By Javvad Malik, Lead Security Awareness Advocate at KnowBe4 (www.KnowBe4.com).
Have you ever walked down a street with broken windows, burnt out cars, graffiti and felt a bit uneasy? There's a reason for that, and it's not just about aesthetics. The Broken Windows Theory, introduced by social scientists James Q. Wilson and George L. Kelling in 1982, suggests that visible signs of crime and antisocial behavior encourage further crime and disorder. But what does this have to do with cybersecurity? More than you might think.
The Cybersecurity Parallel: Neglected Digital Environments
In many organizations, cybersecurity awareness feels like a losing battle. Employees ignore security policies, download unapproved software, and use weak passwords. It's as if our digital environments are full of "broken windows," signaling that it’s a culture where no one really cares about security.
Traditional approaches often focus on punitive measures or dry, technical training that fails to engage employees. It's like trying to reduce crime by simply increasing fines, without addressing the underlying issues that make an area feel unsafe or neglected.
Applying the Broken Windows Theory to Cybersecurity
Just as fixing broken windows and cleaning up graffiti can reduce crime by fostering a sense of order and care, we can apply similar principles to our digital environments:
By applying the principles of the Broken Windows Theory to cybersecurity, we can create digital environments where security feels natural and everyone plays a part
Practical Steps for Implementation
Walk through your organization's digital spaces as an average user would. Where are the "broken windows"? Look for outdated software, clunky security processes, or confusing policies.
Create an easy way for employees to report potential security issues. Make it as simple as sending a quick message or clicking a button.
Transform your security awareness materials. Replace dense text with infographics, short videos, or even memes. Make security information as engaging as a well-designed public space.
Identify and empower individuals across departments to be security advocates. These champions can help maintain a secure "neighborhood" in their area of the organization.
Host regular cybersecurity events that feel more like community gatherings than lectures. Think cybersecurity fairs, hacking demos, or even escape rooms with a security twist.
The Path to a Strong Security Culture
By applying the principles of the Broken Windows Theory to cybersecurity, we can create digital environments where security feels natural and everyone plays a part. It's not just about preventing breaches; it's about fostering a community where secure behavior is the norm.
As we move forward, let's reimagine our approach to cybersecurity awareness. Instead of building walls and enforcing rules, let's create digital neighborhoods where everyone takes pride in keeping things secure.
Every fixed "window" in your digital environment is a step towards a more secure future. So, let's roll up our sleeves and start cleaning up our digital streets. The neighborhood—and your data—will thank you.
Distributed by APO Group on behalf of KnowBe4.