Making cyber security a priority for your people
How do you talk to your people about cyber in a way that conveys the severity of the issue, and their responsibility for it?
Between January and July 2021 the cumulative losses of individuals and organisations to fraud and cyber crime totalled £1.3 billion. In this time reports of breaches in the UK increased sevenfold compared to the same period in 2020. Cyber crime is at an all time high.
It’s a huge and ever-impending threat to people, businesses, and even governments, and most of us are fully aware of this. But despite the potential consequences, passwords such as ‘123456’, ‘qwerty’, and ‘password’ continue to top the list of most popular passwords, and as many as 65% of us still use the same password for multiple, or all, accounts.
The ‘be smarter, be safer’ message is not getting through. So how do you talk to your people about cyber in a way that relates the severity of the issue, and their responsibility for it?
In this blog we’ve got three ways which can help you approach cyber in a more engaging way for your people.
Start with the personal
For cyber to matter to you, it needs to be your problem. Sounds simple, right?
Well most organisations focus largely, or only, on the possible effects of cyber crime on the business, the financial or reputational cost of a breach, possible downtime, missed deadlines, and that may be where they are going wrong.
While these things will affect the lives of your employees, they will not impact the personal lives of the people who work for your organisation. Their money, data, or reputation will remain unscathed. To build a positive cyber security culture within your organisation, you need the people who come to work to care about cyber in their own lives.
How? Start with the personal. Begin your journey to a more cyber-aware organisation by talking to your people about topics such as safe online banking, secure online shopping, or romance fraud. Whether you set up an email campaign, or add a cyber safety section to your intranet, the key is to teach your people about the importance of keeping themselves safe, so that by virtue they start protecting the organisation.
There is a reason why business storytelling has grown in popularity over the last few years, it works! And there’s science to prove it.
Listening to stories activates the amygdala, a region of our brain responsible for dealing with emotions, as well as the hippocampus, which helps with long-term memory formation. Listening to an engaging story also makes our brains release oxytocin, which helps us to build connections with the people around us.
We encourage you to share personal stories around cyber within your organisation. Anyone is welcome to contribute here. These stories can come from a member of the leadership group, or a member of the sales team, and in a wide range of formats too, videos, graphics, newsletters. You can also bring in speakers, or share videos of people from outside of your organisation, those in your industry, businesses in your region, partner organisations.
The key is to attach a face and emotions to this very tech-heavy and impersonal subject, create a sense of community, and to bring about that lightbulb moment, this could happen to me!
In the words of the famous poet and writer Maya Angelou, “People will forget what you said, people will forget what you did, but people will never forget how you made them feel.”
A little psychology
Positive communication and peer influence are great examples of psychology techniques that can help you bring about a positive behaviour change within your people.
Focusing on positive messaging, instead of blame culture, as well as encouraging others to do something, by using an example of their peers doing so, can gently reinforce any message.
Whether you want all of your employees to set up Multi Factor Authentication on their work accounts, to participate in a cyber safety workshop, or to watch a video on password safety - you can highlight and reward those already doing it, to positively influence the behaviour of those who aren’t.
Let us do the work
You wouldn’t install a house alarm and leave your front door unlocked, so why invest in cyber security software if you don’t invest in your people too?
Our communications and behaviour change programme, CyberSafe, contains everything your people need to know to keep themselves and your organisation safe from cyber security attacks. With engaging bite-sized campaigns built to suit your business and threats, we can help you build your positive cyber security culture.