Far too many security awareness training programs start with a series of horror stories about hackers and identity theft, lost money and damaged reputations, privacy breaches and deleted computer files. Before long, the average student starts to tune out – after all, if it’s that bad out there, there’s not much that can be done about it.
I was reminded of this when I came across an article about climate change – How to get action on climate change? Hint: Don’t scare us out of our wits – which points out that dire warnings about global warming may well be counter-productive.
Now, I’m not saying that we shouldn’t tell students about the potential consequences of poor information security, but that should be just one small part of our message, with the rest of it being positive – how we can make things safer to our mutual benefit. A carrot is often is often better encouragement than the threat of the stick.
Some Further Reading
- Study Finds That Fear Won’t Don’t Do It: Why Most Efforts at Climate Change Communication Might Actually Backfire
- Apocalypse Soon? Dire Messages Reduce Belief in Global Warming by Contradicting Just-World Beliefs – Matthew Feinberg and Robb Willer; Psychological Science 2011 22: 34 originally published online 9 December 2010
See SSPP Blog Post: “Apocalypse Averted? What Should the Message Be on Climate Change?”
“Last week’s blog, on environmentalism and apocalyptic rhetoric, may have left a false impression that dire warnings alone are enough. Such rhetoric can easily backfire, spurring hopelessness and depression.”
http://ssppjournal.blogspot.com/2011/04/apocalypse-averted-what-should-message.html