For the past week my Twitter, LinkedIn and Facebook timelines were busy with people discussing the updated Terms for WhatsApp. This update eventually lead to a lot of noise and many people looking into alternatives like Telegram or Signal. Whether people truly and fully migrate from WhatsApp or not, I guess only time will tell, because the network effect of WhatsApp, especially in most of developing countries is still very high. Even the latest news suggested that Facebook postponed the deadline from February to May 2021 for further campaigning the changes because they believe there are too many misinformation out there.
Despite all analysis on what data is shared or accessed by these messaging platforms, I personally very interested to see the effect of network and idol influence in driving people’s action. Especially Elon Musk with his famous tweet:
Although I don’t know for sure how powerful this tweet leading to people installing and migrating to Signal, but this show how idol’s and network’s influence can be used for good cause. So, why don’t we use the same trick for our organisational Security and Privacy Awareness campaigns (and trainings)?
In the past decade most of organisational Security and Privacy campaigns (and trainings) I have experienced are:
- online e-learning or articles posted on the intranet;
- full of text with each section ended with sort of quiz;
- kicked-off by a video or quote from business senior management or security leaders talking about how security and privacy are very important.
What if we change the format and ask few ambassadors within the organisations that can give such network or idol effect like Elon Musk? They can be anyone, not necessarily senior business management or security leaders. After all, GRC and Cybersecurity professionals always argue that Security and Privacy are everyone’s responsibilities. So perhaps it’s time for us to shake the typical security campaigns (and trainings) by having these ambassadors designing the program and be the leading voice of awareness. Just like Elon Musk using his voice to move people to more secure and private messaging platform, organisational security and privacy awareness can be more fun and more engaging by having these “non-typical“ ambassadors.