Abstract
I have gained inspiration from the Human Factors in Diving community to start an "A-Zs of cyber security".
D: Debrief. When divers return from a dive, they reflect on: (1) what went right, (2) why did it go right? It is interesting to note that they do not initially focus on what went wrong even though lives can be lost when divers make mistakes. They focus on the positive behaviours that can be highlighted and emphasised for the benefit of others. When organisations experience a Phishing attack, there is often a myopic focus on the employees who fell for the attack. They are usually in the minority, but very few organisations look at the bigger picture: i.e., who saw the Phishing message and spotted it? What can we learn from what they did right so that we can better prepare those who were deceived?
D: Debrief. When divers return from a dive, they reflect on: (1) what went right, (2) why did it go right? It is interesting to note that they do not initially focus on what went wrong even though lives can be lost when divers make mistakes. They focus on the positive behaviours that can be highlighted and emphasised for the benefit of others. When organisations experience a Phishing attack, there is often a myopic focus on the employees who fell for the attack. They are usually in the minority, but very few organisations look at the bigger picture: i.e., who saw the Phishing message and spotted it? What can we learn from what they did right so that we can better prepare those who were deceived?
Original language | English |
---|---|
Number of pages | 2 |
Journal | Network Security |
Volume | 2022 |
Issue number | 3 |
DOIs | |
Publication status | Published - 31 Mar 2022 |
Keywords
- information systems and management
- computer networks and communications
- safety, risk, reliability and quality