“Malware Analyst” Cybersecurity Career Professional Paper – Aidan Blanco

According to Bowcut, a malware analyst uses “their programming ability to gain an understanding of how an attack was deployed, why it wasn’t successful, and most importantly how it can be defended against.” This analysis is the process of studying malicious software to determine its behavior, characteristics, and impact on systems and networks. The individuals that work in this field require a deep understanding and knowledge of technology and the specific aspects of malware. “The ability to work with various high-level programming languages is important. The use of specialized and sophisticated digital tools will be required” (Bowcut). In this paper, we will explore how malware analysts require and depend on social science research and social science principles, how concepts and the material learned in class are demonstrated, applied, and related to this career, and how it relates to marginalized groups and society in general.

Social science research helps most careers, and especially cybersecurity careers. For malware analysts, it helps them better understand the motivations and behaviors of those individuals who performed the cyber attack. Also, the motivations and behaviors of communities and networks that they operate can be better understood. Studying these factors help them develop effective strategies for identifying and preventing the effects of the malware. Adding on to social science research, social science principles also help in the career of malware analysis. For example, rationalism and gaining trust. Malware analysts can improve the security from malware authors by working with other organizations or researchers by building that relationship, ensuring that protection.

Social science research can also help malware analysts to better understand how marginalized groups are affected by malware. For example, people with lower incomes may be more likely to use older technology and devices, which then would be less secure, making them more vulnerable to malware. Also, third-world countries may be more likely to use illegal software or visit websites that have malware. By understanding these social and economic factors, malware analysts can develop better and effective strategies to protect vulnerable populations from malware. Also, Anthony’s article states that “Vulnerable or marginalized people in Africa depend on the digital economy to maintain their livelihoods and access critical services. Yet they could be driven from that economy if their cyber resilience isn’t strengthened.” There is the focus on institutions such as banks, companies, and organizations for protection against malware. However, it needs to be turned onto the marginalized groups, and those individuals and communities, who are more vulnerable. Without that protection, they will turn away from the digital economy.

Furthermore, social science principles can help malware analysts to better understand the impact of malware on society as a whole. Malware can cause significant economic damage and compromise sensitive information. By understanding these impacts, malware analysts can develop more effective strategies for preventing the effects of malware, and can work to ensure that the benefits of technological innovation are enjoyed by all technology users of society. According to Digital Transition, “Recent surveys show that 60 to 90% of cyber incidents are caused by human error. In view of such alarming numbers and of the economic and strategic risks entailed, it is becoming imperative and necessary to rethink cybersecurity.” They also state that “in the future, “a greater knowledge of psychology by cybersecurity practitioners and students [technical side] may better equip them to understand and address some aspects of cybersecurity [human side].”

On a routine basis, malware analysts will be called up to examine suspect code and determine if it is a malware attack. They have the opportunity to examine and protect against the attack before harm is done. Relating their routine to key concepts and materials in class, the principle of determinism can be one. According to Britannica, determinism is “a situation in which a person makes a certain decision or performs a certain action, it is impossible that he or she could have made any other decision or performed any other action.” This relates to computer malware because figuring out what made them perform cyber attack(s) can potentially help malware analysts and be beneficial for them to create better security. Also, cybercrime victimization; specifically reports and happenings relate to malware analysis. These analysts read, hear, and even talk to the victims of malware. This helps a lot in their process of developing protection because user/peer feedback is very beneficial. They can find solutions and fix technology if needed.

In conclusion, professionals in malware analysis require and depend on social science research and social science principles in their work. As the constant growing field of cybersecurity staffing shortage grows, the demand for qualified malware analysts does as well. Many key concepts and material from class, such as the relation between economics and cybersecurity, principle of determinism, and cybercrime victimization, are very related to the career/routine of malware analysts. This field is essential to protecting individuals and organizations from the growing threat of cybercrime, and social science research and principles play a critical role in this effort.

References (APA Format)

  1. Anthony, A. (2023, March 13). Cyber resilience must focus on marginalized individuals, not just … Carnegie Endowment For International Peace. Retrieved April 9, 2023, from https://carnegieendowment.org/2023/03/13/cyber-resilience-must-focus-on-marginalized-individuals-not-just-institutions-pub-89254
  2. Bonfils, G., Deblock, F., Biseul, X., Beyrouthy, A., Joos, T., Dalleau, R., Stamboliyska, R., Dreidemy, P., Bouille, A., Charnay, A., Amos, Z., Cimelière, O., Auxenfants, M., & Rebuffi, L. (2021, September 2). Social Science and cybersecurity: A key challenge for the future. InCyber. Retrieved April 9, 2023, from https://incyber.org/en/social-science-and-cybersecurity-a-key-challenge-for-the-future/
  3. Encyclopædia Britannica, inc. (n.d.). Determinism. Encyclopædia Britannica. Retrieved April 16, 2023, from https://www.britannica.com/topic/determinism 
  4. Steven Bowcut. (2023, March 27). How to become a malware analyst: A Complete Career Guide. Cybersecurity Guide. Retrieved April 9, 2023, from https://cybersecurityguide.org/careers/malware-analyst/