Welcome to the blog

Ever wondered why the way information is presented can change the way you feel about it?
That’s framing bias in action. Focusing on how options are presented—whether highlighting gains or emphasizing losses—can influence our choices without us even realizing it.

In cybersecurity, this bias plays a huge role.
Vendors often emphasize how their solutions help you avoid losses—like data breaches or reputational damage—because they know we’re wired to avoid risk at all costs.
Similarly, hackers are …

Ever wonder why people are so skeptical about AI but seem perfectly comfortable with technologies we use every day, like smartphones or cloud services? It all comes down to the brain—and, spoiler alert, it's stuck in the Stone Age.

Our brains evolved to handle immediate, physical threats—think predators or hostile environments. Today, that same system, driven by the amygdala and limbic brain, reacts to new things, like AI, with fear and skepticism.

Studies show that when faced with something un…

Ever feel like bad things only happen to other people?
That’s optimism bias at work—a cognitive bias that tricks our brains into believing we’re less likely to experience negative events than others.

In our  world of cybersecurity, this bias can cause serious blind spots. As security professionals we may underestimate the likelihood of a cyberattack or data breach happening to our organization, leaving us exposed to threats we aren’t prepared for.

 Let’s explore how optimism bias can affect our s…

Are you, like me, a little number-shy? Don’t worry, we all are.
Our brains simply aren’t built to grasp numbers, decimals, or probabilities naturally. We can recognize 1, 2, 3, 4, and 5, but after that, everything is translated by our subconscious into “many.”

For your subconscious mind, the difference between 1,000,000 and 1,000,000,000 is just “a lot” and “a lot more.” The large numbers are overwhelming, and the distinction becomes hard to comprehend.

But what if you explained the difference…

Visual identity is more than just logos and color schemes—it’s a tool for shaping perception and trust.

In our field of IT security, where clear communication and trust are essential, creating a distinct visual identity for your department can play a vital role.
But what does this have to do with psychology and biases?

Our brains process visual cues much faster than text.

When people repeatedly see consistent visuals, they begin to associate those elements with specific qualities, like professi…

Have you ever noticed the colored bar when creating a new password?
It shows how well your password complies with the rules. The bar’s color shifts from bright red to green as you type, signaling your progress.
That small change can spark a sense of satisfaction, making the task of finding a cryptic, complex, yet memorable password feel less overwhelming.

This password strength indicator is a perfect example of feedback bias influencing secure behavior.

Feedback bias refers to the way people t…

We cybersecurity professionals know that we continously face a constant barrage of decisions: from triaging alerts to assessing risks.
But did you also know that the sheer volume of these decisions can lead to something called decision fatigue?

This phenomenon can subtly degrade your security posture even though it was thorough and well thought from the beginning.

Decision fatigue is the mental exhaustion that results from making too many decisions in a short period.
Already now my guess is th…

The Hidden Dangers of Action Bias in Cybersecurity

In the fast-paced world of cybersecurity, we often feel compelled to respond immediately to threats. This tendency, known as action bias, can lead us to make hasty decisions that aren't always best for long-term security.
Understanding and mitigating your action bias is crucial for developing effective and sustainable security practices and avoiding impulsive decisions.

Action bias is about our tendency to favor taking action over inaction, es…

Imagine encountering a vendor who captivates you with their charm and polished presentation. You find a personal rapport and are persuaded by their convincing pitch. However, there's a catch: our brains are naturally inclined to be biased, which can cause us to overlook potential security risks.

Our bias towards simplicity leads us to make the easiest choice. Our confirmation bias causes us to favor vendors who reinforce our existing beliefs. Additionally, our availability bias can lead us to c…