4 Reasons Why Content Remains King in InfoSec. Awareness

As an information security professional, when communicating with the rest of your company, it is great if you add some sparkle in the form of slick videos, smooth images and maybe even cool audio.

After all, this isn’t 1995 so we don’t need to rely solely on using Wingdings font and clip-art images to make an impression. Thankfully, we can also do it without the “help” of Clippy, the loathsome Microsoft paperclip assistant. Having said that, it is easy to get blinded by the dazzling possibilities on offer and forget about the most important part of all. If you forget that content is King then you run the risk of producing a great looking but meaningless or ineffective piece of communication.

This Is What People Should Take Away With Them

When the dust has settled and everyone has walked away from your information security awareness activity, then what is it that is going to linger in people’s minds? If the answer is a great image of a cyber thief that you Photoshopped or a video on the biggest cyber breaches of all time or even some slick graphics more reminiscent of a Jason Bourne or James Bond film,  then maybe they missed the relevant  points.  The flashy presentation and the smart graphics should be devices that help you to get the security message across rather than distracting from it. The key points that you want to get across about your information security culture and how people can contribute effectively to this are the issues that should be rattling about in people’s heads rather than anything else. Therefore, everything should be built around strong, useful content which has been developed with the objective of influencing audiences behaviours. Anything that can help you to get these points across can then be considered afterwards.

Make It Easy to Understand

The phrase “Content is King” is generally attributed to Bill Gates in the 1990s, although it can be traced back even further than that. It is a phrase that is used for a number of different reasons, with website SEO being the main one. However, when we look at it, in the context of information security, then what do we really mean? Perhaps the simplest way of looking at this is to say that content is a message. The message could be shared written, spoken or visually delivered and it needs to be effectively planned and written in order to be digested, understood and acted on. If you don’t pay enough attention to the content that you write then there is a risk that the people you communicate with don’t even really know what you are talking about. They might have some sort of vague idea that you are warning them about the dangers of poor computer security but you want them to get a better grasp of it than that, don’t you?

Make It Engaging

Make the content of the communication engaging and you stand a far better chance of the audience really sitting up and taking notice. If you can get your readers interested in what they see then there is much more chance of them paying attention to what you tell them about information security, right?  This is just like marketing, where advertising campaigns will try and engage the public in order to pique their interest. If you don’t get someone’s interest then there is little chance of them taking notice of what you say and adjusting their behaviour, making a choice to buy or simply trusting your message. Information security is a subject that most people don’t really think about very often. When the idea of information security behaviour and culture floats across their minds then it may be something that they see as being a little less than thrilling.Therefore, by making quality content a top priority, you make it something that stands a better chance of getting attention, being absorbed and making the readers think about how important this really is. This is going to give you a far better chance of influencing people’s behaviours and making a real difference.

Keep People Interested

We can go a step further and say that great content is something that can make your end users genuinely interested in the subject of information security . They might never go to sleep dreaming about the latest advances in cyber security but you can make it something that becomes a tangible part of their working life. You can do this by making it sound like something that they can relate to and that directly affects their performance and future. Rather than writing about it being a vague threat like a global beriberi outbreak or an asteroid hitting the Earth, this is something that will become a real issue that they can take an interest in. Most importantly, you can also give them the knowledge and the tools to do something about it. If there is one thing that makes people lose interest in a subject it is when they feel that it is out of their hands and there is nothing they can do about it. Instead, you can empower them to master their environment. By making an effort to ensure that content is King in your communications you will give your message the best possible chance of getting through to the people who most need to get it. Since this is the most important aspect of it, there is no reason for not putting a strong focus on this area.  

If you’d like to find out more about how Marmalade Box can assist in helping you develop more compelling and more effective security awareness programmes, based on our SABCTM methodology, then do please get in contact.

Share