Social Psychology Report

Social Psychology Report
Intrusion Motives / Hacker Psychology
Cyber-forensics and psychology indicate that hacking culture is associated with neurological conditions. The motives of hackers are to minimize the consequences of their activities and believe that their actions are a good service to the community and this is named “Robin Hood Syndrome” (Woo, 2003). At the same time hackers dehumanize the problem and blame the sites they attack. Furthermore, since hackers minimize human contact, they consider hacking a “game” where serious consequences can be ignored.
Classification of Hackers
Hackers can be classified as cyber-punks, crackers, coders and virus writers, and old school hackers. My Citi Bank Group experience a cyber-attack whereby banking account information of over 360,000 users whereby their names and account numbers were legally accessed by hackers. This led replacement of many ATM cards.
Cybersecurity Policy in Relation to Employees
Cybersecurity policy is what relates to employee behavior at work, especially online. Security policy can be applied to an employee by making it clear (through regular training sessions on cyber security) that if employee details are exposed and left unprotected online, a hacker could use it to compromise the security of the organization, infect the networks with malware, and cause massive loses to organizational data. For example, a security policy on effective password management. This will require all employees to use passwords that require a combination of characters (lower case, upper case, numbers and non-numeric characters); with an aim to safeguard employee and company online information.
Separation of Duties Policy
This is a security control procedure that requires more than one person to complete any given task and is used to prevent conflict of interest, fraud, abuse, and errors. It also helps in detecting control failures including attempted breaches and information theft. For example in my organization Citi Bank, a Clerk prepares a voucher and assigns an account, then a supervisor approves the voucher and account; a check is issued by another clerk. None of the mentioned persons can execute the entire process alone.
Redundancy and Diversity in Relation to Cybersecurity
Diversity and redundancy are core applicable principles for fault tolerance against accidental faults. Arguably, redundancy without diversity is seen as useless against any form of systematic attack, and diversity is not viewed with respect. Essentially, redundancy and diversity are applicable to intrusion detection, especially in a probabilistic approach (Littlewood & Strigini, 2004). In my organization Citi Bank, redundancy and diversity is used to implement cyber security through a defence-in-depth approach that addresses any known threats, whereby security layers are reinforced that slows down the potential of attacks that are in progress, as well as prevent them.
Access Control Mechanisms and Employee Productivity
With introduction of numerous access control mechanisms, employees are likely to feel that additional security measures negatively impact on their ability to work; for example, a requirement to log in on a Virtual Private Network or the ability to remember multiple lengthy passwords is quite inconveniencing and impacts on their productivity. Consequently, when employees feel inconvenienced by “too many complicated passwords” they might choose to try and circumvent the security and this is dangerous to both data and systems. Furthermore, every new resource introduced at the workplace requires a new password and this complicates issues. Even for the choice of passwords, the security systems require an inane combination of characters including numeric, alphanumeric, and sign characters, hence making life difficult for users and affecting productivity (Covington, 2015).

References
Covington, R. C. (2015). Information Security and Employee Productivity: How to achieve a security operation without weighing down your employees. Retrieved from https://www.csoonline.com/article/2984123/security/information-security-and-employee-productivity-in-conflict.html
Littlewood, B., & Strigini, L. (2004). Redundancy and Diversity in Security. Lecture Notes in Computer Science, 3193, 423-438.
Woo, H. (2003). The Hacker Mentality: Exploring the Relationship Between Psychological Variables and Hacking Activities. Retrieved from https://pdfs.semanticscholar.org/3302/e173939ae434ad30f91d4c60d69f5e4a05e3.pdf