Get people to read and follow your security advice in 3 easy steps

As a security manager, nothing is more frustrating than feeling your security alerts are being ignored. You collect, investigate, validate and share security information but it feels like no one is reading it… much less following it.

What can you do?

Before we assume that something is wrong with all our colleagues – that they haven’t had security training, that they’re uninterested in staying safe, or adverse to authority - let’s first look at the information we’re sending. A couple of quick changes can completely change peoples’ attitudes toward our advice. If you can improve the information you are sending and ensure that your colleagues know what to do with the information they receive you will likely find they’re much more amenable to following it – especially in hostile environments.

1. Be concise and accurate

My favourite security briefing of all time was in Darfur, Sudan at an inter-agency security brief. The security officer stood up and began with, “we understand that something has happened…somewhere.”

Talk about vague!

Of course, ‘something’ happened ‘somewhere’! Things are happening all the time, but this type of information helps no one. Security information should be as concise and as accurate as possible containing these critical details:

• What has happened or what is threatening to happen

• Where

• When

• Who was involved or targeted?

• Are there injuries/death – how many?

• Is this for people’s information or action?

• Is there any immediate action you want people to take?

• If so, what?

2. Do not pass unverified information

Security managers often fall into the trap of believing that the first person to pass information about a security event wins.

But there is no competition.

The first information passed is often inaccurate and can even be wrong or misleading. Passing inaccurate information can even have deadly consequences as we have seen in South Sudan. There is nothing wrong with alerting people that an event was reported, or threatened, and what the preliminary details are. Just make sure to state that this is preliminary information and that it is unverified. Security managers who pass unverified information without stating this stand to lose credibility in the sight of their colleagues especially if their information is repeatedly inaccurate or wrong. Not all information is created equal, and all organisations must have a means of verifying information. There are several basic and easy methods verifying information and you can read more about security analysis in this blog: click here.

3. Be clear about the next step

How often have you received an email and thought, “What am I supposed to do with this?” Just this week I received an email alert with the subject line: Turkey – alarming!! Given that we often work in Turkey I opened it and read about the arrests of six human rights activists over the course of several weeks.

Is this alarming? Yes.

Did the sender expect me to follow some course of action related to this information? I had no idea.

The email sat in my in-box like a giant, red alarm bell as I attempted to get on with other work. All the while, I was thinking that I should take care of it; I should do something about it. But what? You do not want your readers to have this reaction. You want them to either know it is just for their information or that they should take direct and immediate action and by when. This can be as simple as beginning each email, What’s App, Skype or text message with either FYI or ACTION before you pass the information.

Following these three simple guidelines every time you send out a security alert will make your alerts user-friendly, and you should see an increase in the number of colleagues who both read, appreciate and follow your advice.

Want some more ways to make your organisational culture more security aware? Have a look at our e-learning courses including Security Management E-Learning. In this 9-hour course, self-directed, e-learning course you will everything you need to manage security in a social sector organisation.