SlideShare a Scribd company logo

Sparking Curiosity to Change Security Behaviors

Download as PPTX, PDF
Forcepoint LLC
Forcepoint LLC

In this presentation Dr. Margaret Cunningham, Principal Research Scientist, Forcepoint X-Labs, explores the topic of curiosity in cybersecurity. Curiosity is a powerful catalyst for behavioral changes, but for the most part, curiosity has been used to exploit users rather than to motivate positive security behaviors. This session explores the science of curiosity, provides examples of how curiosity increases security risks, and discusses strategies for using curiosity to increase engagement and positive security behaviors. Through this session attendees can apply strategies learned for motivating positive security behaviors as a means to mitigate risk and decrease alert fatigue within an organization. Presented at Black Hat USA 2019 on Wednesday August 7, 2019. Related blog: https://www.forcepoint.com/blog/x-labs/sparking-curiosity-change-security-behaviors-bhusa-2019-slides-and-summary

Technology
1 of 29
Dr. Margaret Cunningham PrincipalResearchScientist,Forcepoint SparkingCuriositytoChangeSecurity Behaviors
©2019Forcepoint | 2 Hey Margaret, Matt needs the final report for the special project that you just finished up – it’s pretty urgent – can you send it to him on his personal email address? He’s traveling and having some issues with his laptop. Thanks! Kate
©2019Forcepoint | 3 Dr. Cunningham specializesinidentifyingcritical interactionsbetweenhumansandtechnologyto establisha betterhuman-centricmodel for improving information security. Dr. Margaret Cunningham PrincipalResearchScientist ForcepointX-Labs
©2019Forcepoint | 4 Overview Whatis curiosity? Whyare wecurious? How doescuriosityimpact security? Harnessing curiosityforgood
©2019Forcepoint | 5 Whatis Curiosity?
©2019Forcepoint | 6 Whatis Curiosity?
©2019Forcepoint | 7 Curiosity is the gap between what we know and what we want to know –GeorgeLoewenstein
©2019Forcepoint | 8 Motivation& Anticipation
©2019Forcepoint | 9 Why are we Curious?
©2019Forcepoint | 10 Curiosity inthe Moment I can’t believe how different Kim Kardashian and Kanye West’s house looked before they turned it into an abandoned museum 20 people on the internet who knew the absolute funniest thing to say in the moment People are sharing song lyrics they’ve been getting completely wrong and it’s hilarious 17 embarrassing pronunciation mistakes that everyone makes
©2019Forcepoint | 11 Attention
©2019Forcepoint | 12 Memory
©2019Forcepoint | 13 How does Curiosity ImpactSecurity?
©2019Forcepoint | 14 Thebad guys have beencapitalizing on human curiosity for a long time - and we need to catch up!
©2019Forcepoint | 15 How does Curiosity ImpactSecurity? We getphishedlookingfora reward We aretrickedintopayingattentiontothe wrongthing We seesomethingoutofplaceandwant toexploreit
©2019Forcepoint | 16 “You’ll besued!” “You must do this quickly or else!” Using emotional language, or emotional subject matter Tacticsthat“Spark” Curiosity and EmotionalIntensity
©2019Forcepoint | 17 Hey! The New Year’s Eve party was awesome! Here are the pictures: http:///photocloud/page.php?h= But please don’t share them with people who have not been there! See you next time! 34.2% curious pictures funny private content Spear Phishing *Benenson, Gassmann, & Landwirth, Unpacking Spear Phishing Susceptibility
©2019Forcepoint | 18 Harnessing Curiosity forGood
©2019Forcepoint | 19 Harnessing Curiosity forGood 1. Use curiosity against the bad guys 2. Profilecuriosity-driven behavior toidentify risk 3. Engage users using information gaptheory 4. Make goodchoices obvious, orthe default 5. Don’t go overboardwith attention grabbingalerts andfeatures
©2019Forcepoint | 20 Honeypots
©2019Forcepoint | 21 Profiling Curiosity-DrivenBehavior Risk-Centric Event-Centric
ATTRIBUTES INFERENCES MODELS Adaptive Trust Profile
©2019Forcepoint | 23 Informationoverload Flow isoutoforder Pre-selected defaultreason Older Dialog
©2019Forcepoint | 24 Current Dialog Improved flow ofinformation User must select reason Additionaldetails available,in plainlanguage
©2019Forcepoint | 25 1. 2. FutureDialogues
©2019Forcepoint | 26 Key Takeaways 1. Curiositydrives us toseek new andexciting information 2. Memory andattention playa key role in motivating behavior 3. Adversaries areskilled at manipulating emotions and curiosity 4. Understanding curiosity can contextualize user behavior, andhelp us identify risky users 5. By piquing curiosity, we can improve security behaviors that benefit users andorganizations
©2019Forcepoint | 27 I am the sourceof catastrophic breach I am the sourceof tremendous innovation Questions
©2019Forcepoint | 28 Follow-up Questions or Comments? margaret.cunningham@forcepoint.com Exploring the Grey Space of Cybersecurity with Insights from Cognitive Science Recentwhitepapers Thinking about Thinking: Exploring Bias in Cybersecurity with Insights from Cognitive Science Booth #622
©2019Forcepoint | 29 Followus! @Forcepointsec ForcepointForcepoint Forcepoint @Forcepointlabs

