Towards Understanding Cognitive Biases in Cybersecurity Governance
Kratka vsebina
Cognitive biases can influence the decision-making of board members and CISOs responsible for managing cyber risks. However, limited attention has been given to understanding how these biases affect cybersecurity governance, specifically in the communication of risks between CISOs and boards. This paper aims to address this gap by identifying cognitive biases and proposing how these biases influence communication and strategic decision-making in cybersecurity governance. By further examining their impact, we strive to uncover the mechanisms that contribute to underestimations or distortions in risk perception, which can compromise an organization’s ability to respond effectively to cyber threats. This short paper provides three exemplary biases expected to influence communication and decision-making in cybersecurity governance. Following the initial results, we propose a series of interviews with CISOs to reveal the challenges they face when communicating cyber risks to boards, focusing on how biases influence the decisions regarding cybersecurity risks.
Prenosi
Strani
737-744
Izdano
09.06.2025
Zbirka
Kategorije
Avtorske pravice (c) 2025 Univerza v Mariboru, Univerzitetna založba
Kako citirati
Barre, G., Huygh, T., Nguyen, D. K., & Nuijten, A. (2025). Towards Understanding Cognitive Biases in Cybersecurity Governance. In A. Pucihar, M. Kljajić Borštnar, S. Blatnik, M. Marolt, R. W. H. Bons, K. Smit, & M. Glowatz (Eds.), & (Ed.), 38th Bled eConference: Empowering Transformation: Shaping Digital Futures for All: Conference Proceedings (pp. 737-744). Univerzitetna založba Univerze v Mariboru. https://press.um.si/index.php/ump/catalog/book/947/chapter/631
