I am currently reading Richard Thayler’s new book “Misbehaving: The Making of Behavioral Economics”. I trust I don’t need to explain what the book is about. Early in the book, Thayler describes the work leading up to his thesis, “The Value of Saving a Life”, and points out something most of us can relate to: … Continue reading “The Value of Saving Data (from theft)”
This post is part of my continuing exploration into the linkages between behavioral economics and information security. I am writing these to force some refinement in my thinking, and hopefully to solicit some ideas from those much smarter than I… === In well repeated studies, subjects were asked to estimate the number of homicides in … Continue reading “Risk Assessments and Availability Bias”
A new report by Sailpoint indicating that one in seven employees would sell company passwords for $150 is garnering a lot of news coverage in the past few days. The report also finds that 20% of employees share passwords with coworkers. The report is based on a survey of 1,000 employees from organizations with over 3,000 … Continue reading “Human Nature And Selling Passwords”
This has been a particularly active year for large scale, public breaches in the news. Next year’s Data Breach Investigations Report from Verizon should provide some context on whether we are experiencing a “shark attack” phenomenon of continued media coverage of each new breach, or if this is really an exceptional year. Regardless of whether … Continue reading “Human Nature and Cyber Security”
