Martin Luther King said ‘I have a dream’, not ‘I have a plan’
– Simon Sinek
Engaging end users using marketing, psychology and safety theory.
About Geordie Stewart
His award winning masters thesis at the Royal Holloway Information Security Group examined information security awareness from a fresh perspective as a marketing and communications challenge. In his regular speaking appearances at international information security conferences such as RSA, ISACA and ISSA he challenges conventional thinking on risk culture and communication.
In addition to senior security management roles in large UK organisations Geordie writes the security awareness column for the ISSA international journal.
Are humans rational? When we see computer users to silly things which place themselves or their information at risk its easy to take a view that people are illogical. The problem is that logic can’t be examined separately from perception.
There is significant debate within psychology literature as to the extent to which humans can be described as rational. Rationality is sometimes described as the ability for individuals to select the “best” option when confronted with a set of choices. The best option is also referred to as a “value maximising” option when the most benefit is obtained for the least expenditure of resources or exposure to risk.
The problem is that people routinely fail to select a “value maximising” option and exhibit apparently illogical behaviour. Commonly, an option mathematically modelled as the best choice by the technical experts isn’t the choice chosen by information system users when responding to risk.Details