Within the first few minutes of chatting with Aaron Kay, he tells me about a person close to him who fell prey to a cyber scam and lost money â a story that is as devastating as it is ubiquitous. Nowadays, everyone has a friend or loved one who has been hacked or defrauded online, myself included. The FBI puts a number to our collective anecdotes: a record 847,000 complaints of internet crime reported in 2021, with potential losses exceeding $6.9 billion.
â
Itâs no stretch to say that cybercrime has become one of the most pervasive and pressing societal issues we face today, which is exactly the type of thing that Kay gravitates towards as an academic researcher and social psychologist at Duke University.
â
âIn general, all of my research has been motivated by what I see as social problems,â Kay said. âWhen I see a problem that frustrates me, I get very interested in it from an academic perspective.â
â
This has led Kay to examine a broad range of large-scale societal issues throughout his career: social justice, political extremism, organizational behaviors, and beyond. As he explains it, his approach is to try to understand widespread societal issues from a cognitive, social psychological level in order to inform interventions and solve problems at scale.
â
Now, as an advisor to Nudge Security, Kay will apply this lens to the realm of cybersecurity, supporting our efforts to transform the human element of security. In this capacity, Kay will help guide Nudge Security to use scientifically-backed methodologies as we build technology solutions.
â
He describes what drew him to the role â
â
âNudge Security is trying to solve a huge problem in cybersecurity, using psychology and social psychology embedded in technology,â Kay said. âWhen someone contacts me because they actually want to integrate psychology expertise into what theyâre building, it makes me very excited about what the company is trying to do, especially if it's in the domain of fixing some sort of large social problem.â
â
That social problem, as we described it in this blog post, is that cybercriminals have become masterful at exploiting our personal biases and vulnerabilities to launch attacks. AI-powered bots flood social media platforms with misinformation. Threat actors like Lapsus$ use phishing attacks and even bribe employees to breach major organizations like Microsoft, Okta, and T-Mobile.
â
Itâs clear that traditional security measures are not enough to protect against these types of threats. To truly secure our digital world, we need to truly understand how people think and behave, so that we can design better security systems that help guide people towards better security decision-making and online behaviors.
â
As Russell Spitler, co-founder and CEO of Nudge Security puts it, âthe last thing organizational security leaders need is yet another security vendor making promises to solve a cybersecurity problem with some magical technology or an unscalable process.â He continues, âEspecially as it relates to employeesâ security behaviors, we have far too many âsolutionsâ in the market that, in reality, lead to completely counterproductive outcomes like cybersecurity fatigue and resistance. Â Solutions to this problem must start with a foundation in scientific research.â
â
âWe are thrilled to have Aaron Kay, a preeminent scholar in the fields of social psychology and organizational behavior, as an advisor to Nudge Security,â said Spitler, âWith Aaronâs leadership, we will take advantage of decades of leading-edge research and best practices from these fields to tackle one of the most pressing challenges in cybersecurity and society at large.â
â
Aaron joins a roster of advisors announced last month as part of our seed funding announcement with Ballistic Ventures. He joins advisors Kunal Anand of Imperva, Prevoty and Nicole Perlroth, New York Times cybersecurity journalist, best-selling author, and advisor to CISA.
â
We recognize that creating transformational change in cybersecurity will require a wealth of diverse perspectives and expertise from within and external to the industry. Thatâs exactly what we aim to assemble through our team advisors, funders, employees, and early access development partners.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
Block quote
Ordered list
Unordered list
Bold text
Emphasis
Superscript
Subscript