Cyberchology: psychometric tests are a key weapon in battle against cyber security breachesCyberchology: Could psychometric tests lessen vulnerability to cyber security breaches? New research reveals different personality types have different susceptibilities to cyber crime
What personality type are you? According to new research from ESET and The Myers-Briggs Company, organisations engaging in the war against cyber security breaches can help themselves to a new weapon: Cyberchology, applying psychometric tests.
The Cyberchology report found that as far as cyber security is concerned, different personality types have different strengths and weakness.
The Cyberchology report looked at five personality types, which presumably overlap.
- Extraverted personality — those that work out ideas by talking them through
- People with a preference for sensing — those that observe and remember details
- People with a preference for Feeling — those guided by personal values
- And people with a “preference for Judging — those who are systematic or structured.
- People with a preference for Thinking (those who solve problems with logic).
It found that those with extraverted personality “tend to be more vulnerable to manipulation, deceit, and persuasion from cybercriminals” — or social engineering attacks. On the other hand, people with extraverted personality, because they tend to be highly tuned to external communication, “are generally faster to pick up on attacks coming in from outside.”
AI-led cyber security training: the key to mitigating the human error threat
Phishing attacks are less likely to be effective if they are targeted at people with a preference for sensing. On the other hand, people with these personalities are more likely to take cyber security risks. There is a nuance here. It turns out that the cyber security risk takers are more likely to be people in this group who have a “preference for
Perceiving and/or Extraversion.
As for people who have a preference for feeling or judging, they “are more likely to fall victim to social engineering attacks than those with a preference for Thinking. But they also. tend to be more cautious and therefore more rigorous when following cyber security policies.
However, the ‘Thinking’ group can over-estimate their own competence, leading to mistakes.
The ESET and The Myers-Briggs Company Cyberchology report suggests that psychometric tests can be used to build self-awareness, thereby reducing vulnerability to potential cyber security breaches.
“Individuals and their managers (rather than IT departments and outside contractors) are the key players where cyber-security is concerned,” suggested the report.
Cyber security best practice: Definition, diversity, training, responsibility and technology
The Cyberchology paper highlights current cyber threats such as Formjacking, PowerShell and IoT attacks.
“Cyber attacks are almost considered business as usual because they have become so frequent,” it said and “criminals’ modus operandi are extremely diverse and unpredictable and, aside from a reputable and trustworthy cyber solution, having a solid front line of employees who are armed with ample information and support is critical for businesses.”
Jake Moore, Security Specialist at ESET, says that “securing the human element is vital in today’s fast-changing cyber landscape. We are seeing a growing need for companies to streamline their teams’ cyber safety protocols.”
While the motivation behind a cyber attack may be varied and impossible to predict, companies can take the time to learn more about their employees’ personalities and behavioural preferences to help them understand the role they play in securing company data.