Resources on the Psychology of Security and Risk

Professor of Security Engineering at the Computer Laboratory, University of Cambridge, Ross Anderson, has compiled a comprehensive resource page on the psychology of risk and security. The resources themselves are divided into seven section, to wit:

  • Introductory Papers
  • Deception
  • Security and Usability
  • Social Attitudes to Risk
  • Behavioural Economics of Security
  • Miscellaneous Papers
  • Other (Conferences, Websites/Blogs, Books)

From the introduction:

A fascinating dialogue is developing between psychologists and security engineers. At the macro scale, societal overreactions to terrorism are founded on the misperception of risk and uncertainty, which has deep psychological roots. At the micro scale, more and more crimes involve deception. […] Security is both a feeling and a reality, and they’re different. The gap gets ever wider, and ever more important.

At a deeper level, the psychology of security touches on fundamental scientific and philosophical problems. The ‘Machiavellian Brain’ hypothesis states that we evolved high intelligence not to make better tools, but to use other monkeys better as tools: primates who were better at deception, or at detecting deception in others, left more descendants. Conflict is also deeply tied up with social psychology and anthropology, while evolutionary explanations for the human religious impulse involve both trust and conflict.

via Schneier