Recommended

Mei NELSON - Hacking and Trolling: The Changing Face of Hacktivism in the Dis...
Mei NELSON - Hacking and Trolling: The Changing Face of Hacktivism in the Dis...Mei NELSON - Hacking and Trolling: The Changing Face of Hacktivism in the Dis...
Mei NELSON - Hacking and Trolling: The Changing Face of Hacktivism in the Dis...REVULN
 
MITRE ATT&CKcon 2.0: ATT&CK Updates - Sightings; John Wunder, MITRE
MITRE ATT&CKcon 2.0: ATT&CK Updates - Sightings; John Wunder, MITREMITRE ATT&CKcon 2.0: ATT&CK Updates - Sightings; John Wunder, MITRE
MITRE ATT&CKcon 2.0: ATT&CK Updates - Sightings; John Wunder, MITREMITRE - ATT&CKcon
 
2018 PMX Agency Summit: Redefining the Media Landscape
2018 PMX Agency Summit: Redefining the Media Landscape2018 PMX Agency Summit: Redefining the Media Landscape
2018 PMX Agency Summit: Redefining the Media LandscapePMX Agency
 
Trust ethics
Trust ethicsTrust ethics
Trust ethicsMr Nyak
 
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing Are my Devices Spying on Me? Living in a World of Ubiquitous Computing
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing Jason Hong
 
Aon-Ponemon-2022-Intangible-Assets-Financial-Statement-Impact-Comparison-Repo...
Aon-Ponemon-2022-Intangible-Assets-Financial-Statement-Impact-Comparison-Repo...Aon-Ponemon-2022-Intangible-Assets-Financial-Statement-Impact-Comparison-Repo...
Aon-Ponemon-2022-Intangible-Assets-Financial-Statement-Impact-Comparison-Repo...zulaazulaa56
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
Managing Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyManaging Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyEvan Francen
 

Recommended

Mei NELSON - Hacking and Trolling: The Changing Face of Hacktivism in the Dis...
Mei NELSON - Hacking and Trolling: The Changing Face of Hacktivism in the Dis...Mei NELSON - Hacking and Trolling: The Changing Face of Hacktivism in the Dis...
Mei NELSON - Hacking and Trolling: The Changing Face of Hacktivism in the Dis...REVULN
 
MITRE ATT&CKcon 2.0: ATT&CK Updates - Sightings; John Wunder, MITRE
MITRE ATT&CKcon 2.0: ATT&CK Updates - Sightings; John Wunder, MITREMITRE ATT&CKcon 2.0: ATT&CK Updates - Sightings; John Wunder, MITRE
MITRE ATT&CKcon 2.0: ATT&CK Updates - Sightings; John Wunder, MITREMITRE - ATT&CKcon
 
