SlideShare uma empresa Scribd logo

How Near-Miss Bias Affects Risk-Based Decisions

Jordan Schroeder
Jordan Schroeder

Once you have calculated risk to present to decision makers, your job is not yet done. The data you present is perceived through cognitive filters before a decision is made. Near-Miss Bias is a cognitive bias that affects risk decision-makers in particular and Risk Professionals need to know how to communicate risk in such a way as to account for this effect.

Tecnologia
1 de 36
Baixar para ler offline
HOW NEAR-MISS BIAS AFFECTS RISK-BASED DECISIONS JORDAN SCHROEDER, CISSP, CISM
INTRO WHO AM I ▸ Member of the GRC team at Visier, Inc ▸ Moderator of Security StackExchange ▸ Former teacher, actor, singer, director, Coast Guard Officer, undertaker, database designer, tax preparer, business owner, day trader ▸ http://www.linkedin.com/in/schroederjordan ▸ http://security.stackexchange.com/users/6253/schroeder ▸ https://gophishyourself.wordpress.com
INTRO RISK IS NOT ENOUGH ▸ You’ve done your calculations ▸ You’ve drafted a clear report ▸ Your research shows that a Threat is not going away ▸ You present your report expertly to decision makers ▸ They make the wrong decision … ▸ Why??
INTRO RISK IS NOT ENOUGH ▸ Data alone does not result in appropriate action ▸ Data is interpreted by the audience through a number of filters ▸ Those filters determine the resulting action ▸ “Near-Miss Bias” is a unique filter that requires specific handling
INTRO THIS PRESENTATION IS A SUMMARY OF: 2008 How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Robin L. Dillon Catherine H. Tinsley McDonough School of Business, Georgetown University, Washington, D.C. 20057
INTRO THIS PRESENTATION IS A SUMMARY OF: 2012 How Near-Miss Events Amplify or Attenuate Risky Decision Making Robin Dillon-Merrill Catherine H. Tinsley Mathew A. Cronin
 McDonough School of Business, Georgetown University, Washington, D.C. 20057
WHAT IS IT?
WHAT IS IT? COLUMBIA SHUTTLE DISASTER 2003
WHAT IS IT? COLUMBIA SHUTTLE DISASTER 2003 ▸ Shedding of tank foam during ascent happened frequently ▸ Caused by debris hitting the tanks ▸ “With each successful landing, it appears that NASA engineers and managers increasingly regarded the foam- shedding as inevitable, and as either unlikely to jeopardize safety or simply an acceptable risk.” ▸ (Columbia Accident Investigation Board Report, Volume 1, 2003, p. 122) Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
WHAT IS IT? COLUMBIA SHUTTLE DISASTER 2003 ▸ Probabilistic analysis performed in 1990 determined that debris strikes could be catastrophic ▸ Foam loss occurred on 10% of flights ▸ Damage to foam every flight, with an average of 143 divots per flight ▸ How could this ‘obvious’ problem be overlooked? Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
WHAT IS IT? NASA EXPERIMENT ▸ Information Management Business students (with training in stats and probabilities) put through a simulation where they have to navigate the Mars Rover from one crater to another ▸ Each simulated day, given a weather report, the participant needed to decide to stay or move on given the weather’s chance of causing a wheel failure Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
WHAT IS IT? NASA EXPERIMENT ▸ Those who ‘survived’ the risky choices were more prone to making riskier decisions for the next day ▸ Even when presented with the probabilities afresh each day, participants still incorporated the previous successes into their decisions, even if they did not make as many risky decisions ▸ When given the choice of knowing Near-Miss data or other data, participants were less likely to seek other data Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
WHAT IS IT? NEAR-MISS ▸ People tend see events as linked and not independent ▸ “hot streaks” ▸ People with Near-Miss information tend to skew towards riskier decisions Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
WHAT IS IT? NEAR-MISS ▸ People do not ignore the other data ▸ People use the data from the Near-Miss events as a source of optimism ▸ More Near-Miss data exacerbates the problem Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
WHAT IS IT? NEAR-MISS SPECULATION: BAYES ▸ Near-Miss data incorporated with statistical data ▸ Like an inherent Bayesian analysis ▸ “My successes were because the probabilities were general and not applicable to my specific situation. My probabilities are different.” ▸ (Stats) x (Near-Miss adjustment) ▸ version of the Gambler’s Fallacy Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
