Most of us are more disinhibited online than we are in person. Without body language to express our feelings our actions are intensified. We’re angrier, flirtier, more direct and in many cases, less cautious with the information we share.

As a security company, we’re used to exploring the technical intricacies of security breaches. We speak to ethical hackers and CISO’s about the nature of enterprise attacks, yet we rarely consider the human factors that lead up to the event.
To learn more about how human behaviour impacts upon our attitude towards online security, we spoke to Nathalie Nahai, author of best-selling book Webs of Influence: The Psychology of Online Persuasion.

Convenience vs privacy

It’s 2017, and the technology we love is designed with convenience at the forefront.  Smart speakers are dominating our homes, biometric technology is growing increasingly popular and we’re reliant on technology to perform the simplest of daily functions. Is technology making us more lax with our security? Nathalie thinks it is.

When you get the offer of a one-click login for all these different services it’s incredibly enticing. We’re seduced by convenience.
We detach ourselves from the reality of the information we’re putting out to the world. The lack of mental effort means that we often don’t think about the implications it has for our personal data, because it’s just so easy.


The privacy paradox

Phishing attacks, another key area of concern for individuals and businesses alike. They can be incredibly convincing and a successful attack can be catastrophic.
It’s easy to take ourselves out of the equation and mock others who fall victim to rudimentary techniques, like fake applications asking for your credentials and convincing emails from reputable sources. Why aren’t we taking our security more seriously?
Nathalie explains how that there has been some fascinating research into the so called ‘privacy paradox’: the hypocrisy we exhibit with our online behaviour and sharing culture. We frequently voice concern over how our personal data is obtained and distributed, but this rarely results in us being more cautious online.

The perceived anonymity of the internet protects us. We can adopt aliases that aren’t our real names, and there is a lack of understanding as to where our data is stored. It’s not necessarily that we’re unaware of the risk, it’s more the illusion that “it won’t happen to me.

The gender divide

Gender, a contentious subject. Numerous studies have explored gender differences in regards to online behaviour, most focus on consumer culture. According to some research, a male brain acts more utilitarian online, whereas female motives tend to be more hedonic. Simply put, men are on a mission and women are on a journey.

I’m reluctant to cite gender as a key driver for differences in online behaviour as there are many other factors at play, however there does seem to be strong evidence to suggest that women are more cautious with their online privacy than men. 


I’d imagine that this is to do with the disproportionate amount of trolling and objectification that women receive online in comparison to men.

Our right to privacy

Male, female, young, old. Most countries don’t put the rights of citizens above the rights of organisations. There are some anomalies; Germany were the first to adopt new policies into their existing BDSG data protection laws to align with the latest changes to GDPR making them the most advanced in Europe. Whereas people in America have very few rights regarding their data.
Nathalie explains, there are limited laws in place to protect privacy in many countries, including the UK which even embraced the Snooper’s Charter. Companies have become increasingly smart in the way they get their hands on your data. They wait until you’re reliant on their service, then completely change the rules.
She recalls when Uber switched their location service options to the binary choice of ‘always on’, or ‘never’, so that if you wanted them not to track your location while you weren’t using the app you had to go in and manually switch it off each time. 
Of course, companies like these often want as much information as they can get from their user base to aid efficiency, refine the platform’s user experience (in order to boost conversion and retention rates) and potentially sell on your information to third parties.

I emphatically do not want Uber tracking my every living, breathing moment. 
Until they recently re-instated the option for geo-location to happen only ‘While using the app’, I would disable my geolocation settings every time I’d finished using it, but I imagine a lot of users wouldn’t.

When something is as pleasurable and personal as a phone, we’re more emotionally invested and therefore become less cautious.

Where to find Nathalie

If you’d like to get in touch with Nathalie, you can tweet her @nathalienahai, receive her monthly insights by signing up at, and listen to her new podcast at
[text-blocks id=”phishing-report”]