Security is Everyone's Responsibility
Physical and cyber (or information) security measures can only go so far in mitigating security threats. Employees must behave in the right way to optimise the effectiveness of such measures
Encouraging employees to think and act in a security-conscious and collaborative manner can help businesses to prevent incidents and breaches from happening.
By ensuring simple security behaviours are shared, the overall level of security can be dramatically improved.
Embedding Security Working Behaviours
Security behaviours refer to the set of values and practices - shared by everyone in an organisation - that determine how people are expected to think about and approach security.
The development of an appropriate security culture within UK organisations, where the right security behaviours are adopted by the workforce as a matter of course, is an essential component to any protective security regime. It is also something that can be achieved at a relatively low cost in comparison to some physical and technical measures.
One method is to follow the 5Es framework - this is recommended as a way to guide organisations on how best to embed and sustain security working behaviours within the workforce:
- Educate Why: Educating employees about the security threat. Employees are less likely to adopt the required behaviours when they are uninformed of the susceptibility to threats (both their own and the organisation's susceptibility) and the severity of the consequences.
- Enable How: Enabling employees to demonstrate the behaviours being asked of them. If employees aren't provided with the appropriate information, training, advice and support they may not know what security behaviours are expected of them, how to do these, or have the necessary confidence to demonstrate them.
- Shape the Environment: This is about ensuring that employees have the resources they need (e.g. equipment, materials, people), the physical opportunity (e.g. space, time, access) and the social opportunity (e.g. peer pressure, leadership, support) to demonstrate the behaviours. If employees perceive that there are too many hurdles or barriers to applying the behaviours in a practical setting, they will be less likely to do so.
- Encourage the action: Providing feedback to employees, encouraging the adoption and consistent use of security measures, is key to sustaining security behaviours in the workplace. If employees receive little or no feedback when trying a new behaviour, they may be less likely to perform the behaviour again.
- Evaluate the impact: It is important to review the improvement in security behaviours to ensure they are maintained and not a temporary response that will subside over time.
Workplace Behaviours: Getting The Basics Right
Guidance such as this is designed to empower employees to create a challenge culture.
From tailgating to challenging an unfamiliar visitor to a property, getting the basics right can prevent damaging security breaches. In some scenarios, good security practices can prevent theft, criminal damage, and the negative effects security breaches can have to an organisation's reputation.
For all media enquiries, please contact the SecuriGroup Communications team at firstname.lastname@example.org
SecuriGroup is one of the UK's leading security companies, rated within the top 5% by the Security Industry Authority. SecuriGroup is part of the ACS Hall of Fame and is a winner of the prestigious Security Excellence Awards ACS Champion of the Year.
An SIA Approved Contractor, Investors in People organisation, industry accredited for operational excellence; SecuriGroup is an organisation led by industry experts and is focused on meeting the challenges of a modern security industry.