2018 PMX Agency Summit: Redefining the Media Landscape
2018 PMX Agency Summit: Redefining the Media Landscape2018 PMX Agency Summit: Redefining the Media Landscape
2018 PMX Agency Summit: Redefining the Media LandscapePMX Agency
 
Trust ethics
Trust ethicsTrust ethics
Trust ethicsMr Nyak
 
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing Are my Devices Spying on Me? Living in a World of Ubiquitous Computing
Are my Devices Spying on Me? Living in a World of Ubiquitous Computing Jason Hong
 
Aon-Ponemon-2022-Intangible-Assets-Financial-Statement-Impact-Comparison-Repo...
Aon-Ponemon-2022-Intangible-Assets-Financial-Statement-Impact-Comparison-Repo...Aon-Ponemon-2022-Intangible-Assets-Financial-Statement-Impact-Comparison-Repo...
Aon-Ponemon-2022-Intangible-Assets-Financial-Statement-Impact-Comparison-Repo...zulaazulaa56
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
Managing Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyManaging Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyEvan Francen
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityCentrify Corporation
 
The Fragmentation of Social Media Platforms
The Fragmentation of Social Media PlatformsThe Fragmentation of Social Media Platforms
The Fragmentation of Social Media PlatformsGodfrey Parkin
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information securityethanBrownusa
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeErnst & Young
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeNishantSisodiya
 
Incubeta Ignite: Am I a Bad Person?
Incubeta Ignite: Am I a Bad Person?Incubeta Ignite: Am I a Bad Person?
Incubeta Ignite: Am I a Bad Person?Incubeta NMPi
 
Building Intelligent Data Products (Applied AI)
Building Intelligent Data Products (Applied AI)Building Intelligent Data Products (Applied AI)
Building Intelligent Data Products (Applied AI)Stephen Whitworth
 
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Jef Lacson
 
Webinar: Machine Learning Fights Financial Crime
Webinar: Machine Learning Fights Financial CrimeWebinar: Machine Learning Fights Financial Crime
Webinar: Machine Learning Fights Financial CrimeBigML, Inc
 
GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...
GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...
GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...Ryan Wisniewski
 
Hacking the Boardroom
Hacking the BoardroomHacking the Boardroom
Hacking the BoardroomRyan Wisniewski
 
Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...
Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...
Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...NoNameCon
 
Whitepaper - Fraudsters Love Digital_FINAL
Whitepaper - Fraudsters Love Digital_FINALWhitepaper - Fraudsters Love Digital_FINAL
Whitepaper - Fraudsters Love Digital_FINALDavid Hartley
 
“Lack of Intelligence is the Greatest Poverty”
“Lack of Intelligence is the Greatest Poverty”“Lack of Intelligence is the Greatest Poverty”
“Lack of Intelligence is the Greatest Poverty”Qamar Qurban
 
Building Sensemaking Capacity: Drawing Insights From Anthropological Thinking
Building Sensemaking Capacity: Drawing Insights From Anthropological ThinkingBuilding Sensemaking Capacity: Drawing Insights From Anthropological Thinking
Building Sensemaking Capacity: Drawing Insights From Anthropological ThinkingMatt Artz
 
[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...
[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...
[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...CODE BLUE
 
Technology tech trends 2022 and beyond
Technology tech trends 2022 and beyond Technology tech trends 2022 and beyond
Technology tech trends 2022 and beyond Brian Pichman
 
Know Your Customer: Social Media World Forum London 2012
Know Your Customer: Social Media World Forum London 2012Know Your Customer: Social Media World Forum London 2012
Know Your Customer: Social Media World Forum London 2012Meltwater Buzz
 
Tactical Misinformation-Disinformation in your Organization
Tactical Misinformation-Disinformation in your OrganizationTactical Misinformation-Disinformation in your Organization
Tactical Misinformation-Disinformation in your OrganizationEyesOpen Association
 
