How emotions shape human behavior in cybersecurity

People are critical to advancing cybersecurity on all fronts, whether it’s keeping an organization safe or building safer software. Using security software or rolling out an awareness course is not enough. You need to understand how people interact with the system and where following best practices fails them – and why.This allows the creation of user-friendly policies that make people feel supported instead of hounded for their mistakes. A more empathetic approach to building relationships with cybersecurity (specialists, concepts, and practices) encourages people to ask for help when they identify a potential threat because they don’t feel judged.Our guest today is Erlend Andreas Gjære, co-founder & CEO of Secure Practice, a Norwegian company that creates data-driven tools to engage, influence, and cultivate security within organizations. He specializes in security and people, focusing on security awareness, training and culture, human risk, behavior, and user experience. In this episode, you will hear about the role of emotions in human behavior as it manifests and relates to cybersecurity, based on Erlend’s experience as a researcher. You’ll also learn why communication is one of the most important components of making things work in this space. Additionally, you’ll discover real examples that show why fear-based communication is ineffective in getting people to adopt a safer behavior.In this episode, you will learn:How Erlend’s experience as a research scientist shaped his mission in cybersecurity (05:27)Why having management backing is not the most important element for building a security-focused culture (07:53)Real examples of the range of emotions that cybersecurity triggers in people (19:49)How using fear-based communication damages the willingness to act on security advice in the long run (24:32)How specialists’ familiarity with cybersecurity makes them underestimate the complexity of concepts and advice they give people (32:16)A practical example of how to make a good business case for using empathy to advance secure behavior (34:49)Resources: Book: Nonviolent CommunicationStudy: Rule breakers, excuse makers, and security championsSecurity Practice - Exit ReportConnect with Erlend:WebsiteLinkedInTwitterSecure PracticeLet’s connect!WebsiteLinkedInTwitter

There are no comments yet.

Please log in to write the first comment.