Discussion about this post

User's avatar
Aman Ibrahim's avatar

Really enjoyed this read

Expand full comment
Tim Ward's avatar

Could not agree more that behavioural science is not being thought about enough in general in the world of cyber security. But companies like Redflags (previously ThinkCyber) have been talking about this since 2017!!!

Even a basic understanding of learning science and behavioural theory will tell you that annual ELearning and phishing sims are NOT the right solutions to this problem. And have no measurable long term impact.

Taking the understanding of bias further, all decisions take place in context. So that is where we have to help people. Delivering interventions in real time, shaping choice architecture and measurably impacting behaviours.

We are seeing change. Forward thinking organisations get this and are seeing incredible measurable reductions in behavioural risk.

Expand full comment
2 more comments...

No posts