Influencing security behavior in your organization


Managing a security program means having to influence behavior within your organization. Whether it’s to convince stakeholders of the need for security improvements, or train employees on new ways of working to address cyber security, security managers must influence a variety of people to keep the organization secure.

There are a number of challenges that arise with this. Implementing security measures and achieving your security priorities is often dependant on the culture and behavior of the organization. Sometimes we tend to focus too much on methodology and the different ways to calculate threat or risk levels. We end up speaking a different language than the rest of our organization. Reaching people is also difficult in the current environment of too much information and constant communication.

Some approaches to addressing these challenges are:

  1. Ensure your security priorities are aligned to your organization’s key strategic goals, and ensure that your audience is clear on why security is important.

  2. Keep your approach extremely simple. Remember that security isn’t top of mind for many within your organization. This is why it can be helpful to focus on the key priorities and on reducing barriers. It’s not a science, but all of our research has showed that successful attempts to change behavior make the right behaviour the easy one.

  3. Use visuals and language that makes sense to your audience to communicate important information.

 

Want exclusive first access to content like this? Sign up for our newsletter

Read more?

We can help you today

If you want to see what the Human Risks platform can do, for your company.  Contact us today

Contact