WHAT IS IT? INFOSEC NEAR-MISSES ▸ Viruses caught on endpoints ▸ Brute-force attempts ▸ “Background radiation” ▸ Phishing domains ▸ Vishing calls
WHAT IS IT? INFOSEC NEAR-MISSES ▸ “We have never had a breach” ▸ that we know about … ▸ “All these alerts are just noise” ▸ Incident Response teams are absorbing a lot of budget in hunting down all these false positives ▸ “They are just script-kiddies who don’t know what they are doing” ▸ There is no real threat
MISS - COMMUNICATING
MISS - COMMUNICATING NEAR-MISS COULD BE INTERPRETED TWO WAYS ▸ Disasters that did not occur ▸ Resilient Risks ▸ “Yay! I didn’t die!” ▸ Disasters that almost happened ▸ Vulnerable Risks ▸ “OMG! I almost died!” Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
MISS - COMMUNICATING RESILIENT RISKS ▸ Results in riskier behaviours ▸ Reduction in mitigating behaviours ▸ Explicit Likelihood calculations do not change ▸ merely quietly ‘enhanced’ with a Bayesian factor when there is a call to action Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
MISS - COMMUNICATING THE HIDDEN CALCULATION ▸ You present your risks ▸ You present your calculations ▸ Your audience agrees with it all ▸ Your audience quietly applies their own Bayesian Near- Miss factor ▸ Your audience then decides ▸ budget, personnel, InfoSec projects, etc. Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
MISS - COMMUNICATING PRESENT VULNERABLE RISKS ▸ If Near-Miss information was communicated as Vulnerable Risks, (“we almost died!”): ▸ and if the audience accepts that framing ▸ the effects of Resilient Risks are countered ▸ more mitigating behaviours are used Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
MISS - COMMUNICATING VULNERABLE CHALLENGES ▸ The audience might not accept your framing ▸ becomes a messaging issue ▸ Creates a tone of negativity (less fun, less value) ▸ The mitigations become devalued! ▸ The messenger becomes devalued! Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
MISS - COMMUNICATING COMMUNICATING RISK ▸ Focus on the Probabilities ▸ Frame past events as independent and not a chain ▸ Focus on the potential impact ▸ Frame Near-Misses as Vulnerable Risks Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
MISS - COMMUNICATING COMMUNICATING RISK - JORDAN ▸ Focus on Procedural Resiliency ▸ Combat Vulnerable Risk negativity by celebrating the resiliency of the Risk process ▸ “Yay! We are surviving because we are using the right mitigations!” ▸ Make insurance sexy
MISS - COMMUNICATING COMMUNICATING RISK - JORDAN ▸ Our detective controls are working! ▸ IR teams have confirmed that our users, our data, and our systems have not been compromised ▸ Our defences are effective against script-kiddies ▸ What are they not effective against?
NEAR-MISS AS RISK ASSESSMENT
MISS - ASSESSMENT CHEAP DISASTERS ▸ Treating Near-Misses as Resilient Risks means that one might ignore them ▸ Instead, treat them as Actualized Risks for purposes of Risk Assessment ▸ Disasters that don’t cost the organization anything Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
MISS - ASSESSMENT CHEAP TRICKS ▸ Often the same pre-conditions as a real disaster ▸ Easy way to identify hazardous conditions ▸ Encourage and reward the reporting of Near-Misses ▸ Helps to encourage an organizational culture of safety Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
MISS - ASSESSMENT EXAMPLE IN INFOSEC ▸ A/V alerts that it caught a virus in an email attachment ▸ not executed, no actualized risk ▸ Every once in a while, treat it as though it was an actual infection ▸ Run the Incident Response process ▸ great training for new members ▸ Identify all vulnerable areas that were involved
MISS - ASSESSMENT EXAMPLE IN INFOSEC ▸ Recalibrate the Risk Assessments of that area ▸ Mitigate vulnerable areas ▸ Trains everyone involved ▸ Streamlines the processes ▸ Encourages a culture of safety ▸ Old-fashioned fire drill but with a real threat
SUMMARY
SUMMARY NEAR-MISS ▸ Past events seen as linked ▸ Near-Misses used to adjust probabilities ▸ Near-Miss data preferred over other data ▸ Used to justify riskier behaviours
SUMMARY COMMUNICATING NEAR-MISS ▸ Focus on Probabilities ▸ De-link events ▸ Focus on potential harm ▸ Shift to Vulnerable Risks ▸ Focus on Procedural Resiliencies ▸ Combat negativity
SUMMARY NEAR-MISS ASSESSMENTS ▸ Treat Near-Misses as opportunities ▸ Cheap Disasters ▸ Fire Drills ▸ Identify Vulnerable areas ▸ Communicate the importance of reporting Near-Misses ▸ Encourage a culture of safety
THANK YOU &
 HAPPY RISKING!

