How do humans react during a cyber attack? And does human behaviour make a material difference to the damage done, and an organisation’s ability to recover?
Nearly everyone in cyber talks about people, process and technology. But often, the people side is mentioned only in passing.
But it is people that determine how firms respond to a cyber attack. Processes and technology are vital, of course. But as our guest this week says, behind every piece of wire, there is a human being.
And it is people who lead the incident response, decide which actions to take, and determine what to prioritise in the immediate aftermath. But the toll on the human mind can be extreme, especially in organisations that do not rehearse critical incidents.
Rebecca McKeown is the director of human sciences at Immersive Labs. A psychologist who has worked with militaries, aviation, governments and organisations involved in critical national infrastructure, she argues that we’re not investing sufficiently in the human side of security response.
And she also discusses the results of a recent study into the way firms prepare their people for cyber incidents, the Cyber Workforce Benchmark report.
Interview by Stephen Pritchard