Maslow and Malware: Developing a Hierarchy of Needs for Cybersecurity

The pervasive use of computing and the Internet means that cybersecurity is now a major concern for organizations around the world. In response, decision makers are developing plans that seek to ensure key assets, systems and networks remain protected in this new environment, while preserving the benefits that come with broad connectivity. However, these approaches vary considerably, according to the different needs and stages of development of individual countries.

To explore the question of how different countries think about using cybersecurity, we recently partnered with Oxford-Analytica to develop a report that looks at how they can seek to maximize the benefits of the Internet by matching their cybersecurity priorities to the needs of their citizens.

To accomplish this, we leveraged Abraham Maslow’s ‘Hierarchy of Needs,’ which established five types of psychological need for individuals, structured in ascending order: physiological, safety, belonging, self-esteem and self-actualization. Maslow’s model holds that when lower needs are unsatisfied, they dominate motivation and behavior, but once they are satisfied higher needs emerge.

Our report similarly creates a hierarchy of needs for Internet users which forms a framework to prioritize national cybersecurity efforts. The needs in this hierarchy are:

3482_model_jpg-550x0

 

  • Access:  at the base of the hierarchy, people, simply need to have access to the Internet.
  • Resilience:  once they have access, people need the Internet to be resilient — available reliably and predictably.
  • Connectivity: People need to engage with others in an increasingly interconnected and substantive way.
  • Trust: People need to have full trust that their use of the Internet is secure enough for their intended purpose. Having only partial trust in the Internet will limit what information they are willing to share or which services they are willing to conduct online.
  • Optimum: Once these needs are cumulatively met, people are able to utilize the Internet’s optimum state without constraint. In other words, the Internet’s potential to help people and businesses is fully realized.

The report details this framework with real-world case studies, and concludes with a set of policy recommendations. Using this model, countries can evaluate their status within the hierarchy and prioritize the appropriate security measures to create an environment where citizens, enterprises and the state itself can realize the Internet’s full potential to help people and businesses.

We encourage you to download the report and share your thoughts with us on how society can securely achieve the Internet’s optimum state.

 

 

 

 

About the Author
Kevin Sullivan

Senior Security Strategist, Trustworthy Computing

Kevin Sullivan is a Principal Security Strategist with Microsoft’s Global Security Strategy and Diplomacy team, part of Trustworthy Computing, which focuses on driving strategic change to advance security and resiliency, both within Microsoft and externally. Kevin leads the group’s efforts Read more »