3: Dr. Jessica Barker on why we need cybersecurity therapy, how to drive a positive security culture & why fear doesn’t work
The Intro
- Louisa has been inspired by the Geiger Counter she saw on the Chernobyl series and is spruiking her idea of a FUDometer (for detecting Fear, Uncertainty and Doubt) for cybersecurity and how they could be helpful at conferences and for holding over brochure ware
- Why Fear is annoying and not effective – something highlighted by studies and industry thought leaders (links to mentioned research below)
- Why Dr Jess is the perfect guest to talk to us about the psychology of fear
The Chat
Dr Jessica Barker has a PhD is one of the top 20 most influential women in cyber security in the UK and we are thrilled to have her in the café with us!
https://www.cygenta.co.uk/jess-bio
We talk about;
- How Jess came from a PHD in Civic Design into Cyber Security and her insights from googling cyber security and what happened when she joined the profession
- The psychology of fear and what it has to do with cyber security
- Why there is fear in cybersecurity – we are talking about something scary after all
- But there is an issue with how people respond to a fear-based message – an area Jess has researched in detail
- The messaging of what’s in it for me and why that is importance
- Why it’s important to ensure security doesn’t impact on productivity or become a blocker
- How and why use security champions and ambassadors – to spread the message AND to take feedback
- What the key indicators of mature cyber security cultures are
- How the way Phishing simulations are run can be an indicator of maturity
- How to measure cyber security culture
- The importance of giving people a chance to talk about how security is working and where it isn’t
- How to shape your awareness messaging based on the culture you want
- The importance of bringing culture and policy closer together
- How culture is different company to company and the importance of understanding the business
- We discuss the Research (link below under RESEARCH) that Dr Jess undertook with Palo Alto and YouGov which includes
- How people feel about how well they are protecting their data online
- Optimism bias
- The demographics in terms of who was more confident
- How we must consider the level of confidence when communicating
- We discuss whether the optimism aligns with how much is lost to Cybercrime and scams
- Why we need to do more to protect the broader society and personal security issues – there is a gap from the corporate level to the awareness for the general population and why googling doesn’t help
- The need to show people the HOW attacks can happen to demystify
- The need to ensure people engage in the danger and not the fear – they must be empowered
How to follow Jess:
Visit: https://www.Cygenta.co.uk
Twitter @Drjessicabarker
CREDITS
Guest: Dr Jessica Barker https://www.cygenta.co.uk/jess-bio
Hosts: Beverley Roche and Louisa Vogelenzang
Producer/Editor: Louisa Vogelenzang
Sound Producer: Darcy Milne (Propodcastproduction.com)
RESEARCH
The Global Cybersecurity capacity centre 2014 working paper on awareness campaigns:
David Spark’s Article on why CISOs find selling using fear annoying:
Louisa’s article on appropriate use of fear and what we can learn from the health industry:
Trust in the digital age research from Palo Alto, YouGov and Dr Jessica Barker:
CONTACT THE CYBERSECURITY CAFÉ
Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café
Email us:
Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap.
We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.
