James Bone introduces the first Cognitive Risk Framework for Cybersecurity and Enterprise Risk Management as a complimentary component of a more resilient risk program. Every risk framework is focused on process, procedures, and policies but ignores the challenges humans bring to the equation. No risk framework before has provided a path for how to incorporate the human at the center of better risk governance.
After conducting research on the Cyber Paradox, which is a conundrum of rapid growth in cyber risk while organizations invest billions on cyber security, I wanted to learn shy this paradox continues unabated. What I found is that the human element is the easiest path to bypassing information security controls and may be one of the key answers to responding to improving security. Cognitive Hack: The New Battleground in Cybersecurity....the Human Mind sets the context for why a new risk framework is needed.
The 2016 US presidential election brought to the public awareness a new risk that is still not well understood but has been part of the history of the internet from the beginning. Researchers from Dartmouth University coined the term, "Cognitive Hack" which is an attack on the behavior and action of individuals at the human-machine interaction.