Federal Vision 2030
Federal Vision 2030Federal Vision 2030
Federal Vision 2030accenture
 
Rethinking the concept of trust (DoDIIS 2019 presentation)
Rethinking the concept of trust (DoDIIS 2019 presentation)Rethinking the concept of trust (DoDIIS 2019 presentation)
Rethinking the concept of trust (DoDIIS 2019 presentation)Forcepoint LLC
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AIForcepoint LLC
 

More Related Content

Similar to Sparking Curiosity to Change Security Behaviors

Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityCentrify Corporation
 
The Fragmentation of Social Media Platforms
The Fragmentation of Social Media PlatformsThe Fragmentation of Social Media Platforms
The Fragmentation of Social Media PlatformsGodfrey Parkin
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information securityethanBrownusa
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeErnst & Young
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeNishantSisodiya
 
Incubeta Ignite: Am I a Bad Person?
Incubeta Ignite: Am I a Bad Person?Incubeta Ignite: Am I a Bad Person?
Incubeta Ignite: Am I a Bad Person?Incubeta NMPi
 
Building Intelligent Data Products (Applied AI)
Building Intelligent Data Products (Applied AI)Building Intelligent Data Products (Applied AI)
Building Intelligent Data Products (Applied AI)Stephen Whitworth
 
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Jef Lacson
 
Webinar: Machine Learning Fights Financial Crime
Webinar: Machine Learning Fights Financial CrimeWebinar: Machine Learning Fights Financial Crime
Webinar: Machine Learning Fights Financial CrimeBigML, Inc
 
GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...
GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...
GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...Ryan Wisniewski
 
Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...
Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...
Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...NoNameCon
 
Whitepaper - Fraudsters Love Digital_FINAL
Whitepaper - Fraudsters Love Digital_FINALWhitepaper - Fraudsters Love Digital_FINAL
Whitepaper - Fraudsters Love Digital_FINALDavid Hartley
 
“Lack of Intelligence is the Greatest Poverty”
“Lack of Intelligence is the Greatest Poverty”“Lack of Intelligence is the Greatest Poverty”
“Lack of Intelligence is the Greatest Poverty”Qamar Qurban
 
Building Sensemaking Capacity: Drawing Insights From Anthropological Thinking
Building Sensemaking Capacity: Drawing Insights From Anthropological ThinkingBuilding Sensemaking Capacity: Drawing Insights From Anthropological Thinking
Building Sensemaking Capacity: Drawing Insights From Anthropological ThinkingMatt Artz
 
[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...
[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...
[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...CODE BLUE
 
Technology tech trends 2022 and beyond
Technology tech trends 2022 and beyond Technology tech trends 2022 and beyond
Technology tech trends 2022 and beyond Brian Pichman
 
Know Your Customer: Social Media World Forum London 2012
Know Your Customer: Social Media World Forum London 2012Know Your Customer: Social Media World Forum London 2012
Know Your Customer: Social Media World Forum London 2012Meltwater Buzz
 
Tactical Misinformation-Disinformation in your Organization
Tactical Misinformation-Disinformation in your OrganizationTactical Misinformation-Disinformation in your Organization
Tactical Misinformation-Disinformation in your OrganizationEyesOpen Association
 
Federal Vision 2030
Federal Vision 2030Federal Vision 2030
Federal Vision 2030accenture
 

Similar to Sparking Curiosity to Change Security Behaviors (20)

Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust Security
 
The Fragmentation of Social Media Platforms
The Fragmentation of Social Media PlatformsThe Fragmentation of Social Media Platforms
The Fragmentation of Social Media Platforms
 
The importance of information security
The importance of information securityThe importance of information security
The importance of information security
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
 
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
 
Incubeta Ignite: Am I a Bad Person?
Incubeta Ignite: Am I a Bad Person?Incubeta Ignite: Am I a Bad Person?
Incubeta Ignite: Am I a Bad Person?
 
