Download - Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Transcript
Page 1: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Cognitive Bias and Security VulnerabilitiesTHE PSYCHOLOGY OF SOFTWARE ENGINEERING

NEIL DIXLEY

Page 2: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Cognitive

Page 3: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Security failures are cognitive failures

Page 4: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Two systems one brain

AutomaticIntuitiveInstinctivePrimaryRapidBlind

ConsideredEffortfulFocusedSecondarySlowerLazy

Page 5: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Cognitive Bias

Page 6: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Anchoring

Page 7: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Loss Aversion

Page 8: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Principle of Authority

Page 9: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Mitigating cognitive failures

Page 10: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Threat Modelling

Page 11: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Check Lists

Page 12: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Security First

Page 13: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Further information

BBC Horizon – How we really make decisions

Wikipedia – List of Cognitive Biases

Cognitive Dissonance – the book

Cognitive Dissonance – the podcast

Page 14: Cognitive Bias and Security Vulnerabilities THE PSYCHOLOGY OF SOFTWARE ENGINEERING NEIL DIXLEY.

Thank you

Twitter : @neildixley

www.neildixley.com

Perfect Image