What makes Cybersecurity Awareness Campaigns effective?

08 December 2016 - A Workshop on Guadalajara,Mexico


The primary purpose of cybersecurity awareness campaigns is to influence the adoption of secure behaviour online. Past and current efforts to improve cybersecurity practices and to promote inclusiveness and growth have not had the desired impact. It is important, therefore, to critically reflect on the challenges involved in improving cybersecurity behaviour for individuals. In particular, understanding how people perceive risks is critical to creating effective awareness campaigns.

This session aims to better understand the reasons why cybersecurity awareness campaigns often fail to change people’s behaviour. The speakers will discuss which factors are important to be considered when designing education and awareness messages (e.g. cultural and socio-economic factors) based on several examples from around the world and will try to identify possible metrics to measure the impact of cybersecurity awareness campaigns.

  • Liina Areng, Head of International Relations, Information System Authority Estonia
  • Dr Maria Bada, Oxford Martin Fellow, The Global Cyber Security Capacity Centre, University of Oxford @capacitycentre
  • Kerry-Ann Barrett, Cyber Security Policy Specialist, Cyber Security Program, Organization of American States @OEA_Cyber
  • Michael Kaiser, Executive Director, National Cyber Security Alliance @MKaiserNCSA

Participants will be invited to participate in a short survey which will contribute to the research of the Global Cyber Security Capacity Centre.