Want to understand how we incorporate behavior science and cyber security? Download the presentation we gave to the Center for Medicare and Medicaid Services’ Security Control Oversight & Update Training (CSCOUT) conference in August, 2015.
People’s behaviors are currently a major source of cyber security threats.
Source:
1. PwC, The Global State of Information Security Survey, 2015
2. Dell SecureWorks, Hackers Sell Health Insurance Credentials, Bank Accounts, SSNs and Counterfeit Documents, for over $1,000 Per Dossier, July 15, 2013
3. PwC, The Global State of Information Security Survey, 2015
A closer look at the nature of cyber security incidents pinpoints that relying on technology is not enough. Most of incidents are not caused by a technological failure, but human errors that could have been prevented through a more holistic approach.
Technology-centric and compliance-driven cybersecurity initiatives deepen the gap between the need to protect company assets and the reliance on connectivity to thrive as a business.
This gap is what drives the wrong human behavior and increase human errors, putting the entire organization at risk.
When the solutions include the people side, cybersecurity becomes everyone’s responsibility.
Software and Hardware performance is what most companies focus on
Human performance relates to adopting the right culture, expressed through safe behaviors
Process Performance relates to the operating model of your cyber security approach
Leadership performance relates to the commitment and support provided by the C-suite and the board
Focusing on human behavior when designing cyber security technologies, training users on cyber threats and reinforcing compliance is widely recognized as a key element of success. When users are given the tools to recognize cyber threats, they are able to behave in the right way.
Consider which type of security warnings will be most effective in triggering the right behaviors. For example, active warnings will require the user to deliberately decide accessing a web site or downloading an attachment.
Perceptual learning in humans occurs when a person is repeatedly exposed to specific stimuli (information). Perceptual learning involves long lasting and amazing changes to the human perceptual system that incredibly improve one’s ability to respond to the environment.
When training your users or your business partners, use scenario based training that puts individuals under the test. By training them frequently, you will use the effect of “being watched” to your advantage: users are more alert and want to pass the test every single time.
When behavioral science is applied to your communication, you will be able to maximize the effectiveness of your message
Video: Leonard conducting w/o moving a figure because everyone already knows what to do… (from TEDTalk on leadership – he’s there and moving his head, but it’s not very intense.
Make sure you link back with the very first slide as we opened up the presentation with one of his quotes
***If you’re on a Mac***
Watch from 2:22s to 3:32s : https://www.youtube.com/watch?v=oU0Ubs2KYUI
Video: Leonard conducting w/o moving a figure because everyone already knows what to do… (from TEDTalk on leadership – he’s there and moving his head, but it’s not very intense.
Make sure you link back with the very first slide as we opened up the presentation with one of his quotes
***If you’re on a Mac***
Watch from 2:22s to 3:32s : https://www.youtube.com/watch?v=oU0Ubs2KYUI