How and Why Humans Suck at Calculating Risks

Despite believing that we are excellent at calculating risk, history has shown that humans suck at making good risk trade-offs. This is evident in our driving records, gambling, and of course, the cybersecurity posture of our organizations. This talk will explore the phenomenon of risk biases including near-misses, loss aversion, and how we perceive threats. We will then look at how these biases affect our decision making as it relates to security to understand why people introduce vulnerabilities into their organizations and fail to address them in a timely manner.
Masha Sedova
Masha Sedova is an industry-recognized people-security expert, speaker and trainer focused on engaging people to be key elements of secure organizations. She is the co-founder of Elevate Security delivering the first people-centric security platform that leverages behavioral-science to transform employees into security superhumans. Before Elevate, Masha Sedova was a security executive at Salesforce where she built and led the security engagement team focused on improving the security mindset of employees, partners and customers. In addition, Masha has been a member of the Board of Directors for the National Cyber Security Alliance and regular presenter at conferences such as Blackhat, RSA, ISSA, Enigma and SANS.
Learn about Trends in Application Security in 2019Download
+