Recomendados

Crisis comunication powerpoint
Crisis comunication powerpointCrisis comunication powerpoint
Crisis comunication powerpointMeaganTaylor16
 
Crisis communication, Response to Crisis Situations
Crisis communication, Response to Crisis SituationsCrisis communication, Response to Crisis Situations
Crisis communication, Response to Crisis SituationsWilliam Hoffman
 
Looking-Beyond-Disaster-Toolkit-Draft-No-Images
Looking-Beyond-Disaster-Toolkit-Draft-No-ImagesLooking-Beyond-Disaster-Toolkit-Draft-No-Images
Looking-Beyond-Disaster-Toolkit-Draft-No-ImagesHirotaka Koike
 
Rising Waters, Difficult Decisions: Findings from the Calgary flood project
Rising Waters, Difficult Decisions: Findings from the Calgary flood projectRising Waters, Difficult Decisions: Findings from the Calgary flood project
Rising Waters, Difficult Decisions: Findings from the Calgary flood projectglennmcgillivray
 
affinity categories
affinity categoriesaffinity categories
affinity categoriesVidhi Mehta
 
59185 11p
59185 11p59185 11p
59185 11pBeulah Heights University
 
Risk Communication
Risk CommunicationRisk Communication
Risk CommunicationBruce Sundeen
 
Order from chaos: Interplay of Social Media and Crisis Communication
Order from chaos: Interplay of Social Media and Crisis CommunicationOrder from chaos: Interplay of Social Media and Crisis Communication
Order from chaos: Interplay of Social Media and Crisis CommunicationTimothy Coombs
 

Recomendados

Crisis comunication powerpoint
Crisis comunication powerpointCrisis comunication powerpoint
Crisis comunication powerpointMeaganTaylor16
 
Crisis communication, Response to Crisis Situations
Crisis communication, Response to Crisis SituationsCrisis communication, Response to Crisis Situations
Crisis communication, Response to Crisis SituationsWilliam Hoffman
 
Looking-Beyond-Disaster-Toolkit-Draft-No-Images
Looking-Beyond-Disaster-Toolkit-Draft-No-ImagesLooking-Beyond-Disaster-Toolkit-Draft-No-Images
Looking-Beyond-Disaster-Toolkit-Draft-No-ImagesHirotaka Koike
 
Rising Waters, Difficult Decisions: Findings from the Calgary flood project
Rising Waters, Difficult Decisions: Findings from the Calgary flood projectRising Waters, Difficult Decisions: Findings from the Calgary flood project
Rising Waters, Difficult Decisions: Findings from the Calgary flood projectglennmcgillivray
 
affinity categories
affinity categoriesaffinity categories
affinity categoriesVidhi Mehta
 
59185 11p
59185 11p59185 11p
59185 11pBeulah Heights University
 
Risk Communication
Risk CommunicationRisk Communication
Risk CommunicationBruce Sundeen
 
Order from chaos: Interplay of Social Media and Crisis Communication
Order from chaos: Interplay of Social Media and Crisis CommunicationOrder from chaos: Interplay of Social Media and Crisis Communication
Order from chaos: Interplay of Social Media and Crisis CommunicationTimothy Coombs
 
Risk Communication - #SciCommLSU
Risk Communication - #SciCommLSU Risk Communication - #SciCommLSU
Risk Communication - #SciCommLSU Paige Jarreau
 
The Importance of Crisis Communications
The Importance of Crisis Communications The Importance of Crisis Communications
The Importance of Crisis Communications John Hellerman
 
2016 Resilience Insights
2016 Resilience Insights 2016 Resilience Insights
2016 Resilience Insights Kirstjen Nielsen
 
Risk communication during an infectious disease event - pandemics and public ...
Risk communication during an infectious disease event - pandemics and public ...Risk communication during an infectious disease event - pandemics and public ...
Risk communication during an infectious disease event - pandemics and public ...Julie Leask
 
Disasterreport undp2004
Disasterreport undp2004Disasterreport undp2004
Disasterreport undp2004nitoylopez
 
Crisis resolution
Crisis resolutionCrisis resolution
Crisis resolutionShangharsha Thapa
 
Laplacian Probability Models for InfoSec Likelihood Calculations
Laplacian Probability Models for InfoSec Likelihood CalculationsLaplacian Probability Models for InfoSec Likelihood Calculations
Laplacian Probability Models for InfoSec Likelihood CalculationsJordan Schroeder
 
Towards Quantification of Cyber Risk
Towards Quantification of Cyber RiskTowards Quantification of Cyber Risk
Towards Quantification of Cyber RiskKirstjen Nielsen
 
Understanding Systemic Cyber Risk
Understanding Systemic Cyber RiskUnderstanding Systemic Cyber Risk
Understanding Systemic Cyber RiskKirstjen Nielsen
 
Information Security Risk Quantification
Information Security Risk QuantificationInformation Security Risk Quantification
Information Security Risk QuantificationJoel Baese
 
10 cognitive biases that distorts your thinking
10 cognitive biases that distorts your thinking10 cognitive biases that distorts your thinking
10 cognitive biases that distorts your thinkingCol Mukteshwar Prasad
 
