Human behavior is fascinating. We have social rules and ways of working that baffle me as a security expert. We often find it helpful to go along with traditions and conventions that, when you step back and look at them, are not healthy or secure. I guess it comes from our innate desire to be connected to something bigger than ourselves—to know we are not alone in the universe or here on Earth.

A lot of what I do is taking advantage of human nature and behaviors, those societal norms that hinder security.

For instance, consider tailgating: the act of following someone through a door or barrier. Attackers often do this to gain access to areas they are restricted from entering. You have probably done this yourself, albeit not to break in somewhere but because you forgot your pass.

Picture this scenario: You are coming back from lunch, and as you approach the office, a colleague is just ahead of you. They swipe their pass and open the door. They look back at you and step away, and you smile at them. They hold the door open for you as you do that awkward half-run, grab the door, and say thanks. I am sure that or something similar has happened to everyone at some point.

It's a great example of human nature and social norms subverting security! From a human side, your colleague was polite and kind when they helped you. From a security side, they let a stranger into the building and subverted security controls. The right thing for them to do for security ...