Including the human factor in cyber security to minimize the pain of ransomware attacks by building emotional firewalls. When we help people overcome the impulse of fear, decisions based on reason can prevail.
Until two years ago, cybersecurity was primarily used as a sexy buzzword, a trending phenomenon reserved and understood by few. Today, cyber breaches worldwide are the root cause of digital pain for many societies, sectors, and organizations worldwide. The cyber threat landscape is evolving at an alarming pace because of the pandemic. Cybercriminals have an in-depth understanding of how to prey on the human vulnerability of a remote or hybrid workforce.
No matter how much an organization invests in technical firewalls that are state of the art, emotional firewalls cannot be managed or upgraded like technology. The rising digital virus of the 21st Century is by far Ransomware. The pain of this type of cybercrime is visible in all corners of the world, with no mercy in inflicting digital, mental, and financial distress to organizations and people.
There are known cases of companies having paid Ransomware several times as the hackers keep circumventing their technical systems, which are outdated or where insider threats and human error prevailed. A solution such as a ransomware kill switch only addresses the symptoms and not the root cause, with potentially devastating consequences for business disruption, loss of employee productivity, and the lack of resources to reformat networks or reconfigure cloud architectures. This article explains why the kill switch alone is not always the best option.
In the US, and according to the Sophos report, among those companies surveyed, the average cost of a ransomware attack was $732,520 when the ransom was not paid, and double that — $1,448,458 — if the ransom was paid. In some countries, it is even illegal to pay as others are contemplating regulations to extend this under their national rules.
The invisible pain that is traumatizing institutions as a whole is the human factor. The impact on people and the disruption in their lives is not to be underestimated. The stress, pressure, and anxiety in navigating a ransomware attack are taking their toll on people. Schools and universities are facing an unprecedented disruption to their educational system. Financial institutions are losing the trust and confidence of their customers as their digital privacy and assets are being hijacked.
The healthcare sector faces unimaginable dilemmas while being plagued by ransomware attacks and saving lives.
How can we minimize the pain of ransomware attacks and help people navigate this digital virus with reason over emotion beyond their fear levels?
By assisting them in building emotional firewalls.
What is Emotional Intelligence?
Emotional Intelligence (EQ) is a set of emotional and social skills that collectively establish how well we perceive and express ourselves, develop and maintain social relationships, cope with challenges, and use emotional information in an effective and meaningful way. Emotional intelligence is not a measure of cognitive intelligence (like IQ) but a measure of professional aptitude, vocational interest, or personality preferences (like psychological type/temperament).
While many people remain uninformed about the EQ-i and assume that it is “touchy-feely” and overly reliant on emotional and subjective issues, the EQ-i 2.0 is a scientifically validated tool used worldwide that deals with many objective elements, including Problem Solving, Reality Testing, Flexibility, and Independence to name just a few. EQ is a vital skill set to help people respond to their immediate surroundings, challenges, and environment in the short term. At the same time, IQ is necessary for long-term and strategic thinking.
Imagine your IQ is your elevator in life, and your EQ is your trajectory upwards. It would be best if you had both.
The concept of emotional intelligence has brought new depth to the understanding of human intelligence; it enhanced the ability to evaluate one’s general or overall intelligence. Emotional intelligence is concerned with understanding oneself and others, relating to people, and adapting to and coping with the immediate surroundings to be more successful in dealing with environmental demands. Emotional intelligence is tactical (immediate functioning), while cognitive intelligence is strategic (long-term capacity). Emotional intelligence helps to predict success because it reflects how a person applies knowledge to the immediate situation. In a way, to measure emotional intelligence is to measure one’s “common sense” and ability to get along in the world.
When applied in the cybersecurity world, emotional intelligence can help people build their emotional firewalls and have several lines of defense when feeling triggered by feelings of fear.
Research has shown that emotions are linked with people’s perceptions and concepts stored in different brain regions. These are also referred to as “cognitive biases” that make up people’s map of the world. Imagine everyone has filing cabinets with information stored from the past as their blueprint for behaving and responding to their immediate environment.
Everyone sees, perceives, and processes information within their map of the world based on past experiences, childhood upbringing, and cognitive biases. In a nutshell, and without entering the realm of neuroscience, concepts trigger emotions, and emotions drive behavior, e.g., people’s response options.
Dr. Lisa Feldman Barret, renowned brain research and author of the book – How emotions are made, explains how emotions are constructed in a more in-depth level of granularity.
Emotional firewalls can help people exercise responding instead of reacting to their immediate environment and cultivating healthy response options, which is the stepping stone for behavioral change. It requires using empathy on steroids which is easier said than done when fighting fires to ensure minimal risk of cyber breaches occurring or amplifying.
How does it work?
When faced with a ransomware attack, people have two options: to pay or not to pay. Let’s look at a fictional persona, Jason, who is a high-profile person of interest and works in the critical services industry.
Option A: Jason pays
Option B: Jason refuses to pay
If Jason bases his decision on fear, the consequences could be more catastrophic than if he applies reason. Without considering the complex legal, financial, and business landscape of ransomware consequences, the emotional intelligence techniques refer to help people overcome the emotion of fear and decide from a place of reason. By applying a three-step emotional intelligence process, people like Jason can make informed decisions, own the consequences and navigate the results with an empowered emotional resourceful state.
Step one focuses on emotional diffusion techniques. When our brain perceives a threat, it sends our body into a fight, flight, or hide mode. Our emotions of fear and anxiety drive our decision-making ability as we experience an amygdala hijacking of the mind. In other words, our brain shrinks into the size of a peanut, and thus our judgment is clouded (https://www.healthline.com/health/stress/amygdala-hijack#overview) . Emotional diffusion techniques help people feel safe in their mind and body and regain a state of calmness to act from a place of reason.
Step two focuses on using the 360—degree perspective technique, which is helping people like Jason look at the situation from his perception, from a third-party perception, from an observer perception, from a group and organizational perception. These different perceptions allow Jason to gain a broader understanding of what is happening and see beyond the narrow survival instinct mode. All this information helps people like Jason to make a decision based on reason instead of impulse.
Step three focuses on is visualization techniques. What separates the human mind from any other species is our ability to use our imagination. Often though, we use visualization in the form of worrying. In expecting the worst-case scenarios as our mind is wired by default in negative thinking to keep us safe. The use of visualization techniques also helps people navigate their uncomfortable emotions of fear and anxiety to create a new mental representation of the unfamiliar territory. One of the number one reasons why fear takes control during heightened stress is the gap in our minds. The more we know, the less we fear. By helping people like Jason visualizing their action plan of both options and seeing themselves navigating the consequences of both situations, their emotional intensity will reduce. They will no longer be governed by fear, as they now have a mental representation of what that looks like and how it feels like.
There is no one size fits all solution in reducing the risk of Ransomware. But omitting the human factor and the potential in minimizing people’s pain and organizational disruption through the science of emotional Intelligence can go a long way in building emotional firewalls against cybercrime.
“Imagination is more important than knowledge. For knowledge is limited to all we now know and understand, while imagination embraces the entire world and all there ever will be to know and understand.”- Albert EinsteinDownload Cyber Scenarios Catalogue