Why People Make Bad Decisions: The Role of Cognitive Biases
Why People Make Bad Decisions: The Role of Cognitive BiasesWhy People Make Bad Decisions: The Role of Cognitive Biases
Why People Make Bad Decisions: The Role of Cognitive BiasesSigma Consulting Resources, LLC
 
OSHA and National Safety Council - What is a Near Miss?
OSHA and National Safety Council - What is a Near Miss?OSHA and National Safety Council - What is a Near Miss?
OSHA and National Safety Council - What is a Near Miss?Garrett Foley
 
Exploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project deliveryExploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project deliveryMECandPMV
 
Incident Investigation ASSE 2014
Incident Investigation ASSE 2014Incident Investigation ASSE 2014
Incident Investigation ASSE 2014John Newquist
 
Accident incident investigation
Accident incident investigationAccident incident investigation
Accident incident investigationTariq Hatmi
 
Safety awareness on near miss
Safety awareness on near missSafety awareness on near miss
Safety awareness on near missAshok Singh
 
Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...
Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...
Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...Learning Manager
 
Introduction to Business Decision Making - 76%
Introduction to Business Decision Making - 76%Introduction to Business Decision Making - 76%
Introduction to Business Decision Making - 76%Kennedy Emma Round
 
Biases april 2012
Biases april 2012Biases april 2012
Biases april 2012Jeran Binning
 
American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...
American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...
American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...tnunnally
 
Session 1 Power Point
Session 1 Power PointSession 1 Power Point
Session 1 Power Pointhiratufail
 

Mais conteúdo relacionado

Mais procurados

Risk Communication - #SciCommLSU
Risk Communication - #SciCommLSU Risk Communication - #SciCommLSU
Risk Communication - #SciCommLSU Paige Jarreau
 
The Importance of Crisis Communications
The Importance of Crisis Communications The Importance of Crisis Communications
The Importance of Crisis Communications John Hellerman
 
Risk communication during an infectious disease event - pandemics and public ...
Risk communication during an infectious disease event - pandemics and public ...Risk communication during an infectious disease event - pandemics and public ...
Risk communication during an infectious disease event - pandemics and public ...Julie Leask
 
Disasterreport undp2004
Disasterreport undp2004Disasterreport undp2004
Disasterreport undp2004nitoylopez
 

Mais procurados (6)

Risk Communication - #SciCommLSU
Risk Communication - #SciCommLSU Risk Communication - #SciCommLSU
Risk Communication - #SciCommLSU
 
The Importance of Crisis Communications
The Importance of Crisis Communications The Importance of Crisis Communications
The Importance of Crisis Communications
 
2016 Resilience Insights
2016 Resilience Insights 2016 Resilience Insights
2016 Resilience Insights
 
Risk communication during an infectious disease event - pandemics and public ...
Risk communication during an infectious disease event - pandemics and public ...Risk communication during an infectious disease event - pandemics and public ...
Risk communication during an infectious disease event - pandemics and public ...
 
Disasterreport undp2004
Disasterreport undp2004Disasterreport undp2004
Disasterreport undp2004
 
Crisis resolution
Crisis resolutionCrisis resolution
Crisis resolution
 

Destaque

Laplacian Probability Models for InfoSec Likelihood Calculations
Laplacian Probability Models for InfoSec Likelihood CalculationsLaplacian Probability Models for InfoSec Likelihood Calculations
Laplacian Probability Models for InfoSec Likelihood CalculationsJordan Schroeder
 
Towards Quantification of Cyber Risk
Towards Quantification of Cyber RiskTowards Quantification of Cyber Risk
Towards Quantification of Cyber RiskKirstjen Nielsen
 
Understanding Systemic Cyber Risk
Understanding Systemic Cyber RiskUnderstanding Systemic Cyber Risk
Understanding Systemic Cyber RiskKirstjen Nielsen
 
Information Security Risk Quantification
Information Security Risk QuantificationInformation Security Risk Quantification
Information Security Risk QuantificationJoel Baese
 
10 cognitive biases that distorts your thinking
10 cognitive biases that distorts your thinking10 cognitive biases that distorts your thinking
10 cognitive biases that distorts your thinkingCol Mukteshwar Prasad
 
Why People Make Bad Decisions: The Role of Cognitive Biases
Why People Make Bad Decisions: The Role of Cognitive BiasesWhy People Make Bad Decisions: The Role of Cognitive Biases
Why People Make Bad Decisions: The Role of Cognitive BiasesSigma Consulting Resources, LLC
 
OSHA and National Safety Council - What is a Near Miss?
OSHA and National Safety Council - What is a Near Miss?OSHA and National Safety Council - What is a Near Miss?
OSHA and National Safety Council - What is a Near Miss?Garrett Foley
 
Exploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project deliveryExploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project deliveryMECandPMV
 
Incident Investigation ASSE 2014
Incident Investigation ASSE 2014Incident Investigation ASSE 2014
Incident Investigation ASSE 2014John Newquist
 
Accident incident investigation
Accident incident investigationAccident incident investigation
Accident incident investigationTariq Hatmi
 
Safety awareness on near miss
Safety awareness on near missSafety awareness on near miss
Safety awareness on near missAshok Singh
 

Destaque (11)

Laplacian Probability Models for InfoSec Likelihood Calculations
Laplacian Probability Models for InfoSec Likelihood CalculationsLaplacian Probability Models for InfoSec Likelihood Calculations
Laplacian Probability Models for InfoSec Likelihood Calculations
 
Towards Quantification of Cyber Risk
Towards Quantification of Cyber RiskTowards Quantification of Cyber Risk
Towards Quantification of Cyber Risk
 
Understanding Systemic Cyber Risk
Understanding Systemic Cyber RiskUnderstanding Systemic Cyber Risk
Understanding Systemic Cyber Risk
 
Information Security Risk Quantification
Information Security Risk QuantificationInformation Security Risk Quantification
Information Security Risk Quantification
 
10 cognitive biases that distorts your thinking
10 cognitive biases that distorts your thinking10 cognitive biases that distorts your thinking
10 cognitive biases that distorts your thinking
 
Why People Make Bad Decisions: The Role of Cognitive Biases
Why People Make Bad Decisions: The Role of Cognitive BiasesWhy People Make Bad Decisions: The Role of Cognitive Biases
Why People Make Bad Decisions: The Role of Cognitive Biases
 
OSHA and National Safety Council - What is a Near Miss?
OSHA and National Safety Council - What is a Near Miss?OSHA and National Safety Council - What is a Near Miss?
OSHA and National Safety Council - What is a Near Miss?
 
Exploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project deliveryExploration of risks and risk management in construction project delivery
Exploration of risks and risk management in construction project delivery
 
Incident Investigation ASSE 2014
Incident Investigation ASSE 2014Incident Investigation ASSE 2014
Incident Investigation ASSE 2014
 
Accident incident investigation
Accident incident investigationAccident incident investigation
Accident incident investigation
 
Safety awareness on near miss
Safety awareness on near missSafety awareness on near miss
Safety awareness on near miss
 

Semelhante a How Near-Miss Bias Affects Risk-Based Decisions

Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...
Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...
Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...Learning Manager
 
Introduction to Business Decision Making - 76%
Introduction to Business Decision Making - 76%Introduction to Business Decision Making - 76%
Introduction to Business Decision Making - 76%Kennedy Emma Round
 
American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...
American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...
American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...tnunnally
 
Session 1 Power Point
Session 1 Power PointSession 1 Power Point
Session 1 Power Pointhiratufail
 
Disasters and Humans (DEMS3706 SU2020, Dr. Eric Kennedy)APDEMS370
Disasters and Humans (DEMS3706 SU2020, Dr. Eric Kennedy)APDEMS370Disasters and Humans (DEMS3706 SU2020, Dr. Eric Kennedy)APDEMS370
Disasters and Humans (DEMS3706 SU2020, Dr. Eric Kennedy)APDEMS370AlyciaGold776
 
Crisis Management and Corporate Reputation
Crisis Management and Corporate Reputation Crisis Management and Corporate Reputation
Crisis Management and Corporate Reputation Morteza Javadinia Azari
 
Engaging Students in Disaster Prevention Education
Engaging Students in Disaster Prevention Education Engaging Students in Disaster Prevention Education
Engaging Students in Disaster Prevention Education edu4drr
 
Derailed Crisis Plans
Derailed Crisis PlansDerailed Crisis Plans
Derailed Crisis Plansmschannon
 
How to NOT get ahead in advertising – what many conservation NGOs are doing w...
How to NOT get ahead in advertising – what many conservation NGOs are doing w...How to NOT get ahead in advertising – what many conservation NGOs are doing w...
How to NOT get ahead in advertising – what many conservation NGOs are doing w...Chris Parsons
 
Effective Crisis CommunicationChapter 1 The Conceptual Foundat
Effective Crisis CommunicationChapter 1 The Conceptual FoundatEffective Crisis CommunicationChapter 1 The Conceptual Foundat
Effective Crisis CommunicationChapter 1 The Conceptual FoundatEvonCanales257
 
Effective crisis communication chapter 1 the conceptual foundat
Effective crisis communication chapter 1 the conceptual foundatEffective crisis communication chapter 1 the conceptual foundat
Effective crisis communication chapter 1 the conceptual foundatANIL247048
 
