Highlight the “weakest link”<\/strong> – Loudly and (semi)publicly highlight issues to help thwart inattention to the problem space.<\/li>\n<\/ul>\nWhat irritates me about this isn’t that they’re wrong. \u00a0In fact, I’m sure they’re a) right and b) that these methods work (probably pretty well.) \u00a0And, as such, the savvy practitioner would do well to leverage them accordingly. \u00a0Instead, what irritates me about this is that this is essentially how you’d treat a child. Like, is it me, or couldn’t this list basically also serve as a map for how you’d get your second-grader to do their homework?<\/p>\n
Fundamentally, I expect more – and better – from senior leaders. \u00a0I expect a degree of maturity where they can\u00a0<\/strong>make an objective determination about risks and issues without appealing to their emotions (this, by the way, is the reason that FUD works) or without having to draw on what “the other guy” is doing to illustrate why they’re remiss in not doing something similar. \u00a0Rather than leaning into the natural inclination of executives to be “babies in a suit”, isn’t there a way to cultivate maturity, rationality and objectivity? \u00a0Maybe I’m asking too much… or maybe these behaviors aren’t really as infantile as they appear to me on the surface. \u00a0But really, I’m not a huge fan of “dumbing it down” for people unwilling or unable to step up.<\/p>\n","protected":false},"excerpt":{"rendered":"HBR has a great article up from a few days ago: “The Behavioral Economics of Why Executives Underinvest in Cybersecurity.” It’s an interesting read. If you’re too lazy or swamped to go read it, the gist is that natural human biases are such that the default state of behavior when it comes to investing in […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[14,106],"class_list":["post-287","post","type-post","status-publish","format-standard","hentry","category-security","tag-baby-in-a-suit","tag-security"],"_links":{"self":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts\/287","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=287"}],"version-history":[{"count":0,"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts\/287\/revisions"}],"wp:attachment":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=287"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=287"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=287"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![](\"http:\/\/www.publicdomainpictures.net\/pictures\/30000\/velka\/baby-with-a-laptop.jpg\")
<\/p>\n