CC BY-SA 4.0Krüger, Anne ElisabethAnne ElisabethKrüger2025-06-102025-06-102025https://doi.org/10.24406/publica-4745https://publica.fraunhofer.de/handle/publica/48842810.18420/oid2025_1210.24406/publica-4745This position paper highlights the importance of empathetic communication in information security systems, so that cyberattacks can be effectively defended against at the vulnerable points of the security organization, the non-security users. By systematically integrating empathy, trust between non-security users and security users can be enhanced, resulting in increased mutual engagement and commitment, which in turn encourages safer behaviors from non-security users. To this end, initial principles are introduced to guide the systematic integration of empathy into the interactions between security and non-security users. With the overarching goal that organizations can potentially become more resilient and less vulnerable to cyber threats over time, this position paper aims to spark discussions and provide insights for designers of information security systems.enInformation Security SystemTrustEmpathyExperience Designconference paper