Inge van der Beijl on how human psychology shapes the cyber landscape

Cybercriminals only have one aim – earning money – and they will do everything to achieve it.

In this episode, Inge van der Beijl analyses the psychological aspect of cybercrime, focusing on how hackers use human psychology against their victims, but also how we can leverage behavioural science to defend our organisations from cyberthreats.

Human
Firewall
Podcast

Listen now

Episode 4: Find out why psychology and behavioural science are the foundation of building a strong cyberoriented organisation.

Overview of episode 4

Want to skip to the topics that matter most to you? Our detailed overview with timestamps allows you to jump straight to those sections.

Minute	Description
00:00:57 – 00:03:30	Welcome and introduction to Inge van der Beijl, our expert in this conversation.
00:03:30 – 00:12:02	Why cybercriminals leverage behavioural science, psychology, and human interactions to target companies.
00:12:02 – 00:18:20	How ransomware and other monetization models are shaping the ongoing professionalization of cybercrime.
00:18:20 – 00:31:16	Insights into the negotiation process with cybercriminals.
00:31:16 – 00:46:02	How can companies protect themselves against cyberattacks and bring more attention to the topic at the board level?

Highlights & key learnings

You can have your system fully protected with technical measures and security management, but if you don’t strengthen your human layer, you’re lacking capacity.

• Human element in cyber security: Human error remains a significant factor in cyber security breaches, with approximately 90% related to human actions or oversight. This emphasizes the importance of integrating psychological and behavioural science into cyber security strategies to mitigate risks effectively.
• Attack techniques: Attackers leverage psychological tactics, such as urgency and authority, in phishing emails to manipulate individuals into disclosing sensitive information or taking actions that compromise security.
• Evolving ransomware trends: Ransomware has evolved beyond mere data encryption to include data theft, increasing the stakes for affected organisations, both private and public. Attackers now employ double or triple extortion tactics, adding pressure during negotiations.
• Response strategies: An effective response to ransomware attacks requires a multidimensional approach, including technical solutions, crisis management plans, and employee training.
• Behavioral science in defence: Leveraging behavioural science on the defensive side involves creating a human-oriented and cyber-safe culture through training, organisational landscape design, and leadership engagement.
• Psychological impact on professionals: Cyber security professionals face significant stress due to the nature of their roles, including high-stakes decision-making during crises. Providing support and resources to address mental health concerns is crucial.
• Board-level awareness: It’s essential to raise awareness of cyber security risks at the board level to secure necessary resources and support for cyber security initiatives. Engaging in dialogue, sharing stories, and maintaining continuous attention effectively keep the conversation alive.
• Understanding and trust: Understanding why the attack happened is vital for effective cyber security responses. Building trust through conversations with employees on all levels can enhance cyber security resilience and build a stronger human layer.

The combination of training, landscape, and leadership is the golden ticket toward a cyber-safe culture.

Deepen your knowledge: Further information

• Conti Leaks: Insights into the hacker group, their hierarchy and organisational structure, and how they operate.
• Mental well-being and cybercrime: Research from the Faculty of Behavioural, Management and Social Sciences, University of Twente, about the psychological impact of cybercrime on victims.
• Rise of hacktivism in the Ukraine conflict: How hacktivism influences the Russia-Ukraine conflict.
• Human Risk Review: Our 2023 report reveals the state of cyber security awareness and how organisations can benefit from behavioural science insights.

Discover more podcast episodes

In this episode, the insights expert Inge van der Beijl reveals how people are on both sides of the cyber landscape. By focusing on human behaviour and analyzing the psychology behind attacks from both perspectives, we can give employees the resources to recognise and deflect various attacks.

If you enjoyed this podcast episode and would like to continue exploring Inge van der Beijl’s talk, you can watch her full talk at HuFiCon23, along with many others, by visiting our HufiCon livestreams.

Human
Firewall
Conference

Learn more

Discover inspiring talks and valuable expert knowledge