Security News > 2020 > December > 5 common decision-making biases in cybersecurity
"By improving our understanding of biases, it becomes easier to identify and mitigate the impact of flawed reasoning and decision-making conventions," writes Margaret Cunningham, PhD, principal research scientist, in her Forcepoint report Thinking About Thinking: Exploring Bias in Cybersecurity with Insights from Cognitive Science.
"Our efforts to build harmony between the best characteristics of humans and the best characteristics of technology to tackle cybersecurity challenges depend on understanding and overcoming bias," says Cunningham.
Cunningham compiled a list of known decision-making biases meaningful to cybersecurity professionals, along with information on how each bias functions and how they can impact an organization's cybersecurity.
"Confirmation bias not only affects our reasoning strategies, but it also impacts our memory of information," adds Cunningham.
As to how that is accomplished, Cunningham offers the following advice, "Human weaknesses and cognitive shortcuts that result in bias require us to foster a sense of intrinsic motivation to address bias while requiring us to turn towards one another and towards technology to minimize the impact of predictable biases in the cybersecurity community."