Title: Enhanced Cybersecurity Through Social Science: A Critical Review of Lanz’s Analysis on Critical Infrastructure

Name: Zufan Abebe

Date: 03/24/2024

Introduction
Zachary Lanz (2022)’s “Cybersecurity Risk in U.S. Critical Infrastructure: An Analysis of Publicly Available U.S. Government Alerts and Advisories” is examined for its social science principles, research methodology, data analysis, and implications for marginalized groups and societal contributions.
Understanding of Social Science Principles
Lanz’s research links cybersecurity and social sciences through three key principles:
1. sociological Dynamics: Lanz uncovers the sociological underpinnings of cyber threat actors’ behaviors and motivations, complementing our course talks on how society values and conventions affect cybersecurity practices.
2. Communication and Information Sharing: The study emphasizes the importance of cybersecurity community communication in addressing threats collectively.
3. Cybersecurity Subcultures: Lanz’s threat actor classification shows cybersecurity’s varied subcultures, echoing social science’s in-group and out-group dynamics.
Research Questions and Hypotheses
Lanz believes that better knowledge of publicly shared cyber threat intelligence might strengthen critical infrastructure defenses. The study seeks to identify threat actor tendencies and public information dissemination effectiveness.
Research Methods
Lanz painstakingly analyzes 1574 U.S. government warnings and advisories using Profiler Plus. This methodological technique allows for granular data analysis, allowing a thorough assessment of cyber threat intelligence’s state and dissemination effectiveness.
Data and Analysis
Lanz’s analysis reveals threat actor methods, favored targets, and highly vulnerable critical infrastructure sectors. The report simplifies the threat landscape by visualizing data, helping readers comprehend how cyber risks evolve.
Relation to Class Concepts
Lanz’s findings and technique match four key curriculum concepts:
1. Threat actor profiling emphasizes knowing the enemy’s psychology and tactics.
2. Information sharing and community-based defensive tactics are crucial, as our study on cybersecurity as a social duty shows.
3. Investigating cyber hazards in critical infrastructure protection strengthens the coursework’s focus on protecting key services.
4. Evolving cyber threats emphasize the necessity for adaptive security solutions, a staple of cybersecurity resilience debates.
Impact on Marginalized Groups
Attacks against key infrastructure, such as healthcare, energy, and water utilities, can destabilize society, which indirectly addresses underprivileged groups’ concerns. The disproportionate impact of these disruptions on underprivileged populations highlights the need for inclusive cybersecurity laws and practices that protect all sections of society.
Contributions to Society
Lanz’s study improves society in two ways:
1. Enhanced Public Awareness: The study analyzes public alerts and advisories to raise awareness of critical infrastructure cyber threats and advocate for a well-informed public as a defense.
2. Strategic Insights for Cybersecurity procedures: The analysis delivers actionable intelligence to improve cybersecurity procedures and strengthen critical infrastructure cyber defenses.
Conclusion
Lanz’s (2022) study on cybersecurity and social science concepts improves our understanding of threat actors and community-based protection tactics. The research emphasizes the importance of cybersecurity in preserving society functioning and well-being by addressing cyber risks and their broader societal ramifications, particularly for excluded populations.

References
Z. Lanz (2022). Cybersecurity Risk in U.S. Critical Infrastructure: An Analysis of Publicly Available Government Alerts and Advisories. International Journal of Cybersecurity Intelligence & Cybercrime, 5(1), 43-70.