Building Intelligent Data Products (Applied AI)
Building Intelligent Data Products (Applied AI)Building Intelligent Data Products (Applied AI)
Building Intelligent Data Products (Applied AI)
 
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
 
Webinar: Machine Learning Fights Financial Crime
Webinar: Machine Learning Fights Financial CrimeWebinar: Machine Learning Fights Financial Crime
Webinar: Machine Learning Fights Financial Crime
 
GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...
GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...
GRRCON 2019 - Hacking the Board Room: How to communicate effectively and secu...
 
Hacking the Boardroom
Hacking the BoardroomHacking the Boardroom
Hacking the Boardroom
 
Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...
Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...
Oleg Bondarenko - Threat Intelligence particularities world-wide. Real life u...
 
Whitepaper - Fraudsters Love Digital_FINAL
Whitepaper - Fraudsters Love Digital_FINALWhitepaper - Fraudsters Love Digital_FINAL
Whitepaper - Fraudsters Love Digital_FINAL
 
“Lack of Intelligence is the Greatest Poverty”
“Lack of Intelligence is the Greatest Poverty”“Lack of Intelligence is the Greatest Poverty”
“Lack of Intelligence is the Greatest Poverty”
 
Building Sensemaking Capacity: Drawing Insights From Anthropological Thinking
Building Sensemaking Capacity: Drawing Insights From Anthropological ThinkingBuilding Sensemaking Capacity: Drawing Insights From Anthropological Thinking
Building Sensemaking Capacity: Drawing Insights From Anthropological Thinking
 
[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...
[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...
[CB19] From Advanced Persistent Threats to "Advanced Persistent Manipulators"...
 
Technology tech trends 2022 and beyond
Technology tech trends 2022 and beyond Technology tech trends 2022 and beyond
Technology tech trends 2022 and beyond
 
Know Your Customer: Social Media World Forum London 2012
Know Your Customer: Social Media World Forum London 2012Know Your Customer: Social Media World Forum London 2012
Know Your Customer: Social Media World Forum London 2012
 
Tactical Misinformation-Disinformation in your Organization
Tactical Misinformation-Disinformation in your OrganizationTactical Misinformation-Disinformation in your Organization
Tactical Misinformation-Disinformation in your Organization
 
Federal Vision 2030
Federal Vision 2030Federal Vision 2030
Federal Vision 2030
 

More from Forcepoint LLC

Rethinking the concept of trust (DoDIIS 2019 presentation)
Rethinking the concept of trust (DoDIIS 2019 presentation)Rethinking the concept of trust (DoDIIS 2019 presentation)
Rethinking the concept of trust (DoDIIS 2019 presentation)Forcepoint LLC
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AIForcepoint LLC
 
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...Forcepoint LLC
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in CybersecurityForcepoint LLC
 
Using Language Modeling to Verify User Identities
Using Language Modeling to Verify User IdentitiesUsing Language Modeling to Verify User Identities
Using Language Modeling to Verify User IdentitiesForcepoint LLC
 
Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Forcepoint LLC
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud GenerationForcepoint LLC
 
Forcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint LLC
 
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudTop 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudForcepoint LLC
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applicationsForcepoint LLC
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...Forcepoint LLC
 
GDPR is Here. Now What?
GDPR is Here. Now What?GDPR is Here. Now What?
GDPR is Here. Now What?Forcepoint LLC
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsForcepoint LLC
 
A Predictive “Precrime” Approach Requires a Human Focus
A Predictive “Precrime” Approach Requires a Human FocusA Predictive “Precrime” Approach Requires a Human Focus
A Predictive “Precrime” Approach Requires a Human FocusForcepoint LLC
 
Cyber Convergence, Warfare and You
Cyber Convergence, Warfare and YouCyber Convergence, Warfare and You
Cyber Convergence, Warfare and YouForcepoint LLC
 
