Behaviour Change in your Organisation (short video)

Behaviour change whiteboard

Getting your staff to change their security behaviour

It is often submitted that fear is bad. Actually, from a behavioural science perspective we know fear is the most effective tool for stimulating behavioural change. Fear of crime is necessary but not sufficient to motivate us to act.

It is often a balancing act in people’s mind. Their risk appetite Vs their perception of the risk. This applies to all crime not just cyber crime.

So fear is necessary but what is crucial is that it is accompanied by a feeling of self-efficacy. People have to see the threat but also believe that they have the ability and the tools to reduce the risk.

This flows from something known as Protection Motivation Theory. The theory states that we need to appreciate that phishing, for example, is a threat. It is highly dangerous. It is likely. It can easily happen to me. This is all “fear” of the threat manifesting. An important motivator but in itself not sufficient. The Theory states we need this fear to be accompanied by a feeling that we understand how to cope with the threat. “I know I click “report” to suspicious emails”; “I never download email attachments”. When these two are combined we see people motivated to take action. Empowered.

If fear increases but you don’t furnish people with the tools to personally control the threat you will yield inaction. They will resign themselves to being hopeless against the threat. Accepting their fate so to speak.

Cyber security is all about raising awareness of the threat but we must also remember that behavioural science tells us whilst fear is needed it isn’t sufficient if not accompanied by empowerment.

Related Posts

Wargaming, Cyber Attacks and Astronaut thinking

Wargaming, Cyber Attacks and Astronaut thinking

CEO Digital Show This week Lisa was on the CEO Digital show discussing Wargaming, Cyberattacks, Protecting Against Romance Fraud, & ‘Astronaut Thinking’ in Leadership. Key points (according to the podcast) We heard about Lisa’s experience coming into a...

The 5 Best Ways to Spot TV Licence Phishing Emails

The 5 Best Ways to Spot TV Licence Phishing Emails

TV Licence Phishing Emails In the UK a licence is required to watch live TV in the home. With lockdown continuing and people’s reliance on entertainment increasing, It is unsurprising that in the UK, criminals have increased the amount of tv licence phishing emails...

What is Vishing?

What is Vishing?

What is vishing? How to How to defend your organisation against telephone-based vishing scams