Who makes better cybersecurity decisions, men or women?

Unfortunately, it’s very common to assume that when women are stressed they are more emotional or that they rely more heavily on intuition or hunches. (If you agree with this notion, spoiler alert – you are wrong…. LOL) Then you’re probably going to rely more heavily on men, not women, in high pressure, high risk situations.  I guess I don’t have to point out that cyber security, and incident response in particular, is full of high pressure, high risk decisions – and you may want to dig a little deeper to get the right person for the job.

The research shows that women are just as data-driven and analytical as men in decision making. In fact, in high pressure situations they are often even more analytical than men. In a sample of 32 studies that looked at how men and women thought about a problem or made a decision, 12 found that women adopted an analytical approach more often than men.

It’s counter intuitive to our cultural conditioning, but the research shows that women systematically turned to the data while men were more inclined to go with their gut, hunches, or intuitive reactions. The other 20 studies found no difference between men and women’s thinking styles. None of these studies found that women tended to be more intuitive than men in their decision-making styles.

The men reading this article probably find this hard to believe. Well, here’s more detail on this research. Mara Mather, a neuroscientist at the University of Southern California, and Ruud van den Bos, a neurobiologist at Radboud University in the Netherlands, both found that men under stress are more eager to take risks. They’ve found that men tend to become laser-focused on rewards when cortisol levels run high, even if that reward has only a tiny chance of materializing. When the pressure is on and there’s a small chance of a highly rewarding outcome, men are more inclined to gamble.

In contrast, when you put women in the same stressful situation that bumps up their cortisol levels and ask them to make the same decision, they behave differently. Mather and van den Bos found when women’s bodies were undergoing a strong stress reaction, they took more time weighing the contingencies. Instead of becoming emotional or acting on hunches, become analytical and risk-aware! 

This research doesn’t mean that one strategy is necessarily better than another. And we can’t necessarily translate lab-based research into practical application in day to day business operations. However, I do think this research raises some interesting questions about the unique strengths women can offer in technology teams and cyber security specifically. 

At a minimum, this research offers a very valid reason to set specific, measurable goals around building diverse teams that include both men and women. Especially when high-risk decisions are being made, we need both genders in the room because these two approaches balance one another and the resulting decision will be stronger because it incorporates different approaches.

Remember – we are all in this together!

Cheers!  Tammy