1 Copyright © 2004 M. E. Kabay. All rights reserved. Social Psychology & INFOSEC NEW ENGLAND...

1 Copyright © 2004 M. E. Kabay. All rights reserved.

Social Psychology &

INFOSECNEW ENGLAND INFORMATION SECURITY GROUP

2004-05-20M. E. Kabay, PhD, CISSP

Assoc. Prof. Information AssuranceProgram Director, Master of Science in Information Assurance

Norwich University


Topics

Attribution Theory Social Cognition: Forming Judgments Beliefs and Attitudes Prejudice Locus of Control Persuasion and Attitude Change Conformity, Compliance and Obedience Pro-Social (Helpful) Behavior


Attribution Theory

Attribution Theory How people explain their own and others'

behavior Weiner's classification:

Stable Unstable

Internal

External

Dispositions;traits; level of

ability or intelligence

Effort;mood;

physical state

Good/bad luck;opportunity;

transientsituations

Degree of taskdifficulty; env

helps/hindrance


Attribution Theory (cont’d) How we explain behavior

Fundamental Attribution Error– Star Trek's Leonard Nimoy is really like

the character he portrays (Mr Spock) Actor-Observer Effect

– What I do is a reasonable response to the situation but what you do is in your nature

Salience– What stands out is perceived as most

important even if it isn't


Attribution Theory (cont’d) Self-Serving Bias

– If I succeed it's because of how good I am, but if I lose it's not my fault

Self-Handicapping– If I expect to fail I'll make sure there's a

good excuse Depressed People

– If I lose it's because of how bad I am, but if I succeed it's not to my credit


Attribution Theory: Implications Leader and others: remember not to pigeon-

hole someone – E.g., “He’s always _______”

Reverse situation – think about explanations for perplexing or objectionable behavior– “If I were behaving that way, it would be

because __________” Challenge unthinking reliance on salience –

question assumptions about causality– “Why should the fact that he limps make a

difference to _________?”


Social Cognition: Forming Judgements Schemas influence perception Decision-making usually includes only a

small subset of available information Language influences perception Reasoning is only a small part of forming

judgments or opinions


Schemas

Organized knowledge about the world Influence perceptions — Allport’s experiments

with drawings of people on tramway Affect memory — witnesses unreliable More subtle and complex for in-groups than for

out-groups – give outgroup no credit May lead to self-fulfilling prophecies; e.g., math

teachers vs girls– Reward compliance with schema (boys)– Punish deviation (girls)

Suggestion: question expectations, assumptions


Schemas (cont’d)

Schema from one sphere may interfere with successful implementation of new policies

Present counterintuitive information in advance– Provide enough time for assimilation– Distribute background papers– Use case studies to counter inappropriate

schemata


Inadequate Sampling

Judgments are often based on inadequate samples

Early, negative, information weighted heavily The availability heuristic can lead to errors in

judgment– What’s easy to remember weighs too heavily

in decision– Anecdotal evidence inappropriately strong


Inadequate Sampling (cont’d) Provide decision makers with powerful

arguments first Ensure there’s lots of striking, memorable

evidence in presentation Explicitly challenge incorrect intuition,

preconceptions, conclusions


Beliefs and Attitudes

Belief: cognitive information without affect– “The operators are responsible for tape

mounts.” Attitude: evaluation or emotional response

– “The */$&/! Operators are supposed to be responsible for tape mounts!”

Cognitive dissonance: incompatible beliefs, attitudes or behavior– “I am an honest person – but I have taken

home three dozen Zip disks this month.”


Beliefs and Attitudes

Before attempting to change beliefs and attitudes, study what they are– Interviews– Focus groups– Surveys

Use language carefully– Positive terms for desired end-point

Encouragement is effective– Even minor praise, smile can shape beliefs

and attitudes Allow time for change – weeks at least


Beliefs and Attitudes (cont’d)Suggestions for security group: Explore current beliefs and attitudes towards

security– Identify areas of conflict, negative affect– Correct erroneous beliefs fast– Explore why some policies are successful

Provide consistent pro-security messages to avoid dissonance– e.g., managers should not ignore polices

Rewards more effective than punishment– encouraging positive attitudes & behavior


