• United States




Conspiracy theories and cognitive dissonance…and how to combat them

Jan 23, 201913 mins
Data and Information SecurityIT Leadership

Can information security leaders help overcome the challenges wrought by a public that's increasingly ready to believe – and act on – even the wildest conspiracy theories?

Conspiracy theories have become incredibly popular with the ascendance of the  internet and social media. They attract the disenfranchised and those who can’t understand this rapidly changing world. They do so by providing communities to others that validate their feelings, and provide answers, no matter how untrue. This leads to cognitive dissonance, or the refusal of facts. Our role is to be those strong leaders who can overcome these challenges and change the perception of information security to address why this happens in the first place.

What is a conspiracy theory?

A conspiracy theory, according to Google, is a “belief that some covert, but influential, organization is responsible for a circumstance or event.”  Before the internet or mass communication, conspiracy theories were often dismissed or isolated. Starting with the advent of bulletin board systems and the internet, they now spread quickly.

An example is the Oklahoma City bombing in 1995, which had all sorts of theories posited on the nascent internet of multiple conspirators, that other entities and people were helping the bombers…including John Doe #2, who was theorized to be any number of people. The Columbine school shooting in 1999, where there were also theories of multiple conspirators outside the two gunmen, is another example.

Modern examples – Art Bell, Alex Jones and Dr. Andrew Wakefield

The radio show Coast to Coast AM, which was hosted by the late Art Bell, was known as a show about the paranormal and conspiracy theories where people could offer their opinion without fear of ridicule and was broadcast late at night across the US. Bell’s obituary on, discusses his distinguished career.

Guests could include the distinguished theoretical physicist Dr. Michio Kaku, singer Crystal Gayle and the late Father Malachi Martin, an exorcist from the Catholic Church. There were no screeners like on other popular radio talk shows, and sometimes this led to very strange calls. One such hoax happened when someone claimed to be a former Area 51 employee that escaped and was forewarning about several upcoming disasters caused by beings from another dimension masquerading as extraterrestrials. That was followed by a still-unexplained 30-minute outage and was memorialized by the band Tool as the song “Faaip de Oiad” on their album Lateralus.

A frequent guest was Alex Jones, who found a willing audience in Coast to Coast AM’s and used it as a springboard to sell his products and radio show. While Art Bell was patient, allowed people their time and asked relevant and probing questions, Alex would associate everything with a series of conspiracy theories, and rant about the upcoming “new world order.” His act is designed to convince his audience that there are shadowy organizations controlling everything, and that he can help them overcome the oppression of the new world order and the methods they are putting in place to control the population. This includes not believing anything the government tells you, that the people telling you what to believe are part of the new world order and everything is to be questioned.

Alex Jones is only one of many conspiracy theorists who have found a willing audience. The former Dr. Andrew Wakefield, who was caught falsifying a study that directly correlates vaccination with autism, stoked the fires for the anti-vaccination movement. Believers now include a large amount of government officials at all levels. This is a gigantic refutation of science and the scientific method, and it doesn’t take long to find people believing in these theories on Facebook.

In several cases, this has caused real-world harm. One of Alex Jones’ believers attacked a pizza shop in Washington, DC, with a gun because he heard children were being held there on his radio show. Others have relentlessly harassed the parents of the children who were murdered at Sandy Hook Elementary School, thinking that they were “crisis actors” hired by the government to stage that massacre. Still others put up websites and commiserate online to discuss conspiracies and the “evidence” they have.

How did we get here?

What brought us to where seemingly more people than ever believe conspiracy theories? Technology has certainly played a role, having led us to a point where people feel more alone and isolated than ever. Many also feel like they’ve been left alone without explanations for what has happened. There are feelings of uncertainty, lack of trust and anomia (better known as anomic aphasia), which is where people cannot find words to express names of common objects. Ted Goertzel from Rutgers University Camden covered this in his 1994 paper, “Belief in Conspiracy Theories.”

The transformation of society over the past 25 years since the ascent of the internet has been incredibly dramatic. While to many this may be normal, it’s had the side effect of introducing significant change to the world. Old norms such as telephones, social gatherings and social interaction have permanently changed.

