RSS FeedBlogs
RSS FeedSubscribe to this blog
About Author
Forrester Analysts

Forrester Research is a technology and market research company that provides pragmatic advice to global leaders in business and technology.



The psychology of bad news

Could it be possible that CISOs are biologically different from other people by being more balanced about risk?

Article comments
The other night I stumbled across a documentary on BBC2 (content only available to UK residents) about the human brain. One section talked about how the brain perceived risk issues - obviously an interesting topic for security folk!

A test subject was placed into a brain scanner and asked to estimate the likelihood of 80 different negative events occurring to him in the future - from developing cancer, to his house being burgled, to breaking a leg etc.  Once he had stated his opinion, the real likelihood was then displayed to him.

At the end of the 80 events, the process resets and the subject is presented with the same events and asked to, once again, state his perceived likelihood, although this time with some knowledge of the actual answers.

The results are surprising.

Where his initial response had been too pessimistic, the test subject adjusted his perception to align with the actual likelihood. However, where he had initially been too optimistic, his opinion remain largely unchanged by the facts! It was apparent that the brain proactively maintained a ‘rose-tinted’ view of the risks, accommodating a more optimistic view but shunning anything more negative.

The scientists argued that this was the brain did this for two main reasons:

1 - To minimise stress and anxiety, for the resultant health benefits.

2 - Because an optimistic outlook helps drive success, support ambition and keep humanity striving for a better future.

This is interesting on its own, but becomes more so when you when compare it with society’s appetite for bad news. It’s common knowledge that bad news sells, which is why our newspapers peddle it almost exclusively and, to some extent, we can understand why it appeals - our subconscious always needed to be more attuned to a cry of “Wolf!” than a regular call of “No wolves in sight”.

So, it seems that our nature is to seek out bad news, but then ignore the lessons that it should be teaching us; and to make this worse, when we find a story that allows us to believe that the risk is reduced, we accommodate and synthesise that almost immediately, building it into our new perception of reality.

Is it any wonder, therefore, that CISOs fight a constant battle to communicate their message, to alter the perception of the senior executives who have the authority to enable change? It also makes me consider whether, just perhaps, CISOs are biologically different from other people - are we pre-disposed to internalise both positive and negative risk issues in a more balanced way than the people around us? If that is the case, how do we get them to see things from our perspective?

And, no, FUD is not the answer…

By Andrew Rose


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
* *