Can We Sell Security Like Soap? A New Approach to Behaviour Change

Our next Interdisciplinary Cyber Security Seminar will take place on Tuesday, 19th November at 5pm. Our seminars are approachable, and require nothing more than a general interest in security, and an enquiring mind.

Our speaker will be Debi Ashenden, who is a Reader in Cyber Security and Head of the Centre for Cyber Security and Information Assurance at Cranfield University, based at the Defence Academy of the UK, Shrivenham. Prior to taking up her post at Cranfield University she was Managing Consultant within QinetiQ’s Trusted Information Management Dept (formerly DERA). She has been working in cyber security since 1998 and specialises in the social and behavioural aspects of cyber security. Her research is built on a socio-technical vision of cyber security that sees people as solutions rather than as the problem. Debi is the co-author of, ‘Risk Management for Computer Security: Protecting Your Network and Information Assets’, Butterworth Heinneman (2004).

Talk Abstract: Many organisations run security awareness programmes with the aim of improving end user behaviours around information security. Yet behavioural research tells us that raising awareness will not necessarily lead to behaviour change. This talk examines the challenge of changing end user behaviour and puts forward social marketing as a new paradigm. Social marketing is a proven framework for achieving behavioural change and has traditionally been used in health care interventions, although there is an increasing recognition that it could be successfully applied to a broader range of behaviour change issues. It has yet to be applied however, to information security in an organisational context. This talk will explore the social marketing framework in relation to information security behavioural change and highlight the key challenges that this approach poses for information security managers. We conclude with suggestions for future research.

The seminar will take place in EB202 in the Executive Business Centre, and will be free and open to all. If you would like to attend, we encourage you to register at http://www.eventbrite.co.uk/e/interdisciplinary-seminar-in-cyber-security-tickets-9336229915