Cognitive Bias and Security VulnerabilitiesTHE PSYCHOLOGY OF SOFTWARE ENGINEERING

NEIL DIXLEY

Cognitive

Security failures are cognitive failures

Two systems one brain

AutomaticIntuitiveInstinctivePrimaryRapidBlind

ConsideredEffortfulFocusedSecondarySlowerLazy

Cognitive Bias

Anchoring

Loss Aversion

Principle of Authority

Mitigating cognitive failures

Threat Modelling

Check Lists

Security First

Further information

BBC Horizon – How we really make decisions

Wikipedia – List of Cognitive Biases

Cognitive Dissonance – the book

Cognitive Dissonance – the podcast

Thank you

Twitter : @neildixley

www.neildixley.com

Perfect Image