Behaviour detection

Managers and supervisors should spend more time detecting changes in human behaviour.

The "beagle boys" from the Donald Duck comic can be recognized by the prison outfit complete with number. Still confusing because a nose has nothing to do with the length of other body parts and unlike the daily prison stay, the beagle boys also wear a mask. That just to emphasize the criminal nature, according to Disney.

But is it a gut feeling, an instinct or demonstrably deviant behaviour the guiding principle?

Someone who perspires is insecure, as is someone who blushes. A nervous twitch indicates stress and a dry mouth ... Who does not know the prejudices. If only that "blueprint" was always so clear. If only a glance could be enough to translate the stereotypes and behaviours. In an IT-driven world, it could be assumed that a device has been developed to translate such behaviours and support conclusions. Due to its margin of error, the lie detector cannot be legally used everywhere. But is it a gut feeling, an instinct or demonstrably deviant behaviour the guiding principle? This is difficult with regard to deviant behaviour. Because what is deviant behaviour? What applies to one, does not apply to the other.

In application processes, especially for intelligence positions, applicants are pressured in various ways. This can be time pressure (including too many questions in too short a time or too short a preparation time), but also by means of a knowledge gap, whereby the applicant receives just (not) enough information to perform a task. That pressure ensures that the applicant goes to the basic nature of himself and shows his strengths naturally. It ensures that desired or rehearsed behaviour can be used less. The applicant demonstrates his most highly developed competencies and converts these into skills (skills you need to perform, which are learned through training and are the ability to find solutions). Man by nature exhibits instinctive or automatic individual behaviour. A kind of "safe" trading, built up over the years from own experiences. Everyone in their own way. So in order to observe "deviant behaviour", individual basic behaviours (not group behaviour) of a person will first have to be studied. A kind of zero line is established. Then something can be qualified as deviant individual behaviour. The system of explanations of behavioural styles by means of Life Orientations© or Rose van Leary©, among others, can make knowledge about behaviour more transparent.

Doesn't some kind of gut feeling work better? David McClelland's Iceberg Model can be used as a kind of guide to understanding the reasons and needs of someone that are not directly visible or identifiable in a conversation. (McClelland compared a human's behaviour against need, with 10% above and 90% underwater). All behaviours in that 10%; verbal, non-verbal and vocal, is what we see and hear, what can be perceived. So with short contacts it remains "what you see is what you get". Based on the honesty in people, there is no reason to examine behaviour, unless...

Anyone who has ever flown to America knows that a queue is formed at the gate before boarding. Everyone is checked in advance for their passport and ticket (boarding card), or so it seems. Initially, there is a search for abnormal behaviour in the queue (predictive profiling). A tool to stimulate behavioural changes and disrupt expectations. If the traveler thinks they have prior knowledge of such a process, that thought can be disturbed if that queue is missing and some other check-in mechanisms are used. If prior knowledge of the travelers business is disrupted (shifting expectations), reverting to basic, natural, "improvised" behaviour is the first step of action. That behaviour can be observed. In this way, people can be identified who pose a potential risk.

Companies that operate internationally will be the first to be potential attack targets. It is evident that it is no longer just about IT break-ins (Data Hacking). The arrows focus more on personal contacts, errors and sensitivities. (Cyber) crime goes hand in hand with "Human Hacking". Many leaks in coorporations demonstrate that staff is an easy and perhaps cheap entry into the company or organization. The data was within reach of personnel who shouldn't have access to it. "Tie the cat to the bacon," "opportunity makes the thief" are the proverbs that fuel "insiders threat". But is this a novelty? Is managing staff accompanied by a kind of resignation, detachment or looking away? Do managers put enough energy into interacting with their staff. Are management training courses adequate and capable of recognizing Social Engineering (hacking of personnel)? Is knowledge about behavioural changes emphasized enough? Or the solution lies in the compartmentalization of the company. Possibly in stopping the exchange of international knowledge and the exchange of students.

Companies that operate internationally will be the first to be potential attack targets.

The cautious conclusion can be drawn that companies and organizations that are not committed to protecting personnel from human hacking attacks are a potential target for cyber attacks in general. Despite the efforts to increase knowledge in the field of IT, data protection measures and awareness of phishing mails, etc. The reverse is proportional. Where a security is visible (airport and event security), this gives a possible feeling of security, as a result of which, once within the boundaries of security, a weakened alertness occurs.

In order to reduce the risk of incidents, an adjusted interpretation or redefinition of the term 'cyber security' will have to take place.

In order to reduce the risk of incidents, an adjusted interpretation or redefinition of the term 'cyber security' will have to take place. Broadly speaking, proportional attention should be paid to Data and Human hacking in order to obtain a balanced knowledge of attacks. In the empirical world the adage applies; "The whole is more than the sum of its parts" (Gestalt). But what if you as an individual are part of that sum. And imagine if you cannot tell whether the attack that you "unwitting" is undergoing is part of a larger whole.

The principle of obtaining more knowledge about behaviours and their detection is essential to increase behavioural recognition methods. In addition, it is important to develop confidence in your own intuition. Practice makes perfect in this still undeveloped area. The stay, in whatever environment, can lead to more safety. One becomes familiar with behaviours that can be normal or deviant in an environment in which those behaviours are displayed. It is therefore important to be able to detect changes in behaviour by managers and supervisors. Once established, it is important to find out where those changes come from. This helps the staff to stay "on track" and in other cases gives a proper sense of attention.