Wednesday, May 15, 2013

The Importance of Research into Human Intentions to Follow Information Security Policies

In the realm of cybersecurity, technical solutions like firewalls, encryption, and access controls often take center stage. However, one crucial factor that continues to be underestimated is human behavior—specifically, the intention of individuals to follow information security policies (ISPs).

Understanding what drives or discourages people from complying with security rules is essential for building more secure and resilient organizations. That’s where behavioral research plays a pivotal role.

🧠 Why Human Intention Matters in Cybersecurity

Even the most advanced cybersecurity infrastructure can be rendered useless if employees or users ignore or bypass policies. Intentional or unintentional violations—such as using weak passwords, falling for phishing scams, or storing data in unsecured locations—can open doors for major breaches.

While some non-compliance is due to a lack of awareness or training, often it stems from motivational factors, perceptions, or organizational culture. This is why understanding intentions is critical.

🔬 The Role of Behavioral and Psychological Research

Research in fields such as socio-technical systems, behavioral psychology, and information systems helps identify the psychological and environmental factors influencing security policy compliance. Popular models used in this area include:

  • Theory of Planned Behavior (TPB): Suggests that intention to follow a policy is influenced by attitude, subjective norms, and perceived control.

  • Protection Motivation Theory (PMT): Focuses on how fear of consequences and self-efficacy affect behavioral response to security threats.

  • Deterrence Theory: Highlights the impact of perceived sanctions and punishment on compliance behavior.

These models are used to assess why people choose to follow (or ignore) policies, and how interventions like training, incentives, or better communication can change those intentions.

📊 Common Research Findings

  • Perceived usefulness of a policy strongly influences compliance.

  • Top-down enforcement alone is less effective than policies embedded in a positive security culture.

  • Peer behavior and social influence often determine whether policies are taken seriously.

  • Clear, understandable, and user-friendly policies result in higher compliance rates.

  • Trust in the organization and in leadership boosts policy adherence.

🧩 Practical Implications

Understanding human intent helps security leaders to:

  • Design better training programs that resonate with different types of users.

  • Align security policies with employee workflows and values.

  • Encourage a culture of security where compliance is seen as part of the job, not a burden.

  • Predict high-risk behavior and intervene before it leads to a breach.

✅ Conclusion

Cybersecurity is not just a technical challenge—it’s a human one. Research into human intentions to comply with information security policies gives us the tools to address the "people factor" effectively. By focusing on what motivates secure behavior, organizations can bridge the gap between policy and practice, ultimately strengthening their overall security posture.

“The greatest vulnerability is not the system—it’s the user who doesn’t believe in the importance of security.”

at No comments:

Thursday, May 9, 2013

Health IT Security Forum Workshop 2013


at No comments:

Tuesday, May 7, 2013

Techniques for People Who Think They Are Not Innovative

Innovation is often misunderstood. Many people believe that being innovative means coming up with world-changing ideas or being a “creative genius.” In reality, innovation is a skill, not just a talent. And like any skill, it can be learned, developed, and applied—even by those who believe they aren't naturally innovative.

If you’re one of those people who think, “I’m just not the creative type,” this article is for you. Let’s explore some practical techniques that can help unlock your innovative potential.

🎯 1. Reframe Your Mindset

Start by challenging the self-limiting belief that you are not innovative. Innovation doesn’t always mean invention; it can be as simple as improving a process or thinking differently about a problem.

🚀 Mindset Shift: “Innovation is not about who I am, but how I think and act.”

🧠 2. Ask Better Questions

Innovators are often not the people with the best answers—but the best questions. Practice asking “why,” “what if,” and “how might we” questions. These open-ended questions encourage exploration and creative thinking.

  • Why is this process done this way?

  • What if we tried a different approach?

  • How might we solve this with fewer resources?

📝 3. Use the SCAMPER Technique

SCAMPER is a creative thinking framework to help generate new ideas by transforming existing ones. Try applying these actions to a product, service, or situation:

  • Substitute

  • Combine

  • Adapt

  • Modify (or Magnify/Minimize)

  • Put to another use

  • Eliminate

  • Reverse or Rearrange

This technique gives structure to creativity, making it easier for non-creative thinkers to innovate.

🔄 4. Steal Like an Artist

Innovation isn’t always about originality—it’s often about remixing existing ideas. Study how others solve problems in different fields, and adapt their solutions to your context. Creativity often comes from connecting unrelated dots.

🤝 5. Collaborate with Diverse Thinkers

If you think you’re not innovative, don’t go it alone. Work with people who think differently from you. Diversity in backgrounds, perspectives, and experiences often leads to more innovative solutions.

💡 Innovation is a team sport.

⏳ 6. Create Space for Ideas

Sometimes, we don’t lack innovation—we lack time and mental space. Make time for thinking, reflecting, and experimenting. Even 15 minutes a day of undistracted “idea time” can make a big difference.

🧩 7. Prototype Small

You don’t need a perfect idea—just start small. Test it. Build a simple version. Learn. Iterate. This reduces fear and builds confidence in your ability to think creatively and take action.

🧘 8. Practice Curiosity Every Day

Be curious. Read outside your field. Observe problems around you. Keep an idea notebook. Curiosity fuels creativity—and curiosity can be trained.

✅ Conclusion

Innovation isn’t reserved for artists, inventors, or entrepreneurs—it’s for everyone. If you believe you're not innovative, it might just mean you haven’t found the right tools, mindset, or environment yet. By applying simple techniques like asking better questions, collaborating, and using frameworks like SCAMPER, you can train your brain to think more creatively.

“You don’t have to be a genius to innovate. You just have to be willing to try something different.”

So go ahead—start small, stay curious, and allow yourself to think like an innovator.


at No comments:
Subscribe to: Posts (Atom)

CONTENT ENTREPRENEURSHIP: Designing Markets, Engineering Value, and Leading with Knowledge

Dalam ekonomi digital, konten sering diperlakukan sebagai aktivitas komunikasi. Padahal, pada level strategis, konten adalah infrastruktur ...