Skip to content ↓ | Skip to navigation ↓

The ever-fickle world of pop culture has seen a resurgence of interest in Sherlock Holmes in the last five years.

Fresh re-imaginings of the detective residing at 221B Baker Street have come both to the big screen and small to varying degrees of critical acclaim. Robert Downey Jr.’s version premiered in 2009, while Benedict Cumberbatch’s modern interpretation came to BBC one year later (with a new season starting just this month). The clothing, time period, and other details may differ, but all depict the same calculating, observant, and attentive-to-a-fault character that Sir Arthur Conan Doyle created in 1887.

Yeah, I am fan of Sherlock Holmes. Each new Holmes makes me rethink my own observational skills and how they can be dulled by the repetition of everyday responsibilities. I’m sure many reading this have felt the same. As the demands on our attention increase, our levels of actual attention naturally decrease. And as they do, we become less and less able to know or notice our own thought habits—even the efficient ones that usually serve us well.

It makes me wonder how these tendencies affect cybersecurity awareness. In the information security world, there’s a fine line between efficiency and thoughtlessness. Compromised networks and data breaches breed in the gap between the two. As employees juggle time and work responsibilities, it’s not difficult to imagine that gap growing bigger.

In this context, Maria Konnikova’s 2013 book, Mastermind—How to Think like Sherlock Holmes, serves as a great guide to creating more mindful, observant habits that will serve you well as you seek to become truly security-aware. Here are five tips we’ve borrowed from her—and Sherlock—to get you, and ideally your employees, well on your way to stopping cybercrime in its tracks.

Open Your Eyes

Yogi Berra said, “You can observe a lot by watching.” And Holmes would agree. “But given our constant stream of sensory inputs, writes Konnikova, “we tend to see unthinkingly, absorbing countless elements from the world without necessarily processing what those elements might be. We may not even realize we’ve seen something that was right before our eyes.”

“But when we observe, we are forced to pay attention. You need to move from passive absorption to active awareness,” Konnikova continues. “You need to engage. When you do, you’ll never be a victim of tailgating, leave sensitive information unattended on your desk, or fail to notice the suspicious behavior of a contractor.”

Be Skeptical

“One of the things that characterizes Holmes’s thinking,” notes Konnikova, “is a natural skepticism and inquisitiveness toward the world. Nothing is taken at face value. Everything is scrutinized and considered, and only then accepted (or rejected, as the case may be).”

That brand new USB drive still in its package left on a lunchroom table . . . you really think that’s safe? “Holmes’s trick is to treat every thought, every experience, and every perception the way he would a pink elephant,” Konnikova writes. “In other words, begin with a healthy dose of skepticism instead of the credulity that is your ‘mind’s natural state of being.’ Don’t just assume anything is the way it is,” she continues.

Think Twice

When we assume that we already understand that which comes our way, we tend to only see things in terms of our mental models. “First we believe,” is how Konnikova puts it, “and only then do we question. Put differently, it’s like our brains initially see the world as a true/false exam where the default answer is always true. And while it takes no effort whatsoever to remain in true mode, a switch of answer to false requires vigilance, time, and energy.” That phishy email? Cybercriminals are counting on your default answer.


Holmes-like intuition is “based on training, hours and hours of it. An expert may not always realize consciously where his intuition is coming from, but it comes from some habit, visible or not,” Konnikova writes. “It’s what Anders Ericsson calls expert knowledge: an ability, born from extended and intense practice and not some innate genius,” according to Konnikova.

When you practice a mindful approach to the world, you will, over time, perfect it to the level of an art. You’ll immediately and accurately spot the tell-tale signs of social engineering or a sequence of events that suggest a possible breach.

Develop a Motivated Mindset

Sherlock Holmes-governed thinking takes mindfulness plus motivation—motivation in the sense of active engagement and desire.

In security awareness, that motivation may be intrinsic or extrinsic. Ideally, it’s a little bit of both. As everyone knows, motivation waxes and wanes. It is often fleeting. It’s easily discouraged or defeated. But a mindset, on the other hand, is constant, reliable, and lasting. By instilling a mindset or attitude that values security awareness, you stand a better chance of attaining sustainable, effective competence. Without motivated mindfulness, the advantage goes to the attacker.

So shed those lazy thought habits—the ones that come most naturally, the so-called paths of least resistance—that you’ve spent your whole life acquiring. Aspire instead to master Holmes-like thinking in all areas of your life—work and home. When you do, you’ll break once and for all the bad habits and inattentive mindlessness that threaten the security of your organization. All it takes is a little training and practice.


tom pendergastAbout the Author: Tom Pendergast is the chief architect of MediaPro’s Adaptive Awareness Framework™ approach to analyze, plan, train, and reinforce to deliver comprehensive awareness programs in the areas of information security, privacy, and corporate compliance. Tom Pendergast has a Ph.D. in American Studies from Purdue University and is the author or editor of 26 books and reference collections. Tom has devoted his entire career to content and curriculum design, first in print, as the founder of Full Circle Editorial, then in learning solutions with MediaPro.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.