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)Forcepoint LLC
 
Security Insights for Mission-Critical Networks
Security Insights for Mission-Critical NetworksSecurity Insights for Mission-Critical Networks
Security Insights for Mission-Critical NetworksForcepoint LLC
 
Maintaining Visibility and Control as Workers and Apps Scatter
Maintaining Visibility and Control as Workers and Apps ScatterMaintaining Visibility and Control as Workers and Apps Scatter
Maintaining Visibility and Control as Workers and Apps ScatterForcepoint LLC
 
Embracing the Millennial Tsunami
Embracing the Millennial TsunamiEmbracing the Millennial Tsunami
Embracing the Millennial TsunamiForcepoint LLC
 

More from Forcepoint LLC (20)

Rethinking the concept of trust (DoDIIS 2019 presentation)
Rethinking the concept of trust (DoDIIS 2019 presentation)Rethinking the concept of trust (DoDIIS 2019 presentation)
Rethinking the concept of trust (DoDIIS 2019 presentation)
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AI
 
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...
Weary Warriors: Reducing the Impact of Wishful Thinking & Fatigue on Informat...
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in Cybersecurity
 
Using Language Modeling to Verify User Identities
Using Language Modeling to Verify User IdentitiesUsing Language Modeling to Verify User Identities
Using Language Modeling to Verify User Identities
 
Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365Driving the successful adoption of Microsoft Office 365
Driving the successful adoption of Microsoft Office 365
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
 
Forcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint Advanced Malware Detection
Forcepoint Advanced Malware Detection
 
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudTop 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
 
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
 
GDPR is Here. Now What?
GDPR is Here. Now What?GDPR is Here. Now What?
GDPR is Here. Now What?
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider Threats
 
A Predictive “Precrime” Approach Requires a Human Focus
A Predictive “Precrime” Approach Requires a Human FocusA Predictive “Precrime” Approach Requires a Human Focus
A Predictive “Precrime” Approach Requires a Human Focus
 
Cyber Convergence, Warfare and You
Cyber Convergence, Warfare and YouCyber Convergence, Warfare and You
Cyber Convergence, Warfare and You
 
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)
Securing the Global Mission: Enabling Effective Information Sharing (DoD MPE-IS)
 
Security Insights for Mission-Critical Networks
Security Insights for Mission-Critical NetworksSecurity Insights for Mission-Critical Networks
Security Insights for Mission-Critical Networks
 
Maintaining Visibility and Control as Workers and Apps Scatter
Maintaining Visibility and Control as Workers and Apps ScatterMaintaining Visibility and Control as Workers and Apps Scatter
Maintaining Visibility and Control as Workers and Apps Scatter
 
Embracing the Millennial Tsunami
Embracing the Millennial TsunamiEmbracing the Millennial Tsunami
Embracing the Millennial Tsunami
 
Shift the Burden
Shift the BurdenShift the Burden
Shift the Burden
 

Recently uploaded

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Recently uploaded (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Sparking Curiosity to Change Security Behaviors

