Information Security Forum Explores Human-Centred Security in Latest Research
By: Information Security Forum
To aid organizations to invest effort and resources in understanding the human mind and deploying the right techniques so they can influence behavior, the ISF is releasing Human-Centred Security: Positively Influencing Security Behavior. The organization's latest digest helps enterprises to develop mature approaches to managing human risk by setting out several initiatives supported by established psychological theory. The digest will enable senior leaders to better understand the key drivers behind human behavior, how they can positively influence people and use the right techniques to empower employees to keep the organization secure.
"Errors and acts of negligence can cause significant financial and reputational damage to an organization, with many security incidents and data breaches originating from a human source," said Daniel Norman, ISF, author of the digest. "A human-centred security program helps organizations to understand their people and carefully craft initiatives that are targeted at behavior change, reducing the number of security incidents related to human error and negligence."
A human-centred security program uses psychology to address the fundamental strengths and weaknesses in the human mind and aims to enhance the working environment to enable employees to behave securely. A successful program leverages cross-departmental collaboration to fully grasp the current state of security behavior, which subsequently enables organizations to target investment to mitigate the identified risks.
Human-Centred Security: Positively Influencing Security Behavior provides organizations with guidance on:
· Understanding the key factors that influence employees' security choices
· Delivering impactful security education, training, and awareness
· Designing systems, applications, processes, and the physical environment to account for user behavior
· Developing metrics to measure behavior change and demonstrate return on investment
"Technology and processes should complement behavior, not add friction and impede productivity,"
For more information on Human-Centred Security: Positively Influencing Security Behavior, or any aspect of the ISF, please visit the ISF website (http://www.securityforum.org/