We’ve been exploring the idea of healthy habit formation as part of our 2024 New Year, New You campaign.
In February, the Information Security Office hosted the first-ever Cyber Habit Challenge. Over 600 in the Yale community registered for the 21-day challenge. Participants completed a series of daily tasks focused on building strong cyber habits. Activities included listening to a podcast episode and completing a phishing quiz.
It’s one thing to engage in healthy behaviors at the moment, but how do we create cyber habits that stick?
Habit formation has become a popular topic in recent years with many books to help us. Atomic Habits by James Clear and Tiny Habits by BJ Fogg are popular ones. They discuss the science behind habit formation.
Fogg, is a behavioral scientist at Stanford University. He says that we need a combination of motivation, ability, and a prompt to change behavior. Brushing our teeth is a great example. We want to avoid cavities and we can do so by brushing. And we’re prompted by seeing our toothbrush when we walk into the bathroom each morning.
Let’s apply the Fogg model to cybersecurity. The Yale community is motivated to protect Yale data. We don’t want a security incident to interfere with our ability to study, work or teach. Second, we can stay safe by signing up for our monthly awareness tip. Third, when prompted by the tip, we’re likely to read and apply the simple cyber actions we learn.
The truth is that habits form over time and take practice. Also, the tasks we complete should be easy to do, increasing our motivation. Fogg says that actions that give you a feeling of immediate success encourage you to do more.
Ready to build strong cyber habits?
Here are 3 simple actions you can take:
- Listen to Outsmart Cybercriminals Through Strategic Online Behaviors & Habits. This podcast episode identifies 5 easy cyber habits to begin and sustain.
- Use our Building Cybersecurity Habits checklist. This keeps these cyber habits top of mind. Print and post in your workspace as a reminder.
- Sign up for our monthly awareness tip, distributed the second Wednesday of the month. It’s a simple prompt to keep cybersecurity top of mind.