Cyber Security Training That Employees Don’t Hate

Uploaded on 2019-11-01 in JOBS-Training, FREE TO VIEW, TECHNOLOGY--Resilience

Most employees hate taking cybersecurity awareness training. It doesn’t have be that way. If you want your security awareness training program to be effective, address some of the most common user complaints.

Here are five common complaints of security awareness training and the ways to make your people like and engage with Cyber Training to make them love it.

1. Cybersecurity awareness Training is said to be Boring
It can be boring, at least the way most organisations do it. Make it more exciting, vary it, and make it a game.
Security awareness training videos that look like professional, Netflix-style episodes are the ones I’ve seen employees ask for more of.  Security awareness training companies do this sort of thing, or professional production companies will customise videos for your company. 

2. Employees don’t understand the importance of security awareness training
Most end-users don’t understand the importance of security awareness training.  Make sure that employees know how important security awareness training is to their own success and to the organization’s. If the organisation has been hacked, don’t hide the details. Let all employees know how it happened, what the hacker did, and how it could have been avoided. 

3. Security awareness training isn’t Personal
If you want to make someone care, make it personal. Don’t just train them for protecting your business. Let employees know you care about them and their families. Give them training and tools to help them be more cybersecurity aware at home. Employees who train their spouses, parents, and children in cybersecurity awareness will be one of your best defenders at work.

4. Security awareness Training isn’t timely
Make sure your security awareness training program is personalised, targeted to the user’s role, and appropriate for the time of the season. For example, don’t give training on how to avoid fake invoices and malicious wiring transfers to employees who don’t pay bills.  Make sure all employees are trained on how to avoid fake information requests for their personal tax identification information and that HR/payroll department employees receive training in how to avoid fake information requests from someone claiming to be their organisation’s tax processor. 

Give instructions on how to avoid fake gift card scams around Christmas. Instruct people on how to appropriately patch their systems and how to appropriately recognise their installed anti-malware programs so they can’t be fooled by a fake version of either.

5. Security awareness Training feels punitive
You’ve got to motivate people to take the training, but if you make it fun and different, you can motivate people to want to learn more. The gamification I talked about earlier is a good way to do it. For example, tell every employee who reports 100% of all real and simulated phishing emails for a year, that they will get an Amazon gift card. 
Make the amount enough so that they will care. Then tell them to watch a few videos to learn about what to be on the lookout for. Tell them every month they’ll get a different topic and that they’ll be tested on that topic and others in the following month. 

Companies whose cybersecurity awareness training programs use all these tactics have employees who are better, happier, and safer because of them.

CSO Online:       GoCyber:

You Might Also Read: 

UK Workforce Lacks Basic Cyber Training:

_____________
For free Cyber training information please contact Cyber Security Intelligence  

 

 

 

« Cyber Training For Every US Federal Employee
A £370m Investment To Boost AI In Britain »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Lockton

Lockton

Lockton is the world’s largest privately owned insurance brokerage firm. Commercial services include Cyber Risk insurance.

Vade Secure

Vade Secure

Vade Secure provides protection against the most sophisticated email scams such as phishing and spear phishing, malware and ransomware.

Aves Netsec

Aves Netsec

Aves is a deceptive security system for enterprises who want to capture, observe and mitigate bad actors in their internal network.

Dcoya

Dcoya

Dcoya's complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

EverC

EverC

EverC (formerly EverCompliant) is a leading provider of cyber intelligence that allows acquiring banks and payment service providers (PSP) to manage cyber risk.

Quorum Cyber

Quorum Cyber

Quorum Cyber offer end-to-end cyber security solutions, specialising in Managed Security Services, Consulting and Resourcing.

Living Security

Living Security

Living Security specializes in metric driven and engaging security awareness solutions that reduce risk by increasing security culture and changing employee behaviour.

Sistem Integra (SISB)

Sistem Integra (SISB)

SISB provide IT Security Infrastructure & Development, Mechanical & Electrical Services, Fire Safety & Detection Services, Facilities Management & Application Development.

CRYPTTECH

CRYPTTECH

CRYPTTECH specializes in Information Security and Intelligence, Risk Evaluation and Vulnerability Recognition against Cyber-Attacks and APTs.

SPARTA Consortium

SPARTA Consortium

SPARTA tackles hard innovation challenges, leading the way in building transformative capabilities and forming a world-leading cybersecurity competence network across the EU.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

Snowflake

Snowflake

Empower your cybersecurity and compliance teams with Snowflake. Gain full visibility into security logs, at massive scale, while reducing costs of Security Information and Event Management systems.

Tromzo

Tromzo

Tromzo's mission is to eliminate the friction between developers and security so you can scale your application security program.

Ward Solutions

Ward Solutions

Ward Solutions are an information security consultancy and managed services company. We help organisations protect their brand, people, assets, intellectual property and profits.

Delinea

Delinea

Delinea is a leading provider of cloud-ready privileged access management (PAM) solutions that empower cybersecurity for the modern, hybrid enterprise.

Auxilion

Auxilion

Auxilion is an award-winning provider of consulting and IT support services, technologies and consulting for public and private organisations in the UK and Ireland.