How does a corporation get people to care about boring things like security? Tie it to financial incentives for employees.
By allowing employees to choose the locations of corporate donations it gets them engaged in charitable giving and allows a company to make a much wider impact on the community. The company can choose a variety of locations for their employees to donate money and the employees can select which ones they want through Modo.
Phishing is one of the biggest security holes. It’s in a company’s best interest to identify vulnerable targets. It can do this by launching a mock campaign. We tell individuals before hand that if they give away data in an email, we reduce the amount given to a charity, and if they report the email to their security office, the amount they have to give goes up. While they spend their time looking for the fake emails, any real ones that show up will get reported by people looking for a prize.
We don’t need to stop with just phishing, we can imagine update servers adding to accounts the sooner people update their laptops.
We know that getting users to care about security flaws is incredibly difficult because they aren’t immediately apparent. However, by tying it to something they do care about, the company can secure itself, increase employee awareness about security and charity, and perform real social good.