John Hackston, Head of Thought Leadership at The Myers-Briggs Company, offers a series of cyber tips and advice aimed at different personality types about their potential cyber security weaknesses
In 2019, the World Economic Forum identified data fraud and cyber-attacks as one of the major issues facing society. Cyber-attacks are especially pertinent to businesses and organisations, as the consequences of a data breach can be catastrophic, both reputationally and financially. While high profile data breaches make headlines, every year millions of regular businesses suffer smaller breaches too, and not every business will have the deep pockets required to recover.
Type and cyber security research
In light of the growing importance of cyber security, The Myers-Briggs Company has undertaken research into ‘Type and cyber security’, to explore how personality relates to cyber-security attitudes and behaviours. The study revealed that 82% of respondents agreed or strongly agreed that a “data breach would be disastrous for my organisation”. In addition, we found that 64% of respondents said they had experienced cyber-attacks in the last year, and almost a third (30%) had experienced attacks in the last month alone.
In order to aid businesses and their employees in staying cyber savvy and remaining vigilant in the fight against cyber criminals, we used our research to compile a guide on Cyber security tips for each MBTI® type. For example, people with the most frequently occurring personality type in the UK are likely to spot discrepancies and errors in phishing emails and generally follow IT security rules and policies.
However, they may over-rely on previous experience can be caught out by always using variations on the same password. People like me, with my personality preferences, have a tendency to think we know best and as a result we don’t always follow the rules. This is not always a good idea when it comes to cybersecurity!
Three behaviour types
When considering security behaviour in individuals, traits can be distilled into three main areas of behaviours; conscientiously following rules, keeping passwords and devices secure, and knowledge-informed carefulness. Different personality types are better at some of these areas than others. For example, our research revealed that respondents with a preference for Sensing (those who are drawn to facts and details) scored higher on ‘following rules’ than those with a preference for Intuition (those who prefer meanings and patterns).
On the other hand, respondents with a preference for Judging (those who prefer structure and planning) scored higher on ‘keeping passwords and devices secure’ than those with a preference for Perceiving (those who prefer flexibility and adaptability). If employees are aware of their own personality traits, they can start to think about what kinds of behaviours they might need to hone.
Cyber security weaknesses
Interestingly, there are some common mistakes occurring across all personality types that businesses should be conscious of, such as submitting information to websites without first checking that it will be sent securely, assuming that it is safe to access your email on someone else’s computer, and using the same passwords at work and at home. Perhaps most notable of all, however, is the shared over-confidence by all types that they won’t be caught out by cyber-attacks. The crucial first step in improving your workplace cyber security habits is to remind employees that no matter their experience or level of seniority, cyber-attacks do not discriminate, and anyone can be a potential victim.
Cyber security knowledge
While certain personality preferences do not guarantee cyber security awareness or knowledge, it can be beneficial for organisations to use personality and self-awareness as a starting point in understanding where cyber security weaknesses may lie. Equipped with the knowledge of their potential strengths and blind spots, individuals can consciously improve their own IT security behaviour, and in turn, strengthen the security of their organisations. The mitigation of cyber-attacks is of critical importance to businesses, and all organisations are encouraged to start a conversation with employees about their cyber security habits. While our cyber security tips guide provides a starting point for different personalities to consider their behaviours, employees would do well to read the full guide, regardless of their personality preferences.