Prejudice

Stereotypes – simple models of others;– e.g., racial profiling, assumptions about security

officers Roots of prejudice are many – historical, social,

familial, psychological, personal Authoritarian personality includes prejudice Minimal-group research – easy to generate inter-

group hostility and prejudice simply by grouping Group competition exacerbates prejudice

– Creating common goals and projects for hostile groups mitigates prejudice

Favorable depictions improve inter-group relations


Locus of Control

People work better when they feel in control– Able to affect outcomes– Considered by decision-makers– Listened-to

Experimental evidence– Teams working in noisy environment– Patients in convalescence homes


Locus of Control

Locus of Control Group 1


Locus of Control

Locus of Control Group 2

STOP


Locus of Control


Persuasion and Attitude Change: Effective CommunicationWhat influences pace of change: Audience/Listener variables Channel variables Communicator/Presenter variables Message variables


Effective Communication:Listener Variables Knowledge base Objectives Intelligence Alertness Motivation


Knowledge Base

Define prerequisite knowledge, skills Ask each participant for brief biography Explore related areas of knowledge Identify strengths and weaknesses Incorporate interests into examples,

discussions


Intelligence

Less important than frequently assumed Encourage questions, discussion Praise interventions, ideas, contributions For courses

– Effective study methods can compensate– Offer assistance outside class


Alertness

Sleep deprivation harmful to learning Use channel variables to enhance alertness Provide frequent breaks Respond immediately to inattention Use humor and the unexpected Discourage heavy lunches Forbid alcohol during task-force meetings,

workshops and training


Motivation

“What would you like to be able to do after this course that you can’t do now?”

Beware forced participation: work to convince of meeting or courses utility

For courses: address benefits of mastery– Share experiences in real world– Bring in enthusiastic “graduate”

• If possible, one who was negative at start

• Have brief description of positive results, value


Channel Variables

Time available Working conditions Visibility, audibility, clarity High interactivity


Time Available

Allow for at least ~2-3 minutes/slide on average– Check your timings if you use more slides– Be sure that you can in fact present all the

slides At most ~1 hr between breaks

– Use longer breaks (e.g., 20-30 minutes) to foster creativity

– Informal discussions often useful At most ~7 hr/day If necessary, plan 2 or more days or sessions

for better assimilation and application of complex issues


Working Conditions

Keep room relatively cool Lights bright if possible Comfortable chairs Desks or tables with enough room for

computers and papers Printed materials with room for notes Multimedia: reference articles, videos If possible and appropriate, network with hub

& LAN connectors– High-speed access to Net– NetMeeting software


Visibility, Audibility, Clarity Stand, move, sit Speak clearly at all times

– Keep microphone away from direct line of breath (avoids noise)

Vary speed– Slower than conversation– Pauses effective for emphasis

Over-inflect for emphasis– Different from conversational mode– Increase frequency range and dynamic

range Face the audience, not the slide / poster


High Interactivity

Ask questions frequently Challenge individuals Turn discussion to relevant personal

experiences Use digressions constructively to reinforce

message Use examples from participants’ experiences When teaching, remember individual

students’ interests and point out relevance of specific material to them


Effective Communication:Presenter Variables Psychology and motivation Empathy and imagination Patience Subject knowledge Background knowledge Ethical standards Externals


Psychology and Motivation

Commitment to group / participant / student achievement

Beware feelings of power and superiority Encourage questions, challenges

– Thank people for raising questions; smile– Set example: “I don’t know that; can

anyone help on that question?. . . . I’ll do some research for the next meeting / class.”

– Deal with extensive discussions at break to avoid disrupting flow of meeting


Psychology and Motivation (cont’d) Admit mistakes immediately and clearly

– “On that third point, I was wrong. Thank you to Scott for pointing out that. . . .”

Unforgivable to humiliate people– Grounds for dismissal

Every session is a chance for leader / teacher to learn– Write down ideas for improvement


Empathy and Imagination

Remember what it was like being a beginner– Define jargon terms– Define acronyms on first use

Identify basic knowledge and skills needed for assimilation of later concepts, material

In courses, ensure that basics are thoroughly mastered– If necessary, take disproportionately

longer at start of meeting / course Encourage meetings after meeting / class

– Make schedule of availability known– Stick to schedule, especially for students


Patience

Find alternative ways of explaining ideas / skills– Analogies– Examples– War stories

When question out of place, defer answer– Later in lecture if suitable– At break or after class

Respect students for wanting to understand


Subject Knowledge

Difficult or impossible to provide technical leadership or to teach without mastering subject

Create your own presentation materials– Or adapt existing materials

Use all available resources to supplement your knowledge and understanding– Textbooks– Articles– Colleagues– Online databases

“I don’t know; let’s try to find out!”

