Book Review: "Design for How People Think"

Apr 09, 2020
3 minutes

Cybersecurity Canon Candidate Book Review: “Design for How People Think,” by John Whalen (Published April 23, 2018)

Book Reviewed by: William Yurek, president, Inspired Hacking Solutions LLC

Bottom Line: I don't recommend this book for the Cybersecurity Canon Hall of Fame, but if you are interested in the topic, this is a good one to read.


“Design for How People Think” isn’t a cybersecurity book, per se. It is a book geared toward helping readers understand how people view and digest information. I read it because I have been looking for better ways to improve the consumption of cyber risk data my team publishes. Anyone can put information on a web page or in a document, but how many stop to think how they should structure that reporting so a consumer receives what he or she expects? 

The author, John Whalen, has a Ph.D. in cognitive science and more than 15 years of human-centered design experience. In this book, he educates the reader about what I call “thinking science,” meaning how the brain works and how understanding the way your customers or consumers think can help you build better products and services. Whalen organizes human perception into what he calls “the Six Minds." The Six Minds can best be described as the six ways people try to locate, organize, consume and respond to information that is presented to them. He takes what could be a very dry and frankly incomprehensible topic and makes it into an easy-to-read, informative book. 

As I read it, I saw how many of the human behaviors he observes are ones I myself practice. Interestingly, and to some extent troubling, Whalen notes that our almost-constant interaction with well-known e-commerce sites has conditioned us like Pavlov’s dog: Without conscious thought, we look for certain types of information to be in certain places and accessed in certain ways. Information that doesn’t fit this model makes us confused and makes our interaction with it unpleasant and unproductive.

The book is definitely geared more toward those who work in e-commerce or adjacent industries, such as a retail sales site, but the information Whalen provides can definitely be used in other areas as well. I came away with several takeaways for my team to use moving forward as we seek to optimize consumer usage of our reporting.

This book is very helpful to those just starting to look at “thinking science.” “Design for How People Think” is a good book, but I don’t see it as indispensable for the cybersecurity practitioner.

We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite. 

The Cybersecurity Canon is a real thing for our community. We have designed it so that you can directly participate in the process. Please do so!

Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.