Editor's Notes

  1. Curiosity is a powerful catalyst for behavioral changes, but for the most part, curiosity has been used to exploit users rather than to motivate positive security behaviors. This session explores the science of curiosity, provides examples of how curiosity increases security risks, and discusses strategies for using curiosity to increase engagement and positive security behaviors. Through this session attendees can apply strategies learned for motivating positive security behaviors as a means to mitigate risk and decrease alert fatigue within an organization. Location:  Business Hall Theater A Date: Wednesday, August 7 | 4:10pm-5:00pm https://www.blackhat.com/us-19/sponsored-sessions/schedule/#sparking-curiosity-to-change-security-behaviors-17096
  2. Hey Margaret, Matt needs the final report for the special project that you just finished up – it’s pretty urgent – can you send it to him on his personal email address? He’s traveling and having some issues with his laptop. Thanks! Kate when our users see such an email they want to keep the CEO happy, but they also wonder what file he wants and what reward they may get for fulfilling the request. this raises their curiosity. in this presentation we will ask the question "what is curiosity"
  3. Curiosity motivates, engages, promotes insight, and often delights. It embodies the intrinsic motivation to learn more, a motivation that often drives novel behaviors or changes in habit. Curiosity is also heavily exploited; it can manifest as a never-ending state of distraction, vulnerability to social engineering and phishing, and as addictive behaviors. Curiosity has multiple components, and is considered by some to be an emotion but to others as an inquisitive thinking style or personality trait. It’s generally associated with seeking missing or interesting information
  4. Curiosity stems from the human desire to close gaps in understanding. When we are missing information from our environment, we actually feel DEPRIVED of the information, and have an urge to solve, or cure the deprivation. This is similar to hunger – when we are hungry, we will do almost anything to grab a bite to eat to ”cure” ourselves. Curiosity is also sparked when people are presented with, or experience, something that doesn’t make sense or that doesn’t fit with their understanding of the world.
  5. Anticipation of solving or curing the “gap” of information, and the reward of learning something new
  6. Today, we’ll talk about what sparks curiosity in the moment, and later, a bit more about curiosity as a behavioral trait. and both internal and external factors that spark curiosity
  7. State curiosity is most closely aligned with information seeking or goal-directed information seeking and rewards State curiosity Heightened arousal due to environmental changes/stimuli Associated with immediate rewards (excitement, finding out information, tasting something that looks good, seeing what’s around the corner = rewards! State curiosity depends heavily on Attention & Memory…
  8. Individuals tend to focus their energies on stimuli that are particularly stimulating or engaging
  9. If curiosity is the desire to seek out and understand unfamiliar or novel stimuli, one's memory is important in determining if the stimuli is indeed unfamiliar.
  10. How does curiosity impact security? We get phished looking for a reward (Click Here for Your Free Gift Card!!) We are tricked into paying attention to the wrong thing (ooo that looks interesting, I will visit that page/click that thing!) We see something out of place and want to explore it -- “hmmm that’s odd!”
  11. The bad guys have been capitalizing on human curiosity for a long time - and we need to catch up! ** audience engagement (if looks good…) *** I have a list of 5 ways that the bad guys use curiosity – can you guess all five from my list??
  12. How does curiosity impact security? We get phished looking for a reward (Click Here for Your Free Gift Card!!) Enter this quiz to claim $250 This stay-at-home parent earns $1000 a day We are tricked into paying attention to the wrong thing (ooo that looks interesting, I will visit that page/click that thing!) Everyone is sharing this video and it is hilarious We see something out of place and want to explore it -- “hmmm that’s odd!” Mmmm, I've not seen that file in my directory before. Looks important. I wonder what it is....<opens file and triggers malicious macro> That dialogue box sure is annoying. i wonder what Error it is trying to inform me of. <clicks button> Why have my files been renamed? better open them to see what is going on <open files and spreads worm>
  13. The bad guys have been capitalizing on human curiosity for a long time - and we need to catch up! Their tactics that “spark” curiosity and emotional intensity include: Using emotional language, or emotional subject matter Using time pressure “you must do this quickly or else!” Using threats -- “you’ll be sued!”
  14. FOMO! Example Message from Spear Phishing Study (Benenson, Gassmann, & Landwirth, Unpacking Spear Phishing Susceptibility) https://www.cl.cam.ac.uk/~rja14/shb17/benenson.pdf Hey! The New Year’s Eve party was awesome! Here are the pictures: http:///photocloud/page.php?h= But please don’t share them with people who have not been there! See you next time!   34.2% of the participants who clicked the spear phishing message said that they were “curious” about the pictures, wanted to see the content, intrigued by something funny or private
