Resources
Home

The Psychology behind Cyber Security (1 of 2)

Mar 09, 2009 by corby.laverty

In today’s world, technology is everywhere. In fact, it’s hard to go anywhere or do anything without using technology. As technology brings the world closer, it also puts those who use technology at risk…risk of stolen data, identify theft, the list goes on. Without cyber security, technology would not be where it is. Technology will inherently have flaws, which will in turn be exploited for fun, fame, or fortune. By helping secure technology, individuals, government, and corporations, cyber security provides “peace of mind” when surfing the web, sending an email, downloading a file, or countless other activities powered by technology.

As a cyber security professional, how do we create “peace of mind” for our clients? In my experience, psychology is critical. Now I don’t mean mind games or hypnosis! What I mean is people have an inherent need to be heard and understood. So before a person feels “peace of mind”, they need to feel good…they need to trust you…they need to believe a technology solution will meet their needs.

All too often, cyber security professionals will spend time focusing on technology specifics without fully understanding their client’s needs and requirements. Or, requirements are understood, but the security professional isn’t able to educate clients on how technology solutions will meet those requirements. Being able to bridge the gap between a client’s needs and technology isn’t always easy.

While not complicated, many of us forget to do the following…
1. LISTEN so you’re able to understand
2. ASK questions to make sure you have enough information
3. CLARIFY what you’ve heard in your own words to make sure you truly have a mutual understanding
4. SIMPLIFY your communication so it’s easy to understand
5. COMPLIMENT the person, organization, group, or company on things they’re already doing well
6. GIVE credit where credit is due

Technology and security alone cannot provide “peace of mind”. Understanding people’s motivations and what makes them “tick” is critical for any security project…a.k.a., we need to understand the psychology.

Psychology can be thought of as human behavior. It includes things like:

- how our minds work (perception, memory, learning)
- how we select relationships and feel in them (emotions, affection)
- what motivates us in life
- how we relate to people, objects, systems, technology

When you apply these principals to your security discussions with clients, it begins to make sense. By knowing who your audience is and getting to know them, you will have a better understanding about how their minds work and how they relate with the world around them (people, technology, systems). You will also gain insight into what motivates your clients and learn how you can meet their objectives through mutual understanding and agreement. It will become easier to relate and create trust with your clients, ultimately leading to an increase in positive emotions and success.

So you’ve asked yourself a fairly basic question by now…is there more to it than just technology/security and psychology? Absolutely. Knowledge, experience, resources, and more all play a large part. However, without the ability to relate and communicate with our fellow human beings, all of that goes to waste. In fact, the greatest technology and/or cyber security on earth will go to waste if it’s not related to our own personal experiences. We need to feel like we’re understood. We like to feel good about ourselves. We will feel comfortable and safe if we understand our environment and the methods/tools that are designed to protect them. We need to have good reason to trust and have faith in our protectors, whether human or technological. Only then will we be able to have “peace of mind”.

In order to become a successful cyber security professional, I suggest taking a step (or two) back from technology and security for a moment. Take some time at the end of each day and ask yourself how you did relating to those you interacted with. Did you listen? Did you truly understand the other person and were they able to understand you? How did the other person feel after our conversation? As a cyber security professional, we’re engaged in many different tasks ranging from sales to support, architecture to delivery. All of these daily tasks are extremely focused on and integrated with the technology around us. However, their success will in large part be dependent on the psychology behind each of those tasks.

Too be continued…

Tags: