Information Security Analysts and the Social Sciences

Posted by rmoss006 on

            Information security analysts protect an organization’s computer systems and networks. While largely considered a career focused on technological aspects of security, this role benefits from viewing cybersecurity as a multidisciplinary field and how cybersecurity relates to social structures. Information security analysts have a career which highlights the relativistic nature of cybersecurity, requires an understanding of social sciences such as psychology, and is greatly impacted by the lack of diversity within the field.

            Most, if not all, organizations have data they desire to or are required to protect. This means that information security analysts are desirable in nearly every type of field (“How to Become” 2022). Additionally, different fields may have different regulations which they must follow, for instance health care industries in the United States must abide by the Health Insurance Portability and Accountability Act which regulates how they handle personal identifying information. This interplay between government, health care, and cybersecurity speaks to the interdisciplinary nature of information security analysts as a career.

            According to Verizon’s annual Data Breach Investigations Report, 82% of data breaches in 2022 were impacted by the human element, be it by error, misuse, or social attack (Bassett et al. 2022). As a role concerned with preventing these breaches, addressing the human factors is paramount for information security analysts. To address these holes, education in psychology could go a long way in helping information security analysts in their duty. According to McAlaney et al. (2018), “a greater knowledge of psychology by cybersecurity practitioners and students may better equip them to understand and address some aspects of cybersecurity.”

            Marginalized groups are still largely unrepresented within the field of cybersecurity. Less than one quarter of cybersecurity employees are women (Chamlou 2022), and Black, Hispanic, and Native populations fall short of labor force representation and the general U.S. population (Ho and Browning 2020). This poses a significant problem for information security analysts trying to protect data. According to Diedre Diamond:

The bottom line is the breaches and the things that we’re trying to prevent [come from] all cultures, all genders, all ages, all over the world… We are supposed to be able to think like attackers, but we can’t understand every culture… So, in cybersecurity more than anywhere, we have to have diversity. If we don’t bridge these gaps — if we don’t become security-minded citizens, nevermind business people — then we will lose the digital war, if you will (Chamlou 2022).

Additionally, studies have shown great benefits to increasing diversity in other ways, such as better decision-making and less employee turnover (Chamlou 2022).

            Social science concepts deeply affect the careers of information security analysts. The relativistic nature of society influences what an information security analyst is expected to protect and govern how they are expected to protect it, social science fields provide possible new vectors for addressing security holes, and a lack of diversity within the field of cybersecurity may be creating blind spots in security posture. It would be a grave mistake to ignore the ways social science can benefit the field of cybersecurity.

References

  • Bassett, G., Hylender, C. D., Langlois, P., Pinto, A., & Widup, S. (2022, May 23). 2022 Data Breach Investigations Report. Verizon Business. Retrieved December 4, 2022, from https://www.verizon.com/business/resources/reports/dbir/
  • Chamlou, N. (2022, November 16). Why diversity in Cybersecurity Matters. Explore Cybersecurity Degrees and Careers. Retrieved December 4, 2022, from https://www.cyberdegrees.org/resources/diversity-in-cybersecurity/
  • Ho, L., & Browing, C. C. (2020, September 10). Cybersecurity and anti-racism. Medium. Retrieved December 4, 2022, from https://medium.com/berkeleyischool/cybersecurity-and-anti-racism-294c0906d83b
  • How to become an information security analyst: Salary, skills, and more. Coursera. (2022, October 19). Retrieved December 4, 2022, from https://www.coursera.org/articles/information-security-analysts-what-they-do
  • McAlaney, J., Taylor, J., & Thackray, H. (2018, November 12). Behaviour Change: Cybersecurity. Retrieved December 4, 2022.

Leave a Reply

Your email address will not be published. Required fields are marked *