Episode 3: Why we need cybersecurity therapy, how to drive a positive security culture & why fear doesn’t work with Dr. Jessica Barker 

The Intro

 

  • Louisa has been inspired by the Geiger Counter she saw on the Chernobyl series and is spruiking her idea of a FUDometer (for detecting Fear, Uncertainty and Doubt) for cybersecurity and how they could be helpful at conferences and for holding over brochure ware

  • Why Fear is annoying and not effective – something highlighted by studies and industry thought leaders (links to mentioned research below)

  • Why Dr Jess is the perfect guest to talk to us about the psychology of fear 

 

The Chat

 

Dr Jessica Barker has a PhD is one of the top 20 most influential women in cyber security in the UK and we are thrilled to have her in the café with us!

https://www.cygenta.co.uk/jess-bio

We talk about;

  • How Jess came from a PHD in Civic Design into Cyber Security and her insights from googling cyber security and what happened when she joined the profession 

  • The psychology of fear and what it has to do with cyber security

    • Why there is fear in cybersecurity – we are talking about something scary after all

    • But there is an issue with how people respond to a fear-based message – an area Jess has researched in detail

  • The messaging of what’s in it for me and why that is importance

  • Why it’s important to ensure security doesn’t impact on productivity or become a blocker

  • How and why use security champions and ambassadors – to spread the message AND to take feedback

  • What the key indicators of mature cyber security cultures are

  • How the way Phishing simulations are run can be an indicator of maturity

  • How to measure cyber security culture

  • The importance of giving people a chance to talk about how security is working and where it isn’t

  • How to shape your awareness messaging based on the culture you want

  • The importance of bringing culture and policy closer together 

  • How culture is different company to company and the importance of understanding the business

  • We discuss the Research (link below under RESEARCH) that Dr Jess undertook with Palo Alto and YouGov which includes

    • How people feel about how well they are protecting their data online

    • Optimism bias

    • The demographics in terms of who was more confident 

    • How we must consider the level of confidence when communicating 

  • We discuss whether the optimism aligns with how much is lost to Cybercrime and scams

  • Why we need to do more to protect the broader society and personal security issues – there is a gap from the corporate level to the awareness for the general population and why googling doesn’t help

  • The need to show people the HOW attacks can happen to demystify 

  • The need to ensure people engage in the danger and not the fear – they must be empowered 

 

How to follow Jess:

Visit: https://www.Cygenta.co.uk

Twitter @Drjessicabarker

 

CREDITS

 

Guest: Dr Jessica Barker https://www.cygenta.co.uk/jess-bio

Hosts: Beverley Roche and Louisa Vogelenzang

Producer/Editor: Louisa Vogelenzang

Sound Producer: Darcy Milne (Propodcastproduction.com)

 

RESEARCH

 

The Global Cybersecurity capacity centre 2014 working paper on awareness campaigns:

https://www.sbs.ox.ac.uk/cybersecurity-capacity/system/files/Awareness CampaignsDraftWorkingPaper.pdf

 

David Spark’s Article on why CISOs find selling using fear annoying:

https://www.forbes.com/sites/davidspark/2018/03/06/9-reasons-why-selling-fear-does-not-work-on-a-ciso-cisosecurity-vendor-relationship/#55f291a12a1d

 

Louisa’s article on appropriate use of fear and what we can learn from the health industry:

https://www.fudfreecyber.org/post/appropriate-use-of-fear-5-lessons-the-cyber-security-industry-can-learn-from-the-health-industry

 

Trust in the digital age research from Palo Alto, YouGov and Dr Jessica Barker:

https://blog.cygenta.co.uk/trust_survey/

 

CONTACT THE CYBERSECURITY CAFÉ

 

Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café

Follow us on Twitter @cyberseccafe

Email us:

louisa@cybersecuritycafe.com.au

beverley@cybersecuritycafe.com.au

 

Want to be on the show? send us your bio and an overview on what you want to chat about and we’ll be in touch asap.

 

We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.

© 2019 by Cybersecurity Café. Proudly created with Wix.com.  

Background image credit: Canva