The Five Stages of Security Grief
Gavin Millard is featured in the December 2014 issue of (IN)SECURE magazine for his lead article on The Five Stages of Security Grief. This clever and thought-provoking article walks us through the Kϋbler-Ross model of grief as it applies to IT professionals dealing with complex corporate security issues.
To help aid in establishing where different people are in the process, I’ve noticed parallels to the famous Kübler-Ross model of grief introduced by Elisabeth Kübler-Ross in 1969. The model shows that when people deal with death, they move through a series of emotions, starting with denial and progressing through anger, bargaining, depression and acceptance. The model is used to understand how people deal with a significant negative life event, but it can also be applied to the grief and anxiety of not knowing what to do in order to protect an organization from highly motivated threat actors.