All news with #policy engineering tag

Empathy-Driven IT Security: Path to Active Compliance

🔐 IT security often meets resistance when guidelines clash with everyday work pressures, causing employees to view measures as obstructive and to bypass them. The article advocates empathetic policy engineering: perform stakeholder analysis, design user-centered policies, and pilot changes with early adopters. Communicate with respect—use tactical empathy, collaborative 'help me to help you' dialogues, and realistic, scenario-based training to boost acceptance and embed secure practices.

Empathy Meets IT Security: Building Practical Compliance

🤝 Security policies often fail not because employees resist security in principle but because measures clash with everyday work pressures and lack practical support. CISOs should adopt empathic policy engineering, using stakeholder analysis, pilots and early adopters to align controls with real workflows. Communication should follow the RESPECT approach—tactical empathy, a “help me to help you” dialogue and immersive, scenario-based training—to increase acceptance and embed secure behavior.