Hersh Shefrin : Cyber Risk Psychology : Financier Worldwide
Hersh Shefrin, Mario L. Belotti Professor of Finance, wrote an op-ed published by Financier Worldwide that uses case studies to demonstrate how psychological phenomena, like availability bias, can lead to cyber breaches.
“Psychological phenomena often give cyber predators an important edge over their prey. Some of the most important phenomena are aspiration-based risk taking, excessive optimism, overconfidence, confirmation bias and availability bias. These phenomena give rise to pitfalls that infect organisational processes.
“Availability bias is especially pernicious. It involves over-reliance on information that is easily recalled, and in respect to cyber risk, generates a ‘see no evil’ state of mind. A good way to combat availability bias is to use case studies to ‘see evil’ which impacted others, with the evil comprising both the basic threat and the underlying psychological vulnerabilities. The point of the case study approach is to analyse how the ‘type of risks’ described in the cases ‘could happen here’ within the organizations’ processes, and if identified, how to respond effectively.”
With that, Shefrin goes on to focus on two case studies: a major oil spill in BP’s Alaska pipeline in 2008, and the bankruptcy of Nortel Networks in 2009.
Find the full article here »
Learn more about Professor Hersh Shefrin »