Humor can Combat Security Ignorance and Apathy

Feb. 8, 2012
US Bank CISO ditches the negativity and creates positive security messages

I'm sure every security executive out there knows of at least a few people in their organization who are just plain terrible at protecting themselves – they fall for phishing scams and give out personal tidbits like moms giving out candy on Halloween. They are either ignorant of the risks and the security procedures to mitigate them, or they just don't care.


For many, the way to deal with these people from a security standpoint was through fear. You would probably be thinking something along the lines of, "we will scare them into protecting themselves by showing them all the bad things that can happen."


The CISO at U.S. Bank has taken a different approach to informing his "security constituents" – ie., regular banking customers – about adding basic security practices to their online experience. Greg Wood is tossing out the fear and turning instead to humor with targeted videos intended to both entertain and inform about – in this case – banking security best practices and procedures.


"These videos are a different way for us to share an important security message with the public," Wood said in a statement. "Consumers regularly see traditional, fear-based messages about their personal data. This awareness campaign takes a different approach, with lighthearted, simple and memorable messages inviting our viewers to think about how they share their information online and encouraging them to adopt important basic security practices."


The lighthearted approach takes the form of "Tami, the chronic oversharer." Tami's videos cover things like: going on a first date, seeing a psychic, and of course making sure you have a firewall set up, and creating a unique password that you only use for banking, shredding personal documents...the list goes on.


Here's a link to the Tami videos to give you the idea. While this stuff isn't Earth-shattering, it could certainly give you, as physical and IT security executives, insight into positive and humorous ways to attack the problem of apathy and ignorance of security programs and procedures in your organization and help get the word out.



Sponsored Recommendations

NYPD launches Knightscope security robot service in Manhattan subway

The first two weeks will be spent on training, configuration and setup protocols for the autonomous robot to navigate followed by patrol activities between the hours of 12:00am...

Hornetsecurity releases "Microsoft 365: The Essential Companion Guide"

Microsoft 365: The Essential Companion Guide is a comprehensive resource that provides an in-depth analysis of Microsoft 365 to help users maximize their efforts when using this...

SecurityDNA podcast recap: discussing digital twins, venture capital and smart cities with security industry futurist Jon Polly

Jon Polly utilizes his knowledge of past security trends to analyze the impact that regulating artificial intelligence and the expansion of digital twins will have on the industry...

One in six attacks on U.S. government offices linked to LockBit

The report revealed that many ransomware threat actors are no longer going after "big game" targets, instead focusing on smaller organizations they presume to be less well-defended...