Thinking About Thinking: Exploring Bias in Cybersecurity with Insights from Cognitive Science
When situations are less than clear cut, our initial reactions and decisions can be driven by unconscious biases. Whether it’s what’s in the news, what we expect the data to tell us, or what we think we know about groups of people, when we use our intuition or automatic thinking to make quick decisions, biases can lead us down the wrong path.
In this report, we explore the 6 common biases that can skew cybersecurity strategies. Understanding and overcoming security-related perceptual and decision-making biases is critical, as biases impact resource allocation and threat analysis. Building awareness of cognitive biases can help us make smarter, more accurate decisions, and more importantly, help us avoid designing systems and processes that perpetuate our own biases in technology. To achieve this type of awareness, we have to challenge ourselves to think about thinking.