Nordstrom was hit with a breach a couple of years ago when a contracted employee mishandled data. Today’s columnist, Tony Pepper of Egress, says even companies with the best security awareness programs can experience a breach when staff or anyone else with access to sensitive data becomes overconfident about security. (SounderBruce/Credit: CC BY-SA 2.0)

The phrase “a little knowledge is a dangerous thing” rings true today whenever we see someone whose misplaced confidence, despite incomplete understanding, leads them into trouble.

Behavioral psychologists call this phenomenon the Dunning-Kruger effect, when people with a low level of knowledge dangerously overestimate their skill and make errors as a result. This effect partly answers one of the most enduring conundrums in cybersecurity: why do people keep clicking on bad emails, causing email data breaches? 

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.