Defender Personality Traits
The security community has used psychological research on attacker personalities, but little work has been done to investigate the personalities of the defenders. We surveyed 43 security professionals using a Five Factor Model-based test to reveal common dominant traits. We found that our sampled population demonstrated that they were highly dutiful, achievement-striving, and cautious; in addition, they were high in morality and cooperation, but low in imagination. We conclude that many of these characteristics are appropriate for security professionals, although the low scores in the “openness to experience” domain may indicate difficulties in devising new security defense methods and in anticipating new forms of attack. This potentially leaves large organizations and nation-states vulnerable to attacks.
KeywordsAttack Personality Percentile Score Uniform Random Distribution Inside Threat Security Professional
Unable to display preview. Download preview PDF.
- 1.Gates, C., Whalen, T.: Profiling the defenders. In: Proceedings of the 2004 New Security Paradigms Workshop, Nova Scotia, Canada, September 20-23, pp. 107–114 (2004)Google Scholar
- 2.Goldberg, L.: A broad-bandwidth, public domain, personality inventory measuring the lower-level facets of several five-factor models. In: Mervielde, I., Deary, I., Fruyt, F.D., Ostendorf, F. (eds.) Personality Psychology in Europe, vol. 7, pp. 7–28. Tilburg University Press, Tilburg, The Netherlands (1999)Google Scholar
- 3.Greenwald, S.J., Olthoff, K.G., Raskin, V., Ruch, W.: The user non-acceptance paradigm: Infosec’s dirty little secret. In: Proceedings of the 2004 New Security Paradigms Workshop, Nova Scotia, Canada, September 20-23, pp. 35–43 (2004)Google Scholar
- 4.International Personality Item Pool. A scientific collaboratory for the development of advanced measures of personality traits and other individual differences (2001) (Last visited: 1 June 2005), http://ipip.ori.org/
- 5.Johnson, J.A.: IPIP-NEO narrative report (2005) (Last visited: 1 June 2005), http://www.personal.psu.edu/faculty/j/5/j5j/IPIP/shortipipneo3.cgi
- 7.Rogers, M.: A Social Learning Theory and Moral Disengagment Analysis of Criminal Computer Behavior: An Exploratory Study. PhD thesis, University of Manitoba (2001)Google Scholar
- 8.Shaw, E., Ruby, K., Post, J.: The insider threat to information systems: The psychology of the dangerous insider. Security Awareness Bulletin 98, 1–10 (1998)Google Scholar
- 9.Whalen, T., Gates, C.: Defender Personality Traits. Technical Report 2006-01, Faculty of Computer Science, Dalhousie University, Halifax, NS (2006)Google Scholar