Iterative Analysis of Competing Hypotheses to Overcome Cognitive Biases in Cyber Decision-Making
Abstract:
This paper aims at improving the incident-response process by studying how cognitive biases such as the base rate fallacy, confirmation, and hindsight can affect decision-making in the cyber realm. This paper argues that cognitive biases negatively influence the performance of cyber incident response, as they have been shown to affect intelligence analysis. To guard against these biases, the paper proposes the use of contrarian analysis techniques, such as the devil’s advocate and structured analysis techniques, specifically the Iterative Analysis of Competing Hypotheses, which can also guide further investigations by identifying evidence that would unequivocally disprove hypotheses.
AUTHORS
Department of Computer Engineering and Software Engineering École Polytechnique de Montréal Montréal,
Canada
Dr. Antoine Lemay is one of the founders of Quantum Cyber Defence, a start-up aimed at providing custom security monitoring solutions. He previously worked as a Researcher in the Department of Computer Engineering and Software Engineering at École Polytechnique de Montréal, Canada. There he specialised in securing Industrial Control Systems (IDS) and Supervisory Control and Data Acquisition (SCADA) networks against threats from nation states. He also has worked as a Security Analyst. He also helped develop the training program at the National Energy Infrastructure Test Center. He holds a number of professional certifications, including CISSP, GSEC, and GCIH. He has written a number of papers in international venues on the topics of ICS and Supervisory Control and SCADA security, advances in attacker techniques, and cyber warfare.
Electrical and Computer Engineering Department Royal Military College of Canada Kingston,
Canada
Dr. Sylvain (Sly) Leblanc is an Associate Professor in Computer Engineering at the Royal Military College of Canada. He was a Canadian Army Signals Officer for more than 20 years, where he developed his interest in computer network operations. His research interests are in computer security and computer network operations, with major efforts in network counter-surveillance operations, vulnerability and security assessments, and cyber education. He collaborates with the Director of Cyber Force Development with whom he works on Cyber Policy Conceptual Development and with the Canadian Army’s Land Cyber Mission Assurance Program.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