Businesses have also completely changed, and entire categories of jobs have either been eliminated or altered due to increased computerization. This has led an entire segment of the population feeling left out and not able to keep up…and that there’s no one there to protect them. Conversely, formerly isolated communities, such as caregivers of special needs children and agoraphobics, now have homes on social media.

At the same time, the internet has greatly expanded the reach of what were once generally considered fringe figures and effectively given them a megaphone. Platforms such as Facebook, Twitter, YouTube, Pinterest, WhatsApp, Telegram and Discord have eclipsed bulletin boards and message boards as the place to gather to learn information. We’ve given people platforms to speak, and algorithms that find like content to keep them engaged. It’s very easy to get people to fall down some quasi-intellectual rabbit hole.

We’ve left people susceptible to conspiracy theories because we’ve built technology platforms to help people communicate but haven’t addressed the root causes of communicating changes in this changed society. The past 25 years has, perhaps more than any other time in human history, seen rapid change. Many people don’t understand the new acronyms, methods of accomplishing tasks, computers, the internet, cloud computing, or online shopping. Many more see their local shopping centers and downtown districts – often with stores such as Sears, JC Penney or K-Mart that have been there for 50+ years – suddenly close. People are out of jobs. They get healthcare and don’t understand how to deal with managed care, explanations of benefits or other information.

The world has changed, and adaptation is very complex for many, especially when there’s no guide. This leaves people angry, alone, frustrated and searching for an explanation or an answer as to why they’re in the situation they’re in. Conversely, some are so tied into the online worlds they’ve been sucked into that they don’t understand the social mores of the world outside of the computer.

There are always online communities that are welcoming, and while they cannot provide a rational, or even sensible explanation, they do provide a sense of belonging to those that feel isolated. They provide certitude and validation for their feelings and allow them to express anger. Many facilitate keeping them angry, and the engagement algorithms in social media help this significantly. They are dominated by strong personalities and leaders that take these people searching for answers and give them an explanation, no matter how far-fetched.

These communities substitute for what regular communities did before the advent of technology and provide islands of salvation in a sea of unknowing. The leaders provide fulfillment and acknowledgement that others do not.

What are the effects?

This, however, leaves them very susceptible to manipulation. These are mainly isolated people, and sometimes so desperate for human contact and validation that they will do anything to fit in and feel good. They believe strong leaders and want to be seen and recognized as good by them. They are fearful of doing wrong and feeling left behind and left out because of it. These people will ignore common sense, social mores and the inhibitors to susceptibility to continue to be a part of the community.

Social media has given the illusion that successful people do nothing wrong and live perfect lives, and this further marginalizes those who are already feeling isolated. Dehumanizing terms used by leaders and community members reduce those who do not share in the same world views as characters in a video game to be eliminated, or otherwise less than human.

As they believe they have been marginalized, dehumanized and felt like they have been usurped and had their voices removed, they seek to do the same to those pointed out as the conspirators against them. They want to feel validated, and that their views are validated. They see any opposition to the strong leader as an attack against someone who acknowledges them. These actions, however reprehensible they may be, serve in a way to empower and validate both the leader and them.

This has caused many attacks, both virtual and physical, on those who do not believe what the strong personalities and leaders say. We see this with numerous message board and comments section attacks and spam on opposing viewpoints. Memes, trolling, posting as a denial of service, posting offensive content and other attacks on others in social media are also consequences. We also see personal attacks such as “doxing” on people where they are attacked and harassed with the intent of causing harm to their personal lives. Charlottesville, unfortunately, was also a consequence of this behavior.

This is cognitive dissonance. Despite evidence to the contrary, people will believe what the leaders say no matter what the facts are. This is now personal. You are removing their validation and empowerment as people for their circumstances when you do. Any efforts to combat them with facts will result in further retrenchment.

Keeping these people angry is also a good cash stream. We’ve discussed in the past how angry people buy more. Keeping people in a vision where they are on their own, the government will not help and if they want help, they should buy products and services recommended by the leaders to help them feel safe and assured, is good business. Alex Jones, according to NY Magazine, made between $15 to $25 million over a two-year period between 2015 and 2017 selling nutritional supplements that were described by Labdoor, an independent testing lab in San Francisco, as being more expensive and less effective than the vitamins you can buy in any pharmacy.