Airlines use of Social Media for Crisis Communication
Airlines use of Social Media for Crisis CommunicationAirlines use of Social Media for Crisis Communication
Airlines use of Social Media for Crisis CommunicationCristina Passarelli
 
Social Media as a Crisis Communication Tool during the Icelandic Volcano Erup...
Social Media as a Crisis Communication Tool during the Icelandic Volcano Erup...Social Media as a Crisis Communication Tool during the Icelandic Volcano Erup...
Social Media as a Crisis Communication Tool during the Icelandic Volcano Erup...Corinne Weisgerber
 
Winning at Safety vpp16
Winning at Safety vpp16Winning at Safety vpp16
Winning at Safety vpp16The RAD Group
 
Crisis work orientation
Crisis work orientationCrisis work orientation
Crisis work orientationEarly Artis
 
1) Responded to message below. Should be at minimum of 250 words i.docx
1) Responded to message below. Should be at minimum of 250 words i.docx1) Responded to message below. Should be at minimum of 250 words i.docx
1) Responded to message below. Should be at minimum of 250 words i.docxSONU61709
 
You can "cure stupid" ASFPM 2016
You can "cure stupid" ASFPM 2016You can "cure stupid" ASFPM 2016
You can "cure stupid" ASFPM 2016Ronda Oberlin
 

Semelhante a How Near-Miss Bias Affects Risk-Based Decisions (20)

Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...
Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...
Talk to the hand - Improving public safety outcomes with risk comms (Ronda O...
 
Introduction to Business Decision Making - 76%
Introduction to Business Decision Making - 76%Introduction to Business Decision Making - 76%
Introduction to Business Decision Making - 76%
 
Biases april 2012
Biases april 2012Biases april 2012
Biases april 2012
 
American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...
American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...
American Bankers Association Risk Management Forum April 29, 2010 Tyler D. ...
 
Session 1 Power Point
Session 1 Power PointSession 1 Power Point
Session 1 Power Point
 
Disasters and Humans (DEMS3706 SU2020, Dr. Eric Kennedy)APDEMS370
Disasters and Humans (DEMS3706 SU2020, Dr. Eric Kennedy)APDEMS370Disasters and Humans (DEMS3706 SU2020, Dr. Eric Kennedy)APDEMS370
Disasters and Humans (DEMS3706 SU2020, Dr. Eric Kennedy)APDEMS370
 
Crisis Management and Corporate Reputation
Crisis Management and Corporate Reputation Crisis Management and Corporate Reputation
Crisis Management and Corporate Reputation
 
Engaging Students in Disaster Prevention Education
Engaging Students in Disaster Prevention Education Engaging Students in Disaster Prevention Education
Engaging Students in Disaster Prevention Education
 
Beyond Bias
Beyond BiasBeyond Bias
Beyond Bias
 
Derailed Crisis Plans
Derailed Crisis PlansDerailed Crisis Plans
Derailed Crisis Plans
 
How to NOT get ahead in advertising – what many conservation NGOs are doing w...
How to NOT get ahead in advertising – what many conservation NGOs are doing w...How to NOT get ahead in advertising – what many conservation NGOs are doing w...
How to NOT get ahead in advertising – what many conservation NGOs are doing w...
 
Effective Crisis CommunicationChapter 1 The Conceptual Foundat
Effective Crisis CommunicationChapter 1 The Conceptual FoundatEffective Crisis CommunicationChapter 1 The Conceptual Foundat
Effective Crisis CommunicationChapter 1 The Conceptual Foundat
 
Effective crisis communication chapter 1 the conceptual foundat
Effective crisis communication chapter 1 the conceptual foundatEffective crisis communication chapter 1 the conceptual foundat
Effective crisis communication chapter 1 the conceptual foundat
 
Airlines use of Social Media for Crisis Communication
Airlines use of Social Media for Crisis CommunicationAirlines use of Social Media for Crisis Communication
Airlines use of Social Media for Crisis Communication
 
Social Media as a Crisis Communication Tool during the Icelandic Volcano Erup...
Social Media as a Crisis Communication Tool during the Icelandic Volcano Erup...Social Media as a Crisis Communication Tool during the Icelandic Volcano Erup...
Social Media as a Crisis Communication Tool during the Icelandic Volcano Erup...
 
