I stumbled across a news article, on the BBC website, about Consumer Regulators deciding to snap the lid down on activities by “influencers” on Instagram.

Influencers can be both celebrities and non- celebrities. What they have in common are:

  • A significant community or “following”
  • They are perceived as role models who, knowingly or unknowingly influence the choices and behaviours of those within their community or network.
  • They get paid by vendors and advertising agencies to promote or be associated with products.

This isn’t new. Other recent news articles have considered the impact of influencers on choices we make about food and fashion. Influencers are used widely to raise awareness of products and/or services and to influence audiences behaviours and get them to “buy a product” in preference to others.

The science behind why influencers are such a successful tool for raising awareness and influencing behaviour, is so strong and powerful, that Consumer Regulators have felt obliged to step in and try to level the playing field by ensuring influencers are transparent about what they are up to.

The Power of Association

Influencers, even non-celebrities, can earn significant fees by having products/services associated with them. This is because vendors and advertisers know that they can significantly stack the odds in the vendors favour of having their product purchased through the power of association.

They know this because, as I identified in my own research into the formation and influencing of information security behaviours and choices, people are social animals, they make decisions often influenced very heavily by emotions and by the actions of people within their communities/networks.

Influencers, whether celebrities or not, have caught their tribes attention and imagination. Often audiences have a conscious and sometime unconscious connection with influencers, respect or admiration for them, or some other emotional bridge between them.

What’s this got to do with Information Security?

It’s been my long held personal belief that information security is only about people’s behaviour.

My work into re-thinking the “Human Factor” has analysed how behaviours are influenced. From this I came to understand why influencers provide a return on investment, which keeps advertisers, companies and governments investing money, engaging them to raise awareness and influence audience’s behaviours.

This outcome, in my opinion, is similar to the security industry desire to raise awareness and influence positive security behaviours in our own “target audiences” and therefore raises the question what can information security learn from the power of influencers?

When you understand how behaviours are formed, you can start to see a new and compelling opportunity for re-shaping how we approach security awareness, behaviour and culture. This is exactly what we have done at Marmalade Box with our SABC Framework.

Our next introductory workshop runs on May 15th in London. To find out more or to secure your place click here.