Gartner® 5 Communications Tactics to Get People to Take Cyber Risk More Seriously
CybSafe is proud to bring you cutting-edge research in cybersecurity.
We’re sharing what we believe is an unmissable resource, Gartner® 5 Communications Tactics to Get People to Take Cyber Risk More Seriously.
We believe that this report is indispensable for anyone involved in security and risk management (SRM), from IT leaders to CISOs to executives.
While security awareness programs are widespread, 93% of employees still knowingly carry out actions that increase risk to the organization, according to a recent Gartner survey. One of the top three reasons cited by surveyed individuals for these types of behaviors is a lack of consequences.
With that in mind, this report explores five tactics that expose the personal consequences of cyber risk, including springboarding off existing corporate values, leveraging social pressure, and making it personal.
Gartner®5 Communications Tactics to Get People to Take Cyber Risk More Seriously, by Leigh McMullen, Richard Addiscott, Christopher Mixter, Andrew Walls, 8 August 2024.
Report highlights
“By 2027, 50% of cybersecurity organizations will replace ‘individual awareness’ in their SBCP with a focus on ‘group norms for behavior’, in recognition of the lack of connection between awareness and secure behavior.”
“SRM leaders must make violating security policies ‘unpatriotic’ at a time when many organizations struggle with employee loyalty in general. One of the simplest tools for doing so are, today, like they were in 1942, communications that bring the consequence home.”
“The best and most impactful messaging will connect consequences, amplify them with social pressure, springboard off existing beliefs and values, be personally relatable, and ideally fun. If you can tick all these boxes in a sentence or slogan, you’re onto gold.”
Source: Gartner®, 5 Communications Tactics to Get People to Take Cyber Risk More Seriously, by Leigh McMullen, Richard Addiscott, Christopher Mixter, Andrew Walls, 8 August 2024.
Disclaimer: GARTNER® is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.