If human error is responsible for many cyberattacks, then businesses cannot ignore the impact of human traits and characteristics on employee cybersecurity habits. Cyber-security has long been thought of as the responsibility of IT; but to build a holistic cybersecurity strategy that accounts for the human factor, IT and HR departments must work together. Using psychometric testing and self-awareness tools, HR can help to identify the make-up of teams and pinpoint where potential vulnerabilities exist. IT teams can use this insight.
That is the background to a joint white paper from the cyber firm ESET and the personality and ability assessment firm The Myers-Briggs Company: “Cyberchology: The Human Element”. It argues for a holistic cyber-security strategy that takes individual personalities into account alongside cyber software. The report speaks in terms of IT resilience; confident employees who are educated on cyber-security best practice are the foundation of a resilient strategy, the report says.
As the report says, most cyber-attacks are successful not because of the hacker’s skill, but due to human error or oversight. Hence a significant challenge during COVID-19 has been the increase in cyber-security risk, caused by the human factor. The report says: “The ways in which people prefer to digest information and communicate can play a role in how different team members approach cybersecurity, as all personality types have different strengths and blind spots that can impact the outcome of a
cybersecurity attack.”
The Myers-Briggs Type Indicator (MBTI) personality model looks at four areas of personality type – Extraversion or Introversion, Sensing or Intuition, Thinking or Feeling and Judging or Perceiving.
On the findings of the Cyberchology paper, Jake Moore at ESET said: “Remote working has brought greater flexibility to the workforce, but has also dramatically altered business processes and systems. The combination of fractured IT systems, a lack of central security, the sudden shift to home working, and a global climate of stress and concern is a perfect breeding ground for a successful cyberattack. The fact that only a quarter of businesses have faith in their own remote working strategy is shocking, and shows there is much work to be done to secure working from home.”
And John Hackston, Head of Thought Leadership at The Myers-Briggs Company, said: “Cybersecurity has long been thought of as the responsibility of IT departments alone, but to build a holistic cybersecurity strategy that accounts for the human factor, IT and HR departments must work together. Through the use of psychometric testing and self-awareness tools, HR can help to identify the makeup of teams and pinpoint potential vulnerabilities. IT teams can use this insight to create comprehensive security protocols and a proactive cyber strategy to stay one step ahead of potential threats.”
