Fear-based cybersecurity messaging generates anxiety but rarely produces meaningful behavior change; it often causes recipients to tune out, freeze, or treat security as someone else's problem. The root cause is communication, not technology. Cybersecurity awareness requires PR and marketing tactics that build connection, consistency, and creative strategy to encourage actions like password updates and multi-factor authentication. Effective behavior-change campaigns simplify decisions, tell stories, and persistently meet people where they are. Jigsaw's personalized tools for high-risk users applied this empathy-driven approach through a phishing quiz, account protection, password alerts, and DDoS mitigation tailored to journalists and activists, modeled on real attack simulations and user stories.
In the cybersecurity world, fear is easy to sell. Headlines announce devastating breaches. Alerts warn us that phishing emails are on the rise. Yet for all the anxiety that cybersecurity messaging generates, it rarely leads to meaningful behavior change. In fact, scare tactics often backfire. People tune out. They freeze up. Or they file the message away under "someone else's problem."
Getting people to adopt secure behaviors like updating passwords or enabling multi-factor authentication is not all that different from getting them to recycle, wear sunscreen, or floss regularly. It takes more than awareness. It takes connection, consistency, and creative strategy. The cybersecurity industry would benefit from drawing more directly from the public relations and marketing playbook. We already know what works. The best behavior-change campaigns understand how people think, feel, and act.
Collection
[
|
...
]