Upload
kelly-shortridge
View
625
Download
2
Embed Size (px)
Citation preview
KNOW THYSELFOPTIMIZING TEAM DECISION-
MAKING
Hi, I’m Kelly
What will I cover?
Cognitive bias?
Prospect theory
Offense vs. Defense
Prospect theory in InfoSec
Other biases in infosec
What are the outcomes?
An outcome
Incentive problems
Cognitive biases in groups
Bosses & risk
Example security org split
The setting
How are CISOs evaluated?
Success & failure for blue team members
Being a cost center adds to the issues
A sample meeting
Current decision making process
Strategies(now entering the realm of decision
trees)
Belief prompting & hard metrics
Example belief prompting
A relevant thought leader quote
Examples of belief prompting
Example progression: Exfiltration
Example AD tree (for illustrative purposes)
Feedback loop
Decision prioritization
As a leader of a group
As a boss
Ideal decision-making process(hopefully as cool as this pic)
Bias-resilient process
Enlightened Conclusion
Final thoughts
Further reading
Questions?