Groupthink
GroupthinkGroupthink
Groupthink
 
Winning at Safety vpp16
Winning at Safety vpp16Winning at Safety vpp16
Winning at Safety vpp16
 
Crisis work orientation
Crisis work orientationCrisis work orientation
Crisis work orientation
 
1) Responded to message below. Should be at minimum of 250 words i.docx
1) Responded to message below. Should be at minimum of 250 words i.docx1) Responded to message below. Should be at minimum of 250 words i.docx
1) Responded to message below. Should be at minimum of 250 words i.docx
 
You can "cure stupid" ASFPM 2016
You can "cure stupid" ASFPM 2016You can "cure stupid" ASFPM 2016
You can "cure stupid" ASFPM 2016
 

Último

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 

Último (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 

How Near-Miss Bias Affects Risk-Based Decisions

  • 1. HOW NEAR-MISS BIAS AFFECTS RISK-BASED DECISIONS JORDAN SCHROEDER, CISSP, CISM
  • 2. INTRO WHO AM I ▸ Member of the GRC team at Visier, Inc ▸ Moderator of Security StackExchange ▸ Former teacher, actor, singer, director, Coast Guard Officer, undertaker, database designer, tax preparer, business owner, day trader ▸ http://www.linkedin.com/in/schroederjordan ▸ http://security.stackexchange.com/users/6253/schroeder ▸ https://gophishyourself.wordpress.com
  • 3. INTRO RISK IS NOT ENOUGH ▸ You’ve done your calculations ▸ You’ve drafted a clear report ▸ Your research shows that a Threat is not going away ▸ You present your report expertly to decision makers ▸ They make the wrong decision … ▸ Why??
  • 4. INTRO RISK IS NOT ENOUGH ▸ Data alone does not result in appropriate action ▸ Data is interpreted by the audience through a number of filters ▸ Those filters determine the resulting action ▸ “Near-Miss Bias” is a unique filter that requires specific handling
  • 5. INTRO THIS PRESENTATION IS A SUMMARY OF: 2008 How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Robin L. Dillon Catherine H. Tinsley McDonough School of Business, Georgetown University, Washington, D.C. 20057
  • 6. INTRO THIS PRESENTATION IS A SUMMARY OF: 2012 How Near-Miss Events Amplify or Attenuate Risky Decision Making Robin Dillon-Merrill Catherine H. Tinsley Mathew A. Cronin
 McDonough School of Business, Georgetown University, Washington, D.C. 20057
  • 8. WHAT IS IT? COLUMBIA SHUTTLE DISASTER 2003
  • 9. WHAT IS IT? COLUMBIA SHUTTLE DISASTER 2003 ▸ Shedding of tank foam during ascent happened frequently ▸ Caused by debris hitting the tanks ▸ “With each successful landing, it appears that NASA engineers and managers increasingly regarded the foam- shedding as inevitable, and as either unlikely to jeopardize safety or simply an acceptable risk.” ▸ (Columbia Accident Investigation Board Report, Volume 1, 2003, p. 122) Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
  • 10. WHAT IS IT? COLUMBIA SHUTTLE DISASTER 2003 ▸ Probabilistic analysis performed in 1990 determined that debris strikes could be catastrophic ▸ Foam loss occurred on 10% of flights ▸ Damage to foam every flight, with an average of 143 divots per flight ▸ How could this ‘obvious’ problem be overlooked? Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
  • 11. WHAT IS IT? NASA EXPERIMENT ▸ Information Management Business students (with training in stats and probabilities) put through a simulation where they have to navigate the Mars Rover from one crater to another ▸ Each simulated day, given a weather report, the participant needed to decide to stay or move on given the weather’s chance of causing a wheel failure Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
  • 12. WHAT IS IT? NASA EXPERIMENT ▸ Those who ‘survived’ the risky choices were more prone to making riskier decisions for the next day ▸ Even when presented with the probabilities afresh each day, participants still incorporated the previous successes into their decisions, even if they did not make as many risky decisions ▸ When given the choice of knowing Near-Miss data or other data, participants were less likely to seek other data Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
  • 13. WHAT IS IT? NEAR-MISS ▸ People tend see events as linked and not independent ▸ “hot streaks” ▸ People with Near-Miss information tend to skew towards riskier decisions Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
  • 14. WHAT IS IT? NEAR-MISS ▸ People do not ignore the other data ▸ People use the data from the Near-Miss events as a source of optimism ▸ More Near-Miss data exacerbates the problem Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
  • 15. WHAT IS IT? NEAR-MISS SPECULATION: BAYES ▸ Near-Miss data incorporated with statistical data ▸ Like an inherent Bayesian analysis ▸ “My successes were because the probabilities were general and not applicable to my specific situation. My probabilities are different.” ▸ (Stats) x (Near-Miss adjustment) ▸ version of the Gambler’s Fallacy Dillon and Tinsley: How Near-Misses Influence Decision Making Under Risk: A Missed Opportunity for Learning Management Science, Articles in Advance
