In the Proactive Cyber Talk blog series, we dive into the fascinating world of cybersecurity. In the first installment of the series, Jarno Limnéll, Vice President of Innofactor's Cybersecurity Solutions, writes about cyberpositivity, which is one of the most interesting cybersecurity trends in 2022 and one of the topics of our webinar hold on March 4, 2022.
Discussions about cybersecurity often focus on threats and how badly things can go wrong when a mistake happens. Unfortunately, the discussion around cybersecurity is almost entirely focused on cyber insecurity. We need to approach the topic of cybersecurity from a more positive perspective, focusing on the good that can be achieved and how more positive discussion can actually lead to improvements in cybersecurity.
The word “cyberpositivity” only produces 230 Google hits, compared to a whopping 357,000,000 hits for “cybersecurity”. It is clear that cyberpositivity has not become an established term yet. But why do I want to talk about cyberpositivity? What does it actually mean?
Cyberpositivity refers to a positive approach to security instead of emphasizing risks and threats. Cybersecurity is fundamentally a positive thing. It is vital for digitalization and technological progress. Without security, technological solutions would not function. Indeed, cybersecurity should be seen as an enabling force instead of focusing on threats and risks. A modern organization can achieve success and maintain trust when its cybersecurity is well managed and continuously invested in.
Whether we choose to talk about security or insecurity is not inconsequential. In Maslow’s hierarchy of needs, safety comes second after physiological needs. This means that we are greatly affected when safety falters. Putting emphasis on insecurity, even in mere words, creates fear and concern in people. Emotional states, in turn, always influence our well-being, regardless of whether or not the threats are real. With this in mind, our word choices when talking about cybersecurity are not inconsequential.
Creating a more positive culture of discussion, one that emphasizes opportunities to a greater extent, can actually help us improve security. Studies have shown that positive talk about security in the online world is more effective in making people act more safely than emphasizing threats and risks. This is something that should be taken into consideration in data security training for employees, for example. Adding elements of interactivity and gamification to training strengthens the participants’ engagement. Instead of tedious lectures, it makes sense to focus on simulation exercises that are communicated to the employees in advance. Employee commitment to cybersecurity improves the entire organization’s capacity to respond to cyber threats.
We must not forget about trust. Trust and security go hand in hand: there is no security without trust and there is no trust without security. However, trust also means tolerating uncertainty. There is no such thing as absolute or perfect security. There will always be occasional disturbances that we need to be able to live with. A good example of this is the disruption in Facebook’s services in the fall of 2021, when people had to come up with alternative channels of communication.
We need to take modern security with a grain of salt. It is not enough to rely on a single solution. You need to have alternative operating practices and you have to continuously develop your operations. Nevertheless, as we talk about insecurity and threats, could we also focus increasingly on the positive aspects of cybersecurity and its role as an enabling force in business, for example? After all, the objective is a positive and secure future.
Want to hear more about the global trends in cybersecurity in 2022? See our on-demand webinar “What leadership needs to know about cybersecurity in 2022 – Building trust through cyberpositivity and proactive security”.