Behaviour Change in your organisation (short video)

Getting your staff to change their security behaviour

It is often submitted that fear is bad. Actually, from a behavioural science perspective we know fear is the most effective tool for stimulating behavioural change. Fear of crime is necessary but not sufficient to motivate us to act.

It is often a balancing act in people’s mind. Their risk appetite Vs their perception of the risk. This applies to all crime not just cyber crime.

So fear is necessary but what is crucial is that it is accompanied by a feeling of self-efficacy. People have to see the threat but also believe that they have the ability and the tools to reduce the risk.

This flows from something known as Protection Motivation Theory. The theory states that we need to appreciate that phishing, for example, is a threat. It is highly dangerous. It is likely. It can easily happen to me. This is all “fear” of the threat manifesting. An important motivator but in itself not sufficient. The Theory states we need this fear to be accompanied by a feeling that we understand how to cope with the threat. “I know I click “report” to suspicious emails”; “I never download email attachments”. When these two are combined we see people motivated to take action. Empowered.

If fear increases but you don’t furnish people with the tools to personally control the threat you will yield inaction. They will resign themselves to being hopeless against the threat. Accepting their fate so to speak.

Cyber security is all about raising awareness of the threat but we must also remember that behavioural science tells us whilst fear is needed it isn’t sufficient if not accompanied by empowerment.

Related Posts

Hacked! Right Match Singles suffers a data breach..

Hacked! Right Match Singles suffers a data breach..

Cyber Security Awareness Month Special: "Hacked" What would you do if your company was hit by a cyber attack? Do you have a plan? A crisis management team in place? Many companies don't have a plan or haven't tested that plan.  For Cyber Security Awareness Month 2020...

Get staff engaged for Cybersecurity Awareness Month

Get staff engaged for Cybersecurity Awareness Month

October is ECSM, a month-long European event promoting good cyber security practices and safety. This years themes are: Digital skills:  personal data protection, cyber bullying and cyber stalking establishing good practices online.  Cyber scams: cyber threats such as...

CV19 and Kaspersky Next

CV19 and Kaspersky Next

At the Kaspersky NEXT event, Cyber Volunteers 19 (CV19) Co-founder and partner at Red Goat Cyber Security, Lisa Forte discussed with Kaspersky’s Yury Namestnikov, why such intervention was required, and what lessons need to be learnt as both the pandemic and cybercriminal activity are fought.