Recent Posts

Blogroll

Blog powered by TypePad

« Security, Static Analysis and Building a Great Team | Main | Security > 140 Conversation with Chuck Mortimore »

Anchoring

Anchoring is a very subtle and powerful bias. Here is an interview with Jason Zweig on his book Your Money and Your Brain and how anchoring affects decision making

 

The biggest surprise is that people don't know why they do the things they do. This can get us into trouble when it comes to making financial decisions. Take anchoring, for example. Anchoring is a psychological phenomenon that says that whenever you have a number in mind, it will influence your judgment. In one experiment people were asked to spin a wheel of fortune. After it landed on a number they were asked whether the percentage of nations in the UN was larger or smaller than that number. When the wheel of fortune landed on 10, people estimated that 25% of the members of the UN were African. When it landed on 65, they estimated that 45% of the countries in the UN were African. If you asked them why they came up with the number, they said it was their best guess. But clearly the wheel of fortune had an enormous influence. Anchoring is everywhere in the financial markets. When a stock goes to $100 and splits 2 for 1 so that you now have two shares worth $50 each, you naturally expect both shares to go back up to $100. Anchoring informs a lot of our decisions even though we think it doesn't. When professional auditors were asked whether the incidence of fraud is greater or lesser than 10% and then asked what they thought the actual incidence of fraud was, they gave a number that was close to 10%. But when they were asked if it was greater or lower than 1%, they picked a lower number. When asked why they picked that number, they talked about their experience and how many frauds they've encountered. They had no idea their number came from being anchored. Another disturbing problem is familiarity. Individual investors are very prone to this. It's why people put too much money into their own company stock. Financial advisors are prone to this too. Both anchoring and familiarity are examples of unconscious bias. Unconscious bias has led me to become much more skeptical about my own limitations. It caused me to get rid of all my company stock.

We have this problem in spades in infosec. Brian Chess said in our chat that judging by the way infosec people reacted to recent attacks it sounded like they were trying to defend the world against Code Red.

The threat in people's mind is anchored one way, but the reality marches on. 

Inevitably when I show the firewalls + SSL chart, an infrasec person takes it personally and says " are you crazy - we need firewalls!" Of course, they're necessary but they're not sufficient to deal with thee real threats of today nor should they occupy the top budget line item just because they did in 1995.

June 24, 2011 in Security |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451c75869e201538f6945bb970b

Listed below are links to weblogs that reference Anchoring:

Comments

The comments to this entry are closed.