How Our Need for Interpersonal Connection Can Put Us at Risk
Our social needs make us vulnerable to cyber threats.
What’s the weak link in cybersecurity? Us. Our need for interpersonal connection with other humans is a major driver of cybersecurity vulnerabilities. John Hackston of The Myers-Briggs Company discusses how bad actors may exploit these interpersonal needs and how we can reduce risk by becoming aware of them.
To a greater or lesser extent, we all have a fundamental need for interpersonal connection with other human beings, and this is something that cyber-criminals can play off. However, understanding those interpersonal needs and motivations in ourselves and others can help avoid security risks.
Interpersonal Needs and the FIRO Model
The FIRO (fundamental interpersonal relations orientation) framework is a useful tool for understanding interpersonal needs. It looks at three dimensions:
- Inclusion: our need to belong, to be included or involved, and to include others
- Control: the extent to which we try to influence and control others and how much we want clarity and boundaries from others
- Affection: our need for connection and intimacy with others on a one-to-one basis
For each of these areas, the FIRO assessment measures two different things. First, how much of that need is “expressed” to others, or how much of that behavior we initiate to others. Second, how much of that behavior is “wanted,” or how much we want others to initiate that behavior toward us.
Expressed Inclusion, for example, describes how much we try to include other people in our activities. Wanted Inclusion, on the other hand, measures how much we want from others. How much do we need other people to include us in their group and involve us in their activities?
Or, consider the need for Control. Expressed Control is the extent to which we try to influence and control others, and Wanted Control describes how much we want to be in an environment that provides us with structure and clear boundaries.
Expressed Affection describes how much we try to be warm and friendly to others, and Wanted Affection describes how much we want others to be warm and friendly to us.
That gives us six basic FIRO scores that describe our needs for interaction with other people:
- Expressed and wanted inclusion
- Expressed and wanted control
- Expressed and wanted affection
And we can have a high, medium, or low score for each of these six areas.
Each of us will look to meet our interpersonal needs, especially those with a high score. Where such needs are not being met, we may become vulnerable to cyber-attacks. For example, someone with a high score for Wanted Inclusion may be more vulnerable to ‘social engineering’ styled attacks in which the perpetrator uses social manipulation to gain and exploit the victim’s trust.
See More: 4 Key Lessons to Learn From ChatGPT’s Vulnerabilities
Six Cybersecurity Vulnerabilities
However, if we know our FIRO profile, this can help us to identify and guard against our vulnerabilities. In the following section, let’s explore how each of these six areas can create vulnerabilities in terms of cybersecurity.
1. Expressed inclusion
Someone who scores high in this area typically wants to include others in their activities. They take the initiative to find out about others and, more often than not, choose to work with others and in teams. This may create the temptation to give away too much information and/or include too many people, risking the compromise of sensitive information.
Someone with a low score in this area typically chooses to work alone, keeping a low profile and limiting contact with others. In some instances, this may lead to such a degree of isolation that this individual is specifically targeted by cyber-criminals, who may view them as easy prey due to a lack of the normal checks and balances from co-workers.
2. Wanted inclusion
A person with a high score along this dimension wants to be included and a member of the team. They typically find ways of being noticed and want to fit in. This may create vulnerabilities, such as being drawn in by cyber-criminals posing as co-workers and giving away information out of a desire to fit in and be included.
On the other hand, someone with a low score along this dimension keeps work and friends separate and is selective about getting involved in groups. While the tendency to keep work and social life separate is likely to help with cybersecurity in many instances, it also can prevent them from being privy to informal discussions regarding specific cyber threats that may be present.
3. Expressed control
A person with a high score in this area often wants to control and influence others and frequently takes on leadership roles. This may create vulnerabilities as they may establish structured processes, which – though helpful in some areas – may also influence others to do the wrong thing if these policies are in error.
Those with low scores in this area typically do not feel the need to influence others and, when in leadership positions, tend to adopt a hands-off style. This may create vulnerabilities, such as not keeping sufficient control over cyber-security processes.
4. Wanted control
People with high scores in this area want structure and clarity and defer to the wishes and requests of others. They may be vulnerable to persuasion from cyber-criminals, especially those appearing to represent authority.
Those with low scores in this area tend to be autonomous, self-sufficient, and resistant to being controlled. Their vulnerabilities may include thinking they know better and questioning or ignoring cyber-security processes. They may avoid supervision and do their own thing.
5. Expressed affection
Those with high scores along this dimension often make an effort to be warm and friendly to others and show appreciation, reassuring and supporting colleagues. Consequently, their potential vulnerabilities may include readily sharing their personal opinions and feelings, which could leave them open to attack.
Those with low scores along this dimension are business-like, task-focused, self-contained, and can appear aloof and distant. This may lead to vulnerabilities such as becoming isolated and therefore, a target for cyber-criminals.
6. Wanted affection
Those with high scores in wanted affection often want others to be warm and friendly to them. They accommodate others and can find it difficult to say ‘no.’ As a result, they may exhibit vulnerabilities, such as being too helpful to outside agents and not saying ‘no’ when they should.
On the other hand, those with low scores in this area are often very selective about close relationships, need little support from others, and have no problem in saying ‘no.’ This may yield vulnerabilities such as a potential lack of close relationships in the workplace, which in some cases may leave them without the benefit of the ‘check’ provided by a trusted co-worker who can provide advice regarding dangerous situations.
See More: Top 12 Routinely Exploited Vulnerabilities
Guarding Against Attacks
The potential vulnerabilities described above are just that – potential. By knowing our interpersonal needs, we can identify where the dangers are and adjust our behavior accordingly. For technology leaders, it’s important to understand two things.
First, everyone is different, with different needs and vulnerabilities, and a one-size-fits-all solution will never succeed. Second, building self-awareness amongst employees will help them identify and take action on their cyber-security vulnerabilities.
How are you ensuring cybersecurity for your employees without affecting interpersonal connections and collaboration? Share with us on Facebook, X, and LinkedIn. We’d love to hear from you!
Image Source: Shutterstock
MORE ON CYBERSECURITY