  15. NOTE: Do we care about using the word Profile? This is to link to Adaptive Trust Profile concept, and identifying risky behaviors… If we don’t want to use “profile” easy swap to something else!
  16. Honeypots – Prime example of using curiosity against the bad guys – There are a lot of different types of honeypots, but generally speaking, this would be “luring” attackers to data or assets that appear to be of interest or valuable (sparking curiosity, and using the observed behavior of the attackers to protect!) also "Cybersecurity Deception Technology". alluring data, topology that looks like the actual network - to sidetrack and confuse
  17. While honeypots deal with curiosity quite well, the number of events generated by someone touching or visiting the honeypot can create an entirely new set of issues. Using a risk-centric rather than an event-centric approach, we can cope with events more efficiently. Why profile user behavior? Well, traditional approaches that focus on events do not capture everything – and as we know, they aren’t always very effective for protecting people and data, which are major assets to any organization. Shifting away from detecting events, and towards understanding entities and entity risk – such as an individual person’s risk that can be calculated based on their behavior over time, and within specific contexts – can be shaped by our understanding of how and why people do what they do, for instance – curiosity. Understanding motivated behavior, such as behavior driven by curiosity, helps provide context for what we know about human behavior and what we can explain about human behavior Let’s think about how this might work and why we’d care to go about understanding behavior in this way… Some people are explorers, data gatherers, and often poke around to see what’s out there… and this may be non-malicious. However, it’s still risky for your organization! Why is Carol in Finance looking at the HR records, including payroll? Other people are exploring for malicious reasons – perhaps they are leaving or planning to leave your organization and want to find high value assets? There are many different types of people – boundary pushers, explorers, leavers – and we can understand the types of people that they are, in part by things like their file access patterns, organizational roles, etc.  
  18. How can we do this? (this is why we are different, this is our approach that deviates from our competitors) Thinking again about how useful it can be to create an entity-centric view of the world, and how different aspects of an entity can be captured in different ways… we can also consider curiosity to be an attribute. If we develop “curiosity” as an attribute, for instance, and associate curiosity with specific types of behavioral models, we can then infer whether or not a curious person has malicious intent or if they are just exploring. We can also work toward quantifying the risk associated with their curiosity driven behavior.
  19. Now let’s anchor curiosity into a concrete example – to show how even minor changes in how our products are designed can impact engagement and drive better security behaviors through principles associated with curiosity. Everything is presented at once, with little consideration for progressive disclosure of information. The flow is clunky and unintuitive – the user is asked to provide a reason for overriding the block before we explain why the block occurred in the first place (operation details). The user is unlikely to select a different reason using the dropdown menu, which is not helpful to organizational efforts to understand rationale for engaging in behaviors that violate policy.
  20. This dialog uses a more narrative flow in presenting the information: Something happened that requires an action Here's why it happened (policy violations) How do you, the user, want to proceed? Also, here's a link that will educate you on corporate policy. This dialogue also makes the user select why they are continuing with their action, which provides better information to organizations. Talk about the #’s associated with using this dialogue box (report from Ben T)
  21. Let’s walk through how this simple dialogue box uses principles of sparking curiosity attention grabbing phrase, outside of the norm for a security dialogue box (so many options, and we CAN have fun with security) Personal – use of the person’s name is also unique, and engaging. This is relevant TO ME, so I immediately pay more attention to it. Who responds to form letters? Ability to answer questions and seek answers – information gap – “why is this happening?” in PLAIN LANGUAGE
  22. Curiosity drives humans to seek new and exciting information, whether it’s good for them or not Memory and attention play a key role in sparking curiosity, and in motivating behaviors. Adversaries are skilled at manipulating emotions and curiosity for their gain Understanding curiosity contextualizes user behavior, and can help us identify risky users By piquing curiosity, we can promote better security behaviors that benefit both end users and corporations
  23. I am the source of tremendous innovation.  I am the source of catastrophic breach.
  24. https://www.forcepoint.com/resources/reports/exploring-gray-space-cybersecurity-insights-cognitive-science https://www.forcepoint.com/resources/reports/thinking-about-thinking-exploring-bias-cybersecurity-insights-cognitive-science www.forcepoint.com/company/biographies/margaret-cunningham