October is Cybersecurity Awareness Month with ‘Do Your Part. #BeCyberSmart’ as this year’s overarching theme to help empower organisations and individuals to own their role in protecting businesses and themselves against potential threats and cyberattacks.
To look at the problem at the employee level, it is essential to change the mindset of your staff when it comes to cyber safety. Data from Check Point Software, a leading provider of cybersecurity solutions globally, can reveal an Australian organisation has been attacked on average 460 times a week in the last six months. And when looking at attack vectors, 72% of threats in the past 30 days were via email through the end-user.
With team engagement front and centre as a key element of protecting businesses from the costly repercussion of breaches, companies need to rethink their approach to training. Generally speaking, it boils down to three main reasons employee training might not work – it isn’t planned properly, engaging or personal.
Ashwin Ram, Cyber Security Expert of Check Point Software, his advise to help businesses with their security training:
5 tips on how to build an engaging cybersecurity awareness program
- Provide Context – There are different ways in which you can approach context. When explaining a solution, you can focus on making it about the audience instead of simply giving the problem followed by the answer.
- Share a story – Sometimes, the intended message gets lost in technical terms and boring presentation slides. A story can break this pattern, grab the listener’s attention, and create something memorable for them.
- Use visuals – There are many reasons why visuals make sense in a training course – for visual learners, infographics, tables, and charts can help understand things faster and recall information better. The appeal of visuals goes beyond learners who prefer them. Visuals help in bringing out the meaning in our words.
- Make it interactive (i.e. fun) – These days, there are many ways of easily making courses interactive, including online exercises and quizzes, security awareness challenges, and point