  • 16. WHAT IS IT? INFOSEC NEAR-MISSES ▸ Viruses caught on endpoints ▸ Brute-force attempts ▸ “Background radiation” ▸ Phishing domains ▸ Vishing calls
  • 17. WHAT IS IT? INFOSEC NEAR-MISSES ▸ “We have never had a breach” ▸ that we know about … ▸ “All these alerts are just noise” ▸ Incident Response teams are absorbing a lot of budget in hunting down all these false positives ▸ “They are just script-kiddies who don’t know what they are doing” ▸ There is no real threat
  • 19. MISS - COMMUNICATING NEAR-MISS COULD BE INTERPRETED TWO WAYS ▸ Disasters that did not occur ▸ Resilient Risks ▸ “Yay! I didn’t die!” ▸ Disasters that almost happened ▸ Vulnerable Risks ▸ “OMG! I almost died!” Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
  • 20. MISS - COMMUNICATING RESILIENT RISKS ▸ Results in riskier behaviours ▸ Reduction in mitigating behaviours ▸ Explicit Likelihood calculations do not change ▸ merely quietly ‘enhanced’ with a Bayesian factor when there is a call to action Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
  • 21. MISS - COMMUNICATING THE HIDDEN CALCULATION ▸ You present your risks ▸ You present your calculations ▸ Your audience agrees with it all ▸ Your audience quietly applies their own Bayesian Near- Miss factor ▸ Your audience then decides ▸ budget, personnel, InfoSec projects, etc. Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
  • 22. MISS - COMMUNICATING PRESENT VULNERABLE RISKS ▸ If Near-Miss information was communicated as Vulnerable Risks, (“we almost died!”): ▸ and if the audience accepts that framing ▸ the effects of Resilient Risks are countered ▸ more mitigating behaviours are used Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
  • 23. MISS - COMMUNICATING VULNERABLE CHALLENGES ▸ The audience might not accept your framing ▸ becomes a messaging issue ▸ Creates a tone of negativity (less fun, less value) ▸ The mitigations become devalued! ▸ The messenger becomes devalued! Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
  • 24. MISS - COMMUNICATING COMMUNICATING RISK ▸ Focus on the Probabilities ▸ Frame past events as independent and not a chain ▸ Focus on the potential impact ▸ Frame Near-Misses as Vulnerable Risks Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
  • 25. MISS - COMMUNICATING COMMUNICATING RISK - JORDAN ▸ Focus on Procedural Resiliency ▸ Combat Vulnerable Risk negativity by celebrating the resiliency of the Risk process ▸ “Yay! We are surviving because we are using the right mitigations!” ▸ Make insurance sexy
  • 26. MISS - COMMUNICATING COMMUNICATING RISK - JORDAN ▸ Our detective controls are working! ▸ IR teams have confirmed that our users, our data, and our systems have not been compromised ▸ Our defences are effective against script-kiddies ▸ What are they not effective against?
  • 28. MISS - ASSESSMENT CHEAP DISASTERS ▸ Treating Near-Misses as Resilient Risks means that one might ignore them ▸ Instead, treat them as Actualized Risks for purposes of Risk Assessment ▸ Disasters that don’t cost the organization anything Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
  • 29. MISS - ASSESSMENT CHEAP TRICKS ▸ Often the same pre-conditions as a real disaster ▸ Easy way to identify hazardous conditions ▸ Encourage and reward the reporting of Near-Misses ▸ Helps to encourage an organizational culture of safety Dillon-Merrill, Robin; Tinsley, Catherine H.; and Cronin, Matthew A., "How Near-Miss Events Amplify or Attenuate Risky Decision Making" (2012). Published Articles & Papers. Paper 93.
  • 30. MISS - ASSESSMENT EXAMPLE IN INFOSEC ▸ A/V alerts that it caught a virus in an email attachment ▸ not executed, no actualized risk ▸ Every once in a while, treat it as though it was an actual infection ▸ Run the Incident Response process ▸ great training for new members ▸ Identify all vulnerable areas that were involved
  • 31. MISS - ASSESSMENT EXAMPLE IN INFOSEC ▸ Recalibrate the Risk Assessments of that area ▸ Mitigate vulnerable areas ▸ Trains everyone involved ▸ Streamlines the processes ▸ Encourages a culture of safety ▸ Old-fashioned fire drill but with a real threat
  • 33. SUMMARY NEAR-MISS ▸ Past events seen as linked ▸ Near-Misses used to adjust probabilities ▸ Near-Miss data preferred over other data ▸ Used to justify riskier behaviours
  • 34. SUMMARY COMMUNICATING NEAR-MISS ▸ Focus on Probabilities ▸ De-link events ▸ Focus on potential harm ▸ Shift to Vulnerable Risks ▸ Focus on Procedural Resiliencies ▸ Combat negativity
  • 35. SUMMARY NEAR-MISS ASSESSMENTS ▸ Treat Near-Misses as opportunities ▸ Cheap Disasters ▸ Fire Drills ▸ Identify Vulnerable areas ▸ Communicate the importance of reporting Near-Misses ▸ Encourage a culture of safety