Calculating and Mitigating the Misperception of Risk

Opinions on perceiving and managing risk can vary greatly depending on the individual. Many information technology professionals favor an objective approach that provides some form of calculated answer. However, perceiving risk comes with compelling subjective components that need to be considered. Physiological factors influence how we receive information and ultimately determine where on the risk scale activities fall.

Daily User Risk

Social media is a great example of the ongoing misperception of risk by end users. The sentiment around social media platforms remains relatively positive. It connects members all over the world with friends, family, brands and other pleasantries. In response to the pleasant sentiment, users subconsciously categorize social media as a low-risk activity because of its benefits. This skewed evaluation makes them more likely to share personal information with the public without thoroughly considering the malicious use cases. Inversely, people perceive unfavorable activities as low-benefit and high-risk1.

Studies show the perception of an individual is much different from the collective sentiment of a group. Additional influences, like conformity, begin to affect the opinions of others. When several people participate in a single activity, the perception becomes lower-risk than the initial judgment. This behavior, also known as groupthink, cripples several areas of growth for companies. It stunts innovation and can lead to undesirable behavior among employees2.

Risk Among Technology Experts

Security professionals misperceive risk as often as the end user, but in a different way. They tend to fall on the opposite side of the risk spectrum. Protecting the network and its critical data is the top priority. Despite the extensive threat landscape lurking outside their network doors, security teams can become fixated on a single issue. This laser focus blinds them from seeing greater areas of risk (Harkins 2013).

Senior Leadership Risks

Misperceiving risk happens at every level of an organization. Information technology decision-makers rely on respective teams to collect information for projects. This information is what many leaders use to make organizational decisions. The chances of the information being biased or incomplete are highly likely. It presents a significant risk that technology managers should be actively trying to recognize.

Managing the Perception of Risk

Preventing the misperception of risk begins and ends with effective communication within an organization. From end users to senior technology leadership, seeking various perspectives provides everyone a better understanding of the overall perceived risk landscape. Facilitating conversations, asking tough questions, and encouraging friendly debate among opinions can address several areas of vulnerability. Specifically, the risk of wide-scale devastation as a result of poorly informed decision-making.

To learn more about Georgetown University’s online Master’s in Technology Management program, request more information or contact an admissions representative at (202) 687-8888.


1Slovic, Paul. The Feeling of Risk: New Perspectives on Risk Perception. London: Earthscan, 2010. Print.
2Harkins, Malcom. Managing Risk and Information Security: Protect to Enable. New York: Apress, 2013. 12 Dec. 2012. Web. 28 Aug. 2015.