Session: Mitigating the Impact of Anchor Bias in Cyber Security Planning
Anchor bias is especially prevalent in cyber security planning. To often, the most recent incident weighs disproportionately on risk calculations that drive spending. Being aware of anchor bias and talking about its impact when planning a cyber security program can empowers organizations to make more rational decisions. At its worst, anchor bias in cyber security planning facilitated a mindset where threats are viewed as atomic problems to be solved rather than complex, integrated systems to be understood, managed, and interacted with.
- Anchor bias drives cyber security decision making in many organizations.
- Awareness of anchor bias improves cyber security planning.
- Anchor bias leads to viewing cyber threats as a problem to be solved, rather than a system to be interacted with and managed.
- Viewing the cyber threat environment as a system to be understood and engaged with improves cyber security planning.
Barbara Vibbert has been active in information security in a variety of roles for 25 years, from systems operations to information security management at large, academic medical centers. For the last 10 years, Barbara has worked in solutions engineering for SonicWall and is currently a Solutions Engineering Manager of a technical team with more than 50 years combined information security experience.