How can organisations use guerrilla marketing to communicate cyber security messages?
06 January 2017
What is Guerrilla Marketing?
Various studies have shown that the average attention span of a human being without being distracted is just eight seconds. Due to the digital age and the sheer volume of information individuals now have to process, the world of marketing has changed; marketing professionals are increasingly turning to guerrilla techniques to engage users. Guerrilla marketing refers to an advertising concept that allows businesses to promote their services in an unconventional way and is more effective in retaining the interest of users than conventional advertising.
The imagination used in guerrilla marketing techniques helps grab individuals’ attention with a more personal and memorable touch. One consumer industry example is where a toothpaste manufacturer placed a toothbrush-shaped wooden stick in ice creams, with a written reminder on it for people to remember their toothpaste.
Problems within Cyber Security
As cyber security specialists, we face two main problems in communicating our message. Firstly, as previously discussed, the attention span of individuals is simply too short. Why should someone, who apparently has no interest in cyber security, care? In a generation where people want smartphone games and constant communication through technology to stay interested, a simple cyber security awareness campaign may seem like a waste of time. Why should an individual be told how to spot phishing emails when he or she could play an interactive game that will teach them the same thing? People are bored of the same old e-learns and staff training sessions and require something new! In the digital age, individuals expect everything to be interactive and fun. If that is not the case, it will not grab their attention.
The second issue is that cyber security is competing for attention against many other topics within organisations, such as business delivery targets, health and safety etc. This is not to say the other topics are not important, but the potential financial and reputational damage a cyber security breach could cause is substantial. This competition, combined with employees having long to-do lists and very little time, emphasises the importance of catching the individual’s imagination.
Guerrilla techniques in Cyber Security
So how can we do this? One of the answers is guerrilla techniques. There are many examples of guerrilla techniques that can be used to quickly attract and maintain attention to convey a cyber security message and to support security behaviour change. An example could be having your organisation’s cyber security logo on the canteen staff aprons so everyone can recognise it. This very simple idea will not only familiarise employees with the organisation’s security logo but also encourage employees to think about security in all aspects of their work, not just when requested to do so by cyber security teams.
One of the advantages of using guerrilla techniques is that they can be done on a very tight budget. A simple example of a low-cost technique is having posters in areas where people linger, such as on hand dryers or by the printer. The idea is that people will sub-consciously take in the information while they are waiting. We constantly take in the information around us without necessarily realising it, and guerrilla techniques take advantage of this fact, helping change employee behaviour. If individuals are more aware of cyber security issues, they are naturally more likely to act on the problems.
My challenge to you is to open up your mind and see if you can spot guerrilla techniques. Think about how these techniques could be applied to create innovative ways of engaging your employees in cyber security. If you are feeling bold, you could even come up with your own guerrilla techniques! To end the article I will leave you with a tip from me, just remember…
Guerrilla techniques simply require imagination.