|(Artwork from Microsoft Open Source)|
Tuesday, December 17, 2013
Neuroscience, Risk and Security
In other words, I came to realize that neuroscience should play a key role in helping security professionals understand the attacker’s “brain” so to speak and thus their motivations.
Last night I had a fascinating discussion on this very subject with my friend and colleague Mr. Samad Aidane. Samad and I first met in 2004 or so when I was the information security manager/CISO at the Port of Seattle. Samad was a newly hired project manager. Since then we have both expanded our horizons and Samad has evolved his expertise in the realm of neuroscience and project management as well as risk.
Anyway, our conversation tonight revolved around Samad’s new research and focus on the neuroscience behind effective project management and risk. In fact, Samad has even begun a blog at Neurofrontier.com to expand his and his reader’s awareness of neuroscience and leadership. I’d like to suggest you take a look at his blog and get a sense of his perspectives on this new science.
A key take-away from my conversation with Samad was that how the brain functions when analyzing risk may be excellent knowledge for security and risk professionals to leverage when dealing with risk analysis decisions. Similarly, understanding how the brain functions when establishing attack and defense concepts may be very useful to the cyber and physical security defender. And, of course, if you lean on the concept of “Assumption of Breach” for your enterprise cyber and physical defense, perhaps knowing how the brain functions and reacts could be very useful.
I am excited about the new ideas raised by Samad last evening and I look forward to our next meeting and discussions. In the meantime, take a moment to look at Samad’s website and review some of his ideas. You may see a sliver of some new concepts for the security profession to lean on as we try to stop the bad guys!
 For my past articles on this subject please go to my article in Asian Power at http://asian-power.com/node/11144 or my article in SearchSecurity at http://searchsecurity.techtarget.com/tip/Assumption-of-breach-How-a-new-mindset-can-help-protect-critical-data