The National Academies Press

Currently Skimming:

Decision Making Under Uncertainty--Rose McDermott
Pages 227-242

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 227... ... Several specific classes of psychological biases tend to plague decision makers confronting uncertainty. In the case of cyberattack, the tendency for aggression to become heightened in anonymous cir cumstances raises the risk for unnecessary confrontation, and processes of social contagion intensify the time pressure under which leaders may have to operate. Read the entire page →
From page 228... ... These desires, however normal, can lead to systematic biases because they encourage decision makers to fit a novel situation into a pre-existing theoretical category, which then serves to shape and structure incoming informa tion in ways which conform to those pre-existing beliefs. For example, they readily accept information which conforms to those beliefs without sufficient interrogation, they reject intelligence which refutes those ideas without investigation and they interpret ambiguous information in ways which conforms to, and supports, those pre-existing ideas (Lord, Ross & Lepper, 1979) Read the entire page →
From page 229... ... Deterrence depends on a credible threat to respond and deny the adversary any advantage from an attack, and yet such an ability requires decision makers to clearly give and receive clear signals of intent and capability. In the context of nuclear weap ons, Jervis noted the many psychological obstacles that might prevent leaders from properly evaluating the opponent's values, credibility, or perceptions; all these calculations provide the basis upon which reliable deterrence depends. Read the entire page →
From page 230... ... In current discussions, defense tends to solicit most of the attention, with a lot of effort going into passive efforts, such as establishing anti-virus software, firewall protection, or improving password strength and encryption. However, these strategies can often create the very problems they are intended to prevent, as occurred with the recent McAfee security update error which precipitated a global crash of tens of thousands of PCs.1 Active defense work, which in the case of cyberattack may involve some kind of offensive counter-attack, but could also include more typical police investigation strategies, is also available to leaders. Read the entire page →
From page 231... ... Even if investigators find a particular location, they may never be able to locate the computer which launched an attack, as for example might occur if a Starbucks with open wireless networks served as the instigating location. Plausible deniability results from the very real possibility that a given computer was hacked and taken over by another with no knowledge on the part of the host about the nefarious activities his machine subserved. Read the entire page →
From page 232... ... Indeed, one of the sequelae of premature cognitive closure in the face of threat is that leaders will be more prone to assume threats will emerge from places where they have seen similar attacks emanate previously. If a secondary attack closely followed the one launched against Google, assumed to originate from China, it would be much easier for decision makers to assume that the subsequent attack similarly emerged from China. Read the entire page →
From page 233... ... Judgment refers to those assessments about the likelihood that a certain event or person belongs in a particular category, or probability of a particular event occurring in the future, for example. These judgments primarily constitute assessments of an objective reality about the real external world. Read the entire page →
From page 234... ... And even if malicious intent appears clear, the category of intrusion can matter in making decisions about how to respond: Is the intruder after money, information, or seeking to cause destruction? Each of these kinds of assessments requires placing individuals or actions within particular categories whose base rate probability remains unknown or unclear. Read the entire page →
From page 235... ... Other Social Psychological Processes: Anonymity, Social validation, and Contagion Effects In their astute analysis of some of the social psychological effects which fed the First Internet War, which involved a distributed denial of service attack on Estonian government sources for several days in early 2007, Guadagno, Cialdini, and Evron (2010) pointed to several significant social psychological factors which, while not unique to cyberspace, certainly have effects which can be magnified within it. Read the entire page →
From page 236... ... Furthermore, the rapidity and broad reach of the Internet potentiates and speeds the influence of social validation and contagion effects. Social validation effects grow out of an adherence to the group norms which dominate and persevere in deindividuated environments such as those which rule the Internet. Read the entire page →
From page 237... ... Sophisticated actors can generate social movements to engage in dedicated denial of service attacks by hitting upon emotional appeals that motivate myriad respondents to take action; contagion effects then operate to recruit enormous amounts of labor instantaneously. One of the most important aspects of these social psychological phenomena and processes, includ ing those related to attribution, is that targets and observers are unlikely to know about, become aware of, or understand these processes or how the work. Read the entire page →
From page 238... ... CONCLuSIONS Clearly, the risk of cyberattack, like other forms of terrorism, poses an important challenge for future decision makers. The traditional notion, built around kinetic weapons, of using deterrence to prevent an attack may not prove a viable strategic model because it rests on assumptions of rationality that do not reflect accurate notions of human decision making capability. Read the entire page →
From page 239... ... Third, many social psychological processes, includ ing anonymity, deindividuation, social validation and contagion effects, work to enhance the prospects for terrorist entrepreneurs to recruit followers to engage in destructive processes, including dedicated denial of service attacks. Careful thought should go into the best way to mobilize similar public forces in service of the national interest; greater public awareness of the stakes in simple, emotional language (i.e. Read the entire page →
From page 240... ... Given what we know about the psychological propensities to which individuals appear prone, what mistakes are leaders most susceptible to making in the area of cyberattack, as opposed to another realm? The two most significant relate to anonymity, and its tendency to increase aggression through processes of deindividuation, and social contagion, because of the speed and extent of spread which can occur on the Internet. Read the entire page →
From page 241... ... 1995. A social identity model of deindividuation phenomena. Read the entire page →

From page 227...

... Several specific classes of psychological biases tend to plague decision makers confronting uncertainty. In the case of cyberattack, the tendency for aggression to become heightened in anonymous cir cumstances raises the risk for unnecessary confrontation, and processes of social contagion intensify the time pressure under which leaders may have to operate.

Decision Making Under Uncertainty--Rose McDermott Pages 227-242

Decision Making Under Uncertainty--Rose McDermott
Pages 227-242