Career Paper

Insider Threat Analysis and Social Science

Cynthia Espinosa

CYSE201S Fall 2024

11/24/2024

An Insider Threat Analysis is responsible for identifying the capabilities and activities of insider threats within cybersecurity. Their findings help support law enforcement and counterintelligence activities and investigations (Insider Threat Analysis, n.d.). Insider Threat Analysis use varying social science principles throughout their work.

Psychology

Humans must be factored into cybersecurity risk assessments to understand the impact their behavior can have on network security. Humans can act as risk mitigators or risk inducers (King, et al., 2018). Insider Threat Analysis use psychology to assess the behavior of individual victims, witnesses and suspects during cybersecurity investigations. They develop ways of eliciting information covertly. They assess the behavior of individuals during cybersecurity investigation (Insider Threat Analysis, n.d.).

Sociology

There are many factors that may contribute or explain why people do the things they do. Different theories were developed to rationalize human behavior and how it fits into how they function in a society. Conflict theory suggest that crimes is a result from social and economic in equalities. Social Learning theory suggest that crime is learned through interactions with others. Insider threat analysis conduct insider threat risk assessments to identify potential insider threats. They establish a threat risk management assessment program and evaluate organizations insider risk response capabilities. They identify anomalies in network activities, identify potential threats and recommend remediation strategies. Insider threat analysis notify appropriate personnel of imminent hostile intentions or activities (Insider Threat Analysis, n.d.).

Economics

Insider threat analysis acquire resources to support cybersecurity program goals and objectives (Insider Threat Analysis, n.d.). Companies with resources are likely to be able to afford to develop and implement cybersecurity best practices. Companies like small businesses have less resources to implement cybersecurity practices and might not be able to afford to hire IT professionals and therefore are likely to be more vulnerable to exploitation (Strengthen your cybersecurity, n.d.).

Criminology

Insider threat analysis document and process digital evidence. They investigate alleged insider threat cybersecurity policy violations and refer cases on active insider threat activities to law enforcement investigators (Insider Threat Analysis, n.d.).

Geography

Cybersecurity does not just affect one country; it is a problem around the world (King, et al., 2018). Insider Threat Analysis coordinate with internal and external incident management partners across jurisdictions (Insider Threat Analysis, n.d.).

Conclusion

The use of technology as developed so much over the past several decades.  People in society are very codependent on their technological devices. Technology has also advanced the way people commit crimes. They are many studies and theories that explain possible reasons for individual’s behaviors and why they commit crime. Those in power and with more resources are more capable to defend and protect their interest than those who possess less power and resources. The role of the Insider Threat Analysis is extremely important to combat the threat that humans pose in rendering a network vulnerable and exploited. They use many aspects of sociology principles to be successful in their role. They leverage their understanding of psychology, sociology and economics to provide insight into possible threats and how to protect against them. They know how to read individuals behaviors, they study historical analysis of threats, assess current anomalies in networks and share their finding with others in law enforcement and the counterintelligence communities. 

Reference:

Insider Threat Analysis. (n.d.). Retrieved from NICCS: https://niccs.cisa.gov/workforce-development/nice-framework/work-role/insider-threat-analysis

King, Z. M., Henshel, D. S., Flora, L., Cains, M. G., Hoffman, B., & Sample, C. (2018).   Characterizing and measuring maliciousness for cybersecurity risk assessment. Frontiers in    Psychology9. https://doi-org.proxy.lib.odu.edu/10.3389/fpsyg.2018.00039

Strengthen your cybersecurity. (n.d.). Retrieved from SBA: https://www.sba.gov/business-guide/manage-your-business/strengthen-your-cybersecurity

Insider-Threat-Analysis-and-Social-ScienceDownload