behavioural change

Understanding behavioural change is a crucial aspect of better understanding the human factor. If we hope to influence behaviour then we need to better understand human behaviours, decision-making and motivations. The leading expert in this today is Dan Ariely and we are thrilled to have him as a guest on the podcast. Behavioural change is a large part of the work we have to do when it comes to improving security outcomes, and the work by leading thinkers such as Dan is really helping to pave the way.

Dan Ariely was recently voted as the second most influential psychologist in the world. He is a professor of psychology and behavioural economics at Duke University and a founding member of the Center for Advanced Hindsight. He is the author of the bestsellers Predictably IrrationalThe Upside of Irrationality, and The Honest Truth About Dishonesty – as well as the TED Book Payoff: The Hidden Logic that Shapes Our Motivations. Through his research and his (often amusing and unorthodox) experiments, he questions the forces that influence human behavior and the irrational ways in which we often all behave.

Behavioural Change in CyberSecurity

In this episode, Dan Ariely joins Bruce Hallas to discuss behavioural economics and its role in better organising operating environments and how we can use this in the cybersecurity industry. Dan’s speciality is in the study of behavioural economics with a focus on communicating his findings in a language anyone can understand so this makes him an ideal guest for the podcast.

‘[His] immersive introduction to irrationality took place many years ago while [he] was overcoming injuries sustained in an explosion. The range of treatments in the burn department, and particularly the daily “bath” made [him] face a variety of irrational behaviours that were immensely painful and persistent. Upon leaving the hospital, [he] wanted to understand how to better deliver painful and unavoidable treatments to patients, so [he] began conducting research in this area.

[He] became engrossed with the idea that we repeatedly and predictably make the wrong decisions in many aspects of our lives and that research could help change some of these patterns.’ [1]

“You have to understand that part of your job as a security expert is not just to create security but to create appreciation. Because if you create security with no appreciation, you’re not going to get people to value it and want to participate in it.”

Join Dan Ariely and Bruce Hallas as they discuss:

  • What behavioural economics is (10:50)
  • Preferences, how we form them, and the effect our preferences have on our behaviour. (19:01)
  • Untapped demand, or the idea that there’s a big difference between people’s preferences and what they end up doing, and the fact that those differences have a lot to do with friction (the easiest decision will often be the one that is chosen) (23:04)
  • The role of behavioural economics in better designing the operating environment within which employees are trained and work within in order to maximize the potential for positive cyber security behaviours (24:56)
  • The concept of “endowment”, or the idea that people who have contributed to something feel a greater sense of value about that something as well, and the “Ikea effect”, which simply understood is that labour leads to love (29:39)
  • Value cues, and the need for cybersecurity policy creators to communicate the value of following their policies to their audience (33:59)
  • Another big challenge in the cybersecurity industry – the fact that security failures happen infrequently, and what that teaches people about how they need to behave (41:36)
  • Effective and ineffective methods for motivating positive cyber security behaviours from employees (44:30)
  • The effect of overconfidence in our own knowledge and ability on our behaviours (49:17)

“One of the biggest challenges is to get people to admit we are fallible.”

Further Reading & Research

Here is one of Dan’s famous TED talks on decision-making.


About Dan Ariely

You can find out more about Dan at his website or you can follow him on Twitter.