Art of Human Hacking.” Google Books, Wiley Publishings, 2011, books.google.com/books?id=9LpawpklYogC&lpg=PT7&ots=vdesHQd7ON&dq=The+act+of+human+hacking&lr&pg=PT70#v=onepage&q=human%20factors&f=false.
Carley, Kathleen M. “Social Cybersecurity: An Emerging Science – Computational and Mathematical Organization Theory.” SpringerLink, Springer US, 16 Nov. 2020, link.springer.com/article/10.1007/s10588-020-09322-9.