From security policy to practice: Sending the right messages

C Chipperfield, SM Furnell

Research output: Contribution to journalArticlepeer-review

Abstract

If it is to be truly successful, security requires engagement right across an organisation. It needs to be embedded in everyday operations and championed from both the top of an organisation and at a local level. It also needs effort and consideration to ensure that messages are appropriate to the likely audience, as well as shaped and communicated in a way that suits the different, but equally important range of stakeholders. This article considers the challenge of promoting security policy by ensuring the message is appropriate and effective for the many different individuals likely to be involved and/or affected. The discussion draws upon theories of leadership, communication within organisations and ways of influencing organisational change, emphasizing the importance of framing the message in the right way in order to maximise support from the different constituents of the target audience. A range of approaches are consequently identified that could form part of an overall promotion portfolio, based upon a combination of push and pull style mechanisms that are likely to appeal to different people in relation to different aspects of the overall message.
Original languageEnglish
Pages (from-to)13-19
Number of pages0
JournalComputer Fraud & Security
Volume2010
Issue number3
Publication statusIn preparation - 1 Mar 2010

Fingerprint

Dive into the research topics of 'From security policy to practice: Sending the right messages'. Together they form a unique fingerprint.

Cite this