Abstract
Cyber risk professionals face a formidable challenge in keeping pace with the asymmetric nature of today’s advanced threats in cyber security. Spending on cyber security has skyrocketed yet the threat continues to grow exponentially. This phenomenon is called the Cyber Paradox and describes what has become an entrenched battle for security professionals in defending against an increasingly sophisticated adversary that, to date, has adapted faster than defensive measures to prevent loss of data or access to sensitive information. Conventional security defenses have proven less than effective resulting in a virtual “Maginot’s Line” of increased fortification by hardening the enterprise yet resulting in greater vulnerability to achieving the goals of defending the organization from cyber threats (“Maginot’s Line”, n.d.). This article reviews the causes of these misperceptions in security defense and explores research in decision science, intelligence and security informatics, machine learning, and the role of simplicity in shaping a cognitive risk framework. The findings conclude that the human-machine interaction is the greatest threat in cyber space yet very few, if any, security professionals are well versed in strategies to close this gap. The purpose of this article is to bring to light evolving new strategies with promising success and to reveal a few surprises in how simplicity is an under-appreciated strategy in cyber security. Complete text of “Cognitive Hack: The New Battleground in Cybersecurity … the Human Mind” is available here: https://www.crcpress.com/Cognitive-Hack-The-New-Battleground-in-Cybersecurity--the-Human-Mind/Bone/p/book/9781498749817
Additional information
Notes on contributors
James Bone
James Bone is a lecturer at Columbia University’s School of Professional Studies in the Enterprise Risk Management program and consults on ERM practice. James is the founder and president of Global Compliance Associates, LLC and Executive Director of TheGRCBlueBook. TheGRCBlueBook is the largest online directory of tools for risk, audit, compliance and IT professionals.
Bone has 36 years of management experience and has served as a senior risk executive for financial services firms, government agencies and adviser to private equity and venture investors. James founded Global Compliance Associates, LLC to create the first cognitive risk management advisory practice.
Bone is author of Cognitive Hack: The New Battleground in Cybersecurity – The Human Mind (Taylor and Francis, 2016) and is contributing author of numerous articles for Compliance Week, Corporate Compliance Insights, and Life Science Compliance Updates.
James graduated Drury University with a B.A. in Business Administration, Boston University with M.A. in Management and Harvard University with a M.A. in Business Management, Finance and Risk Management.
James has served as trustee for Drury University, the Aloha Foundation, and the William M. Davies, Jr. Technical High School. In 2012, he led a successful Presidential Search for Drury University in Springfield, Missouri, and received an honorary Ph.D. in Humane Letters. He can be reached at [email protected] or [email protected].