Reducing the Privacy Trust Deficit

A while back, when I ran an Insurance brokerage, a good friend of mine who owned a mid-size company said, “you know Doug, when it comes to insurance the one thing I’ve learned is that the insurance carriers are only out to [bleep] us.”  I can only imagine what CEO clients who weren’t my friends were saying.

However, when you are selling an intangible, like insurance, you are immediately starting with a trust deficit between you and your prospect.  And it’s that deficit you need to overcome before you can hope to make a sale.

Privacy is an intangible, as well.  You can’t see it.  You can’t touch it.  It’s a concept, a concept that is closely tied to our sense of ourselves and the freedom to express and “own” our identity as we choose.  And, like other intangibles, companies have a trust deficit which they need to overcome if they want to establish strong customer relationships.

The need to bridge the trust deficit is a theme coming from a recent survey on consumer attitudes towards privacy that Deloitte has just released.  As the article states, over two thirds of consumers believe their data is used primarily for target marketing and over half believe the data is shared with third parties.  And, ironically, despite increasing privacy legislation, only 22% of companies are aligning their privacy requirements with business strategy.

This is an epic fail on two fronts:  1) misalignment of privacy compliance with strategy will inevitability result in the sub-optimal compliance measures which open the organization to regulatory action; 2) misalignment of privacy with strategy keeps the organization from taking advantage of a huge opportunity to leverage privacy as an asset to develop stronger customer relationships and propel growth.

For companies that want close the Privacy Trust Deficit, increase market share and improve operational and regulatory compliance, they can start with four steps:  1)  Define the company’s desired relationship with its customers; 2)  Outline privacy requirements as minimally defined by regulation and maximally defined by the company’s desired relationship with its customers; 3) Create a customer data and engagement map which defines how,, why and what the company does with its client data; 3)  Express each point of the data and engagement map in terms of a repeatable behavior with a quantifiable outcome that both leverages and enhances privacy and customer value; 4) Communicate and be transparent of the privacy-related behaviors the company is doing at the same time it is doing them.

Applying these steps will help align privacy with business strategy, minimize the privacy trust deficit and enable the organization to take market share from it’s competitors who view privacy as a compliance objective as opposed to a strategic opportunity.

 

Cyber Awareness 4 mins at a time

Last week we announced our new Behavior-Designed Cyber Awareness ProgramOne part of that program will be a structured phish simulation campaigns; another part of the program is series of courses on a broad range of topics related to digital awareness, appropriate security practices, and behavioral biases which impact susceptibility to phishing emails and other forms of social engineering. Each course contains a number of micro-lessons designed to take only a few minutes — typically around 4 minutes — to complete. The intent of each course, in addition to the phish simulations that will run concurrently, is to give participants the tools they need to recognize and modify their online behavior in order to maintain a safer and healthier digital presence.  

Soon we will be rolling out the entire program, but for now we want to offer a sneak peak of what’s to come. Right now we are offering a free preview of a course on phishing attacks and how to spot them. If you want to try it out click here and enroll now for free 

And, if you haven’t already, you can check out a review of our new program published as a part of the Stanford Peace Tech Lab. 

Behavior-Designed Cyber Awareness — A New Program

For the Past Year, Designed Privacy has been working to integrate behavior design into the cyber awareness process. Through a series of testing, we have created a CyberAwareness Program which we are launching this Fall.  The Program not only shows strong results in reducing phish susceptibility, the behaviors it’s designed to create show the potential to both mitigate digital disinformation efforts and get people to collaborate on reinforcing secure behaviors, whether in the office, at home or with clients and vendors.

In addition, we are extremely pleased to have process and results published by the Peace Innovation Lab at Stanford.

After a year of testing three things are clear:
1). Cyber awareness without behavior change is a waste of time, money and energy;
2). Behavior changes occurs through a combination of ease, prompting and positive reinforcement. People are more apt to change behaviors when they see a positive WIIFM.
3). Behavior-designed cyber awareness not only leads to reduced phish susceptibility, but it also has the potential to lead to better organizational decision making, especially as we are relying more and more on digital information to make those decisions.

In a world of phishing, online scams,  deepfake video and content, and the weaponization of social media, we all need to develop behaviors to help us determine what is real and what is not if we want to be secure, make sound decisions and feel that we still have the space where our choices are our own.

Please read the Stanford Peace Innovation Lab article here.