In 2017, Richard Thaler and Cass Sunstein, the founding fathers of 'nudge theory', received the Nobel prize in Economics. The essentials of nudge theory can be summed up in a few bullet points:
- nudges are tiny hints or changes which suggest that one follow a certain direction, but leave all of one’s options open;
- a default option is a very powerful nudge, as it requires one to actively object to it to choose a different path;
- states and other large institutions can use nudges to improve whole societies.
The main New Year’s resolution of itrust consulting for 2019 is to incorporate nudging to the benefit of our customers’ security needs.
The main issue is that people decide emotionally without rationally considering security. Efforts to improve security take attention and resources away from their core business. Moreover, people have a strong tendency to reject constraints and authorities, as these give them the impression that they have lost the power to decide. Nudging rests on the idea that most decisions are actually taken unconsciously.
'Nudging for security' means therefore to prepare the environment so that people unconsciously, but freely, choose the right option for themselves and their security. A nice example of this are the privacy-by-default requirements of the GDPR. It is now up to us to come up with - and implement - others for our customers.
As a consequence, itrust consulting wishes to employ a social scientist
to assist in this approach.
Happy nudging for better cybersecurity!