Essayons!

Motto of Norwich University

Essayons!


Essayons!



Background Knowledge

Read widely in related areas Bring in analogies from other areas of

experience Use personal life-experiences when suitable Talk about feelings as well as ideas Express values openly Use divergence of judgment or opinion as

opportunity for expanding everyone’s knowledge


Ethical Standards

Work for the participants’ and the organization’s benefit

Review and revise course materials as appropriate before reusing them

Provide value for time invested Take participants’ other commitments into

account — stay on schedule– Start when you say you’ll start– Stop when you say you’ll stop

If teaching a course, make it possible to achieve maximum grades

Teachers: beware of emotional / sexual entanglements with students — violation of professional ethical standards


Effective Communication:Message Variables Context Behavioral objectives Organization Content Review questions


Context

Provide overview of coming materials– If appropriate, specify preliminary readings– Provide notes for participants / students– Use overview slides throughout

presentation Explain why information matters to

participants or students Focus on practical skills and examples Courses: consider open-book exams,

cooperative learning


Behavioral Objectives

Avoid internally defined objectives such as “knowing”, “becoming familiar with” etc.

What will the team or the class be able to DO after the session / course that they can’t do yet?– Analyze, apply, attack, choose, compare,

contrast, decide, defend, define, discuss, design, demonstrate, establish, explain, improve, optimize, prepare, repair, solve, teach, . . . .

– Within certain time limits, with certain tools available, accomplish specific actions. . . .


Organization

Design presentation / course top-down– Sketch out areas of concern, skills– Fill in details

Fundamental questions– What’s this all about? (context)– So why should I care about it? (motivation)– So what’s the scoop? (content)

Provide signposts explaining upcoming sections

Start each section with restatement of why it matters

Emphasize mastery of basic knowledge Point to more advanced topics


Organization (cont’d)

Memory works through association– Engrams — patterns of neuronal firings in

chains that activate experience, concepts– Want to provide lots of hooks for

assimilation / memory Present practical examples before stating

theory– Need concrete example to establish

framework for associations Invite comment, experiences from

participants before presenting theory– Opportunity to strengthen integration of

new information into web of associations


Evaluating Effectiveness of Communication When leading a meeting or an informal course or

workshop, gauge effectiveness through– Watching body language throughout session– Informal discussion– 1:1 conversation

Interviews, focus groups, surveys

For formal courses, can use essays, quizzes, examinations, projects– Include active knowledge as well as passive– If open-book, preferable to restrict time; e.g., 2

minutes per question

Declining accuracy


Conformity, Compliance and Obedience Shift normative values towards goal

– Express expectation of cooperation – “We” Group solidarity increases conformity

– Group exercises, games, teamwork– If using contests, mix up the teams

Outliers are especially important– Both enthusiasts and resisters

Norm of reciprocity– Give a little, get a little

Foot in the door– Get a little, get more


Pro-Social (Helpful) BehaviorActing helpfully requires 4 steps: Notice problem

– Need awareness Recognize as emergency

– Need training Take responsibility for action

– Need climate for responsible action– No worry about looking foolish

Decide on action– Sound training, good policies


Pro-Sociality (cont’d)

Bystander Effect– Larger groups have slower reaction time– Diffusion of responsibility– Uncertainty about social climate

Counter bystander effect using rewards for responsible behavior– E.g., reporting security violations– Challenging unbadged strangers


Pro-Sociality (cont’d)

Cost-benefit analysis– Make prosociality low cost / high gain– Provide hotline for security violations– Allow anonymity in reports

Make failing to support policy expensive– Personnel policies: clear sanctions– Performance review– Possible dismissal


DISCUSSION

M. E. Kabay, PhD, CISSP

mailto:[email protected]

http://www2.norwich.edu/mkabay

Date post:	26-Mar-2015
Category:	Documents
Upload:	julian-bennett
View:	214 times
Download:	0 times

1 Copyright © 2004 M. E. Kabay. All rights reserved. Social Psychology & INFOSEC NEW ENGLAND...

Documents