What does this have to do with information security? 

Information security is a new field. Despite organizations like Citi and Cigna having people in security leader roles for many years, we are part of the change. Many of our customers don’t understand technology. They don’t understand security. They believe that technology is usurping their lives. There’s a lot of suspicion around technology and our teams. Our customers do not feel they are being listened to or validated. They do not believe that security has their best interests at heart. Often, security practitioners are viewed as having a “shoot first, ask questions later” mentality by the very people we’re trying to help. One only needs to look on Twitter to see the vitriol and anger heaped upon members of the community – often by fellow members, especially against women and minorities – for proof.

Tech, in general, has been characterized as being condescending and arrogant to end users. Customers don’t feel like they’re being listened to. They don’t have explanations for what processes are, and often we discount what they say and minimize their opinions. This causes people to search for communities that are more welcome and open, even if they say things that aren’t factual. People want to feel welcome, validated, recognized and communicated with.

When you combine this with the alphabet soup of acronyms we throw at them, the processes they may not be aware of, lack of uncertainty customers have with technology and rapid evolution of change, security is the least of their worries, and certainly isn’t top of mind.

Customers and users aren’t going to approach you if you don’t address these issues. They’re going to approach the welcoming communities that validate them. Even if they sell them snake oil or give them bad advice, it’s coming from a source more trusted than you are.

Many times, this comes from salespeople who are willing to listen and provide advice and products, even if they’re bogus. They can appear to address needs, even if they don’t. The billions spent on security software and services that don’t work are direct evidence of this. No matter what, if you aren’t listening or you’re being arrogant – even if you’re right – you’re not going to be believed.

Your customers aren’t going to trust you simply because you know what you’re talking about, or what you’ve done in your past. They’re going to trust the team or leader that’s willing to listen to them, validate their concerns, empower them and explain what’s going on. This isn’t once-a-year training or an engagement campaign. You need to have continual engagement with your customers and answer their questions. You need to deliver regularly and be visible as someone willing to be part of their community and answering their questions. Your team needs to reflect those values.

How do we fix this?

There is no quick fix for addressing the issues of people feeling marginalized, disengaged and willing to believe conspiracy theories above facts. They believe them because of an absence of engagement, lack of communication and uncertainty. They’re looking for people to be leaders and anchors who are willing to stand up for them, help them understand this strange new world and help them feel fulfilled and accomplished. It takes time and engagement to build that trust. It takes going outside of yourself and being that strong person, even if you don’t believe it yourself.

The numerous examples of toxicity in the tech community contribute significantly to imposter syndrome, where many people minimize or doubt their accomplishments and fear being exposed as a fraud. Melody Wilding, in her article, “5 different types of imposter syndrome (and 5 ways to battle each one), discusses a type of imposter syndrome called “The superwoman/man,” which is where people are convinced they are phonies among their real-deal colleagues, causing them to work harder than everyone else to convince they can measure up. The constant barrages of insults and attacks on credibility against members of the security community are evidence this is an issue we have to address.

The most important takeaway from her article is that no one should have more power to make you feel good about yourself than you. While the tech community is full of toxic people, don’t stoop to their level. Be that strong person for others. Don’t give in to hatred and toxicity. Build that trust and engagement and communicate better. Be the tech person you wish you had in your life, instead of the arrogant know-it-alls who blow off people and are not empathetic. Being strong, confident and willing to explain yourself to others isn’t being weak or an imposter. It’s helping bridge the gap that causes people to believe conspiracy theories and brings both yourself and them to a better place.


Mitchell Parker, CISSP, is the Executive Director, Information Security and Compliance, at Indiana University Health in Indianapolis. Mitch is currently working on redeveloping the Information Security program at IU Health, and regularly works with multiple non-technology stakeholders to improve it. He also speaks regularly at multiple conferences and workshops, including HIMSS, IEEE TechIgnite, and Internet of Medical Things.

Mitch has a Bachelor's degree in Computer Science from Bloomsburg University, a MS in Information Technology Leadership from LaSalle University, and his MBA from Temple University.

The opinions expressed in this blog are those of Mitchell Parker and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.