Inertia, in the context of digital awareness and cyber security, refers to the tendency of people, even if they are positive about the change, not to take action. The intention is there, but they are not moving, or are moving very slowly. It also partly has to do with sticking to existing ways of thinking and acting, and this comes purely from energy conservation. A common saying, then, is:
“Can’t we just keep it the way it is?”. ” It’s fine the way it is, right?”
Why Inertia is a Challenge
Inertia is a challenge because it hinders the implementation of effective cyber security measures. Here are some reasons why inertia is a serious problem:
- Comfort Zone: People often feel comfortable with what they already know. Change can be perceived as uncomfortable, and this can lead to resistance to new security measures.
- Complexity: Cybersecurity can be complex, and understanding and applying new security protocols can seem daunting.
- Cost: Upgrading to the latest security solutions may incur costs. Organizations may be reluctant because of budget constraints.
How to Overcome Inertia
When you find that someone is in resistance inertia, it is important to break down the change into manageable small steps. That way, you create as few obstacles as possible and the new behavior is easier to maintain.
- Make the request as easy and specific as possible. Hereby making it clear and straightforward what the course of action is and exactly how much energy it will cost.
- By making behaviors and expectations very concrete and then asking for public commitment to them, you ensure that people do not withdraw so quickly afterwards and thus get moving.
A real-life example: We recently applied this to the management of a financial institution. First, we talked to the team; what exactly do we expect from this group?
“COMMITMENT!” shouted everyone. But what exactly does this mean? By using the“make easy/concrete” technique, putting it very clearly on paper. Eg: I put the topic on the agenda twice a year, inviting the CISO.
Then we let the people in the group choose: ” well people, pick 2 that you commit to.”
By committing, out loud, in a group, to 2 points, you ensure that they will actually follow up on their commitment because the group can/will keep them accountable.
Conclusion
Inertia poses a serious threat to digital awareness and cybersecurity. Organizations must take active steps to overcome this resistance or they risk being vulnerable to cyber attacks. It starts with awareness, education and leadership, and it requires ongoing commitment to create and maintain a culture of digital security.