This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies By closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Home » How to Utilize Game Theory for Security Awareness
How do you get employees to care about security? For years, security leaders have been great at conveying the negative consequences of a data breach or security incident – the organization could be attacked, data could be lost, fines levied, employees fired, discipline issued. While this approach conveys the gravity of a potential risk, it often does little to inspire employees to report failures to the security team, to improve their engagement with security, or to advocate for security with peers.
“We keep asking employees to do security work, and when they do a good job, we don’t say anything,” says Masha Sedova, Co-Founder of security awareness training company Elevate Security and former Senior Director of Trust Engagement at Salesforce. “When they don’t do a good job, we just wait until they mess up before we correct and retrain them. We only look for opportunities for negative reinforcement. We’re missing opportunities for positive reinforcement. When I send you a phishing email, do I just wait for you to click on it so I can send you to training, or if you report it, do I send a recognition note to your manager saying ‘You have a security-minded employee, congratulations.’?”