One of the biggest obstacles in cybersecurity? Labeling people as the weakest link, says Dr. Margaret Cunningham, experimental psychologist and Principal Research Scientist for Human Behavior at Forcepoint’s X-Lab. She shares why this approach is unproductive, the role human factors plays in her research, as well as human performance, mistakes, and rulebreaking.
Show Notes
Dr. Margaret Cunningham is an experimental psychologist and the Principal Research Scientist for Human Behavior at Forcepoint’s X-Lab. In this role, she serves as the behavioral science subject matter expert in an interdisciplinary security team
driving the development of human-centric security solutions. Previously, she supported the Human Systems Integration branch of The Department of Homeland Security.
In this episode, we talk about:
- Why saying “people are the weakest link” is not a productive mindset when it comes to cybersecurity.
- How we can thoughtfully create systems/designs that mitigate the risk of human limitations.
- The Human Factors Analysis and Classification System (whether you are in UX or cybersecurity, you will likely find this framework interesting).
- The nuances around errors and rulebreaking and how we can, ideally, learn from our employees’ behavior to make the systems and the organization better.
What is Human-Centered Security?
Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.