Opportunity Cost of Action Bias in Cybersecurity Incident Response

Dykstra, Josiah; Shortridge, Kelly; Met, Jamie; Hough, Douglas E.

doi:10.1177/1071181322661490

Cited by 3 publications

(7 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…According to the Federal Bureau of Investigations, cybercrime accounted for a total loss of $27.6 billion in 2022 [6]. By limiting the resources an adversary has at their disposal in a process called sludge, organizations are able to manipulate the very psychology of an attacker to avoid or slow potential attacks [7]. This can be as simple as a warning or notice explaining that a user will be trespassing which reinforces that what the hacker is doing is wrong.…”

Section: Behavioral Sciencesmentioning

confidence: 99%

“…Conversely, high-interaction honeypots like Sebek & HonSSH offer attackers real operating systems, facilitating deeper engagement and analysis [11]. These systems exemplify the strategic deployment of cyber deception to study and mitigate cyber threats effectively [7].…”

Section: Behavioral Sciencesmentioning

confidence: 99%

“…A honeypot serves to lead malicious actors to a deceptive cyber treasure; it is defined as a security mechanism designed to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems [7]. It can come in the form of a fake file, account, or even network, which seamlessly imitates an asset valuable or vulnerable to potential hackers while reporting their activity in the process [14].…”

Section: The Honeypotmentioning

confidence: 99%

“…In turn, the attackers undergo stress and may be deterred from entering the network. For example, if a company warns to persecute those who enter a network for trespassing, the attacker might lose motivation to do so [7]. The options available only complexify and increase the more utilities a business has.…”

Section: Analysis Of Sludgesmentioning

confidence: 99%

See 3 more Smart Citations

The relevance, effectiveness, and future prospects of cyber deception implementation within organizations

Eng,

King,

Schillaci

et al. 2024

Assurance and Security for AI-enabled Systems

View full text Add to dashboard Cite

Artificial Intelligence (AI) and Machine Learning (ML) based systems have seen tremendous progress in the past years. This unprecedent growth has also opened new challenges and vulnerabilities for keeping AI/ML based systems safe and secure. With a multitude of studies investigating adversarial machine learning (AML) and cyber security for AI/ML systems, there is a need for novel techniques and methodologies for securing these systems. Cyber security is often used as a blanket term meaning all defenses used in the context of cyber. This leaves out methodologies and techniques, being used more offensively, such as cyber deception. This study provides a comprehensive overview of cyber-deception for securing AI/ML systems including its relevance, effectiveness, and its potential for AI/ML assurance. The study provides an overview of behavioral sciences for cyber-deception, the benefits of using cyber deception, and the ethical concerns associated with cyber deception. Additionally, we present a use-case for the utilization of cyber deception with zero-trust architecture (ZTA) for assurance and security for AI/ML based systems.

show abstract

Section: Behavioral Sciencesmentioning

confidence: 99%

Section: Behavioral Sciencesmentioning

confidence: 99%

Section: The Honeypotmentioning

confidence: 99%

Section: Analysis Of Sludgesmentioning

confidence: 99%

See 2 more Smart Citations

The relevance, effectiveness, and future prospects of cyber deception implementation within organizations

Eng,

King,

Schillaci

et al. 2024

Assurance and Security for AI-enabled Systems

View full text Add to dashboard Cite

show abstract

“…Participants incurred more cost to the system in the loss frame, as putting machines into quarantine was generally avoided more than bringing them out (Bos et al 2016). Other factors of decision-making, such as action-bias and opportunity costs have also been examined in defensive contexts (Dykstra, Shortridge, Met, & Hough, 2022a).…”

Section: Introductionmentioning

confidence: 99%

Frustration, Confusion, Surprise, Confidence, And Self-Doubt: Cyber Operators’ Affects During A Realistic Experiment

Gutzwiller,

Gilbert,

Drescher

et al. 2023

Proceedings of the Human Factors and Ergonomics Society Annual

View full text Add to dashboard Cite

In this paper we examine data from a complex two-day experiment with professional cyber red teamers to determine what creates, or contributes, to affective states that may further disrupt attackers. Participants rated their frustration, surprise, confidence, self-doubt, and confusion at the end of each day, and these responses were scored on a Likert scale and using Thematic analysis. We found several elements strongly contributed to the frequency and severity of these affective states, supporting our initial hypothesis, and further that (1) experiencing a Lack of Progress impacted four of the five states with moderate severity, and (2) interacting with elements in the environment that Deviated from what was expected was associated strongly with surprise. Implications for cyber defense and limitations of the method are discussed.

show abstract

Premortems in Game Development Teams: Impact and Potential

Roose,

Lehman,

Veinott

2023

Proceedings of the Human Factors and Ergonomics Society Annual

View full text Add to dashboard Cite

Software design teams need methods to evaluate plans as part of agile development processes. The premortem is a cognitive, structured, analytic technique that supports team plan evaluation and re-planning. Few empirical or longitudinal studies involving premortems exist. Ten game development teams (n=68 members) conducted premortems early on during a year-long game development project. Teams provided initial ratings of their game design plan, then conducted a premortem, and revised their plans. In the premortems, teams identified 17.8 unique reasons on average for project failure and 16.7 mitigations to those failures. Reasons for project failure focused mainly on game design execution, team communication, and game complexity (e.g., too many levels, branching). While most teams identified solutions for these challenges, surprisingly few teams revised their plans to scale back the game design complexity.

show abstract

Opportunity Cost of Action Bias in Cybersecurity Incident Response

Cited by 3 publications

References 15 publications

The relevance, effectiveness, and future prospects of cyber deception implementation within organizations

The relevance, effectiveness, and future prospects of cyber deception implementation within organizations

Frustration, Confusion, Surprise, Confidence, And Self-Doubt: Cyber Operators’ Affects During A Realistic Experiment

Premortems in Game Development Teams: Impact and Potential

Contact Info

Product

Resources

About