print   email   Share

Identifying Employee Personality Typing May Help Blunt Cybercrime

A new report looks at the human element in cybersecurity, which researchers call "Cyberchology."

The report focuses on the connection between individual personality, stress, and cybersecurity in the ever-growing virtual workplace.

According to the report, cybercrime in the UK has increased by 63 percent since the pandemic lockdown forced nearly three-quarters of businesses interviewed to move at least half of their operations into the remote workplace.

The Chief Information Security Officers (CISO) who participated in the study point to human error as their biggest challenge, with only 25 percent reporting confidence in the effectiveness of their remote workplace strategy.

Cybersecurity experts say the pandemic and subsequent switch to remote working elevates cybersecurity risk because of the abrupt and drastic change in business processes, the lack of central security, and the widespread atmosphere of anxiety.

Because the human element in cybersecurity is so prevalent, leadership expert, John Hackston, suggests businesses combine the efforts of HR and IT in developing a "holistic cybersecurity strategy that accounts for the human factor." He believes by utilizing psychology-based testing measures, HR staff can uncover employee weaknesses that IT can use to develop a better security strategy and more effective user protocols. "Every employee has a cybersecurity blind spot" www.helpnetsecurity.com (Nov. 09, 2020).

Commentary

Most IT leaders will agree that user behavior is a significant cybersecurity factor, yet one that is a challenge to control. Many of the most successful cyberattacks exploit human error. The above research linking personality to cybercrime prevention strategies may prove to be valuable.

The above report identified personality characteristics which may indicate a propensity towards certain online missteps. This knowledge could help determine what forms of security training have the best results. For example, individuals identified as the Extraverted type, those who work through problems by talking them out, tend to be more easily manipulated and susceptible to phishing attacks. They are, however, more adept at recognizing attacks from the outside.

Other personality types identified in the research include Sensing types – those who have strong observational and memory retention skills. Perceiving types tend to be more flexible and casual, while Feeling types are those directed by personal values. Judging types are those who are methodical or structured, and Thinking types are those who use logic to solve problems. These personality types, or a combination of them, seem to play a role in how individuals approach cybersecurity.

Although the research is new, it has long been understood that personality typing can have value in many areas of business, so it is not surprising that experts are exploring its application in the area of cybersecurity.

For now, organizations must focus on training and education. An important part of education is showing employees how others have made mistakes in order to avoid replicating them in your area.

Finally, your opinion is important to us. Please complete the opinion survey: