Opportunity Cost of Action Bias in Cybersecurity Incident Response
Event Type
TimeWednesday, October 12th4:30pm - 5:30pm EDT
LocationPoster Gallery
DescriptionThe hours and days immediately following the discovery of a cyber intrusion can be stressful and chaotic for victims. Without a documented and well-rehearsed incident response plan, people are prone to costly fear-based reactions. Action bias is the human tendency to favor action over inaction. It feels better for victims to do something even if rushed decisions are suboptimal to thoughtful, careful alternatives. Furthermore, the null baseline of doing nothing or watchful waiting can sometimes be advantageous. This paper describes an application of opportunity cost to action bias. While these insights are not yet backed by empirical data, this is the first work to examine the intersection of opportunity cost with action bias in cybersecurity incident response. Using Sony Pictures Entertainment as a case study, we discuss the implications of opportunity costs from acting prematurely and, conversely, the opportunity costs of waiting to act.