Defender Personality Traits


Tara Whalen
Carrie Gates

Author Addresses: 

Tara Whalen (, Faculty of Computer Science, Dalhousie University Halifax, NS, Canada

Carrie Gates (, CERT Network Situational Awareness, Carnegie Mellon University Pittsburgh, PA, USA


The security community has used psychological research on attacker personalities, but little work has been done to investigate the personalities of the defenders. One instrument currently dominating personality research is the Five Factor Model, a taxonomy that identifies five major domains of personal traits, composed of sets of facets. This model can be used within an organizational or vocational capacity to reveal dominant tendencies, such as openness to new experiences. Within a security context, this tool could show what patterns professionals exhibit, which may reveal the areas in which we are insufficiently diverse and where our blind spots are.

We surveyed 43 security professionals using a Five Factor Model-based test (the IPIP-NEO) to reveal common dominant traits. We found that our sampled security population demonstrated that they were highly dutiful, achievement-striving, and cautious; in addition, they were high in morality and cooperation, but low in imagination. We conclude that many of these characteristics are appropriate for security professionals, although the low scores in the "openness to experience" domain may indicate difficulties in devising new security defense methods and in anticipating new forms of attack.This potentially leaves large organizations and nation-states vulnerable to attacks that might have otherwise been prevented.

Tech Report Number: 
Report Date: 
January 10, 2006
PDF icon CS-2006-01.pdf387.28 KB