The Role of Social Network Analysis in Building Effective Security Champion Programmes

In the pursuit of embedding strong cybersecurity practices across an organisation, many professionals have turned to Security Champion Programmes as a key strategy. These programmes leverage employees who are embedded within business units or teams to promote secure behaviours and act as local advocates of cyber risk awareness. While the concept of Security Champions is not new, the sophistication with which we design and evolve these networks is rapidly advancing, particularly through the application of Social Network Analysis (SNA).

SNA provides the critical missing insight into how influence, trust, and communication really work within an organisation, enabling a move beyond hierarchical assumptions to a more evidence-based strategy for cultural change. Rather than deploying Champions uniformly and expecting them all to play the same role, SNA empowers organisations to tailor Champion responsibilities and placements based on behavioural science and real-world network dynamics.

Understanding Social Network Analysis (SNA)

SNA is the study of relationships between people (or “nodes”) within a network. It maps and measures the connections (or “ties”) between individuals, uncovering informal structures that can significantly influence the flow of information, trust, and behaviour in a workplace.

Unlike organisational charts, which reflect formal reporting lines, SNA captures the hidden networks of influence – who turns to whom for advice, who is central to decision-making, and who connects disparate departments or knowledge silos. These insights are especially relevant when developing a behavioural change initiative like a Security Champion Programme.

The Strategic Importance of SNA in Security Champion Networks

A traditional Champion Programme might assign one person per team or department and ask each of them to deliver the same intervention. This one-size-fits-all approach often overlooks the subtle but critical differences in influence, communication patterns, and motivational drivers among Champions. As a result, uptake of secure behaviours can be inconsistent, with some interventions landing well and others falling flat.

SNA changes this by allowing organisations to:

  • Identify natural influencers, even if they lack formal authority.
  • Spot connectors or “brokers” who bridge different teams or departments.
  • Recognise peripheral individuals who may need targeted support or engagement.
  • Tailor the roles and responsibilities of Champions to the specific behavioural goal at hand.

Different Roles Champions Can Play

Security Champions are not a homogeneous group. Their value to the programme depends on how their strengths align with the behavioural interventions being delivered. Based on SNA insights, Champions can play a range of roles, each with distinct functions and value:

1. Influencers are central within the network and are often trusted by many peers. They are ideal for initiating change, as their behaviours are likely to be emulated by others. In campaigns that rely on modelling secure behaviours or shifting group norms, influencers are invaluable.

2. Brokers act as bridges between disconnected parts of the organisation. They are well-positioned to help scale secure behaviours across silos or business units. When launching new interventions or cross-functional campaigns, brokers can reduce resistance by connecting ideas and feedback across domains.

3. Communicators excel at translating technical guidance into relatable, clear language. While they may not be central in the network, their ability to communicate effectively makes them ideal for awareness campaigns or training delivery where comprehension is key.

4. Mentors are trusted advisors who are frequently turned to for guidance. They may not be highly visible, but they wield deep trust within their circles. They are effective in reinforcing behaviours over time and offering peer coaching or support.

5. Sentinels are acutely aware of local dynamics. They can spot behavioural risk early or anticipate how a team might respond to a policy. Sentinels are essential for early feedback loops and refining interventions.

Matching Champion Roles to Behavioural Interventions

The Behaviour Change Wheel (BCW), COM-B model, and Behaviour Change Techniques (BCTs) offer structured ways to design cybersecurity interventions. However, their success often hinges on who delivers the intervention. Different interventions require different types of engagement and, by extension, different Champion profiles.

For example

  • An intervention aiming to motivate behaviour through social comparison might best be delivered by an influencer, whose behaviours carry social weight.
  • A change that depends on capability building, such as upskilling staff on phishing detection, may require communicators who are skilled at breaking down complex tasks.
  • A cultural shift around psychological safety might need mentors and sentinels who can provide safe spaces for discussion and notice emerging issues before they escalate.

Deploying every Champion for every campaign, regardless of fit, leads to fatigue, dilution of effort, and missed opportunities for impact. It also underutilises the very people selected to foster change.

Champion Skills and Development Considerations

Understanding the natural strengths and network roles of each Champion allows organisations to be intentional about their development. This might involve:

  • Providing specialist training based on the role they are best suited for (e.g. communication training for communicators; behavioural coaching for mentors).
  • Rotating responsibilities across the Champion network to build a diverse set of capabilities.
  • Offering Champions opportunities to co-design interventions, informed by their proximity to behavioural bottlenecks on the ground.

Such a differentiated approach respects the diversity of human networks and supports more sustainable, adaptive programmes that evolve with the business.

Evolving the Security Champion Model

The future of Security Champion Programmes lies not in standardisation, but in precision and adaptability. SNA enables us to diagnose influence, trust, and communication dynamics with empirical rigour. This makes it possible to move from a generic model of Champion delivery to a strategic deployment model – one that aligns Champion types with the needs of the behaviour change initiative.

As threats become more sophisticated and the human attack surface more complex, building a culture of security can no longer rely on instinct or hierarchy alone. It requires understanding who people listen to, who they trust, and how change flows through the organisation. SNA gives us the lens to do exactly that.

When combined with behavioural science, this insight leads to more effective interventions, a more resilient culture, and a Champion network that is not only visible but vital.


#SecurityChampions #SocialNetworkAnalysis #SNA #SecurityChampionProgramme #CybersecurityCulture #BehaviouralScience