What are security psychological disadvantages?

By Laura Baker, CyberWyoming

In the previous cyberpsychology blog, we talked about the the Role of Psychology in Enhancing Cybersecurity by Brenda K Wiederhold and fighting the hackers’ psychological assaults with our own psychology of culture building.

Here is what Widerhold says is most important.

1. Understand the behavioral economics governing people’s perception of risk and reward.

This used to be called hyperbolic discounting in a previous study.  What is it?  It is when you say, “Well the information is already out there so I don’t need to take any more precautions to protect it.”  Widerhold’s study found that more people are likely to reveal personal and confidential information in less formal settings.  So, think social media and casual conversation here.

2. Identify patterns of criminal and malicious activities.

It is important for managers in operations as well as IT to take responsibility for security.  After all, IT can’t be everywhere all the time.  Operations managers know their business and can more easily spot patterns.  Jothi Dugar, CISO and keynote speaker at the 2020 Wyoming Cybersecurity Conference, identified and created stakeholders by key function and business unit in her organization. Those stakeholders became the cyber leaders for those functions and business units.

3. Advise legislators and steering groups on the psychological and the social impact of cybercrime.

Widerhold says that fragmented legislation is one of the major factors that hinder fighting cybercrime.  While she studied 64 countries, you can see that within the US as well.  Did you know that if a business has a data breach they have to follow the laws of the customer’s state? Wouldn’t it be better if we were  more aligned?  It certainly would save time and  money!

In Wyoming the FBI’s Internet Crime Complaints Center said that our citizens reported over $8 million in losses in 2019. (I’d say this is a social impact!)

4. Raise public awareness of cybersecurity risks.

The Wyoming CAN Committee has been working on public service announcements to raise all Wyoming citizens’ security awareness.  The problem is money.  Since the Fairness Doctrine was removed in 1987, mainstream media is no longer required to donate a percentage of their time for public service announcements.  Remember watching Saturday morning cartoons and School House Rock?  That was a public service announcement.  Sing it with me…“I’m just a bill yes I’m only a bill and I’m sitting here on capitol hill.”

So, we compromised and created the Cyber in a Box Library program which the State Library distributes.  It is a start, but we have big plans for the future.

5. Understand the impact of cybercrime on victims’ behavior through all the stages of victimization.

The BBB study, https://www.bbb.org/ExposedtoScams, agrees.  They suggested that people feel ashamed and embarrassed when they become victims and we need to get past that and help them through it. Wyoming’s state statute 40-12-509 Factual Declaration of Innocence After Identity Theft gives the consumer the power to petition the court for factual innocence where the perpetrator has been caught, seals the records, and puts the consumer in the Attorney General’s database. But, the victim has to surrender their fingerprints. (Frankly, this doesn’t seem very consumer friendly and Wyoming should work on this a bit.)

Join Wyoming’s Cybersecurity Competition for Small Businesses and learn how to combat cybersecurity with your organization’s culture and know-how.  Register now. The competition starts Feb 1.  info@cyberwyoming.org or download the registration page at www.cyberwyoming.org/competition

FREE to Wyoming small businesses because of our members and sponsors!

For more on cyberpsychology, watch CyberWyoming’s blog site.  We have more to discuss in the coming days!

Share:

Register to Receive the Tech Joke of the Week!

This Week's Joke:

How many programmers does it take to change a light bulb?

None, it is a hardware problem!

More Posts: