Theory behind the SAFE Awareness and Behavior Program

Our SAFE program is based on scientific insight and combined expertise

... > Programma SAFE per un comportamento cyber-sicuro. > Theory Behind SAFE

Combination of expertise

People’s behavior and information security are two different disciplines. We would never ask a psychologist to build a firewall. But a lot of awareness programs do rely on security specialists to influence people’s behavior.

For effective protection against human errors, you need the expertise of psychologists and security specialists. That’s why Bureau Veritas Cybersecurity's SAFE program was designed by a team of both.

For an effective awareness program you need both psychologists and cybersecurity experts

No ‘one size fits all’

We do not believe in 'one size fits all' solutions. So we tailor our interventions to achieve the goals for your specific focus groups. Any intervention is aimed at removing the barrier to the desired behavior. SAFE has a toolkit of a carefully selected collection of different interventions.

These interventions vary according to topic (e.g., following strong passwords or classification rules), influencing strategy (e.g., increasing motivating, educating or encouraging), and resources (e.g., demos, attention grabbers such as posters or video material, or ambassadorship).

Continuous, stimulating focus

Information security for and by employees is not a one-off project. For most employees, it is not their most important task, so their attention can wane. That means it is a must to focus continuously on information security, in a way that is stimulating - not boring - and keeps people on their toes.

Behavior is the result of three factors:

Knowledge

Knowledge refers to what a person knows and understands about a subject, in this case information security. Knowledge is the factor most focused on in awareness-based efforts, such as e-learnings and classroom trainings.

Motivation

There are different kinds of motivation. For instance: intrinsic motivation, which means behaving in a certain way because it is important to you. Or extrinsic motivation, which means behaving in a certain way because of an external goal.

Opportunity

Are you actually able to behave a certain way, or do circumstances make it impossible? Behavior is determined by opportunity. Context and culture are the most important aspects of opportunity. The culture of an organization has a major impact on behavior.

To change behavior you will have to address each of these three factors

SAFE focuses on repeated attention to all three of these factors. That means SAFE goes beyond traditional awareness programs that usually focus on knowledge.

In addition, SAFE carefully identifies any barriers to the desired behavior: why are employees not doing what we would like them to do? You can only take the right steps to remove this barrier, if you know what is holding people back from certain behavior.

Sometimes the barrier is a gap in knowledge, but often the barrier stems from, for example, a lack of motivation, bad experiences or culture within the organization that does not support the goals.

People are not the weakest link, if you...

Focus on safe behavior as an end goal

Combine cybersecurity and psychology

Focus on all factors that determine behavior

Measure what your employees need, to behave safely

Match the needs of your employees with tailored interventions

CONTACT US

Do you have a question about our SAFE Security Awareness Program? Contact us now.

Nome

Cognome

Azienda / Organizzazione

Numero di telefono

Come possiamo esservi d'aiuto?

Autorizzo il trattamento dei miei dati come descritto nell'Informativa sulla privacy e accetto i Termini e condizioni.

Acconsento all'utilizzo di questi dati da parte di Bureau Veritas Cybersecurity per ricevere ulteriori informazioni sui servizi, eventi o argomenti che potrebbero essere di mio interesse.

More Information

SAFE - Security Awareness & Behavior Program

How do you raise cybersecurity awareness of your people? Discover Bureau Veritas Cybersecurity's SAFE Program to promote cyber safe behavior in your organization.

Social Engineering Program

Did you know that hackers are using your employees to attack your business? That's a bit of a shock, isn't it?! Through your employees, hackers can try to gain access to your company, the weakest link in your IT security. Improve your cybersecurity through a social engineering audit!

Cybersecurity Awareness E-Learning

Do your employees know what they need to do to manage their contacts, systems and company data of your organization safely? Bureau Veritas Cybersecurity has compiled common examples into e-learning modules what employees need to know in order to behave safely regarding topics within information security & privacy.

More Information

SAFE - Security Awareness & Behavior Program

How do you raise cybersecurity awareness of your people? Discover Bureau Veritas Cybersecurity's SAFE Program to promote cyber safe behavior in your organization.

Social Engineering Program

Cybersecurity Awareness E-Learning

Perché scegliere Bureau Veritas Cybersecurity?

Bureau Veritas Cybersecurity è il vostro partner esperto in materia di sicurezza informatica. Aiutiamo le organizzazioni a identificare i rischi, rafforzare le difese e conformarsi agli standard e alle normative in materia di sicurezza informatica. I nostri servizi riguardano persone, processi e tecnologie, dalla formazione sulla consapevolezza e l'ingegneria sociale alla consulenza sulla sicurezza, la conformità e i test di penetrazione.

Operiamo in ambienti IT, OT e IoT, supportando sia i sistemi digitali che i prodotti connessi. Con oltre 300 professionisti della sicurezza informatica in tutto il mondo, uniamo una profonda competenza tecnica a una presenza globale. Bureau Veritas Cybersecurity fa parte del Bureau Veritas Group, leader mondiale nel settore dei test, delle ispezioni e delle certificazioni.