Off Script

Why the cyber security industry needs to hire more anthropologists

Episode #06 · 26th March, 2021 · 53 minutes · James Hall and Josh Nesbitt

Why does the cyber security industry need to hire more anthropologists? Because the criminals already are.

By 2025 it is estimated $10.5 trillion will be lost to cyber criminals. Hacking humans is a very lucrative business.

Social engineering is one of the easiest and most effective ways to access a secure system. Cyber criminals know this, and they are increasingly leaning on the research and techniques of the social science disciplines to leverage the human element into letting them into our lives, our businesses and our bank accounts. Yet, while the security industry is always striving to be ‘one step ahead’ of the criminals in terms of technical capabilities, it often neglects the need to consider the very social nature of hacking.

As more of our lives are now online, how can security practitioners increase security awareness and build up our resilience to unite against malicious actors looking to leverage our weakest, but what could be our strongest, defences in cyber-warfare - our people?

This discussion puts people and social science at the centre of the solution. Utilising anthropological theories and methodologies - such as reciprocity, participant observation and tribalism - Lianne will demonstrate why cyber security teams need to hire beyond technical expertise and look towards the social sciences for the next advancements in cyber fortification to respond to this ever-increasing threat.

To face this threat, we need to readdress the fact that technology does not exist without human interaction. Cyber security practitioners must cater for a wide breadth of expertise, capabilities, experiences, cultural norms, along with all equalities and disparities that frame these individuals. This task is not one for the computer scientist alone and it highlights the urgency to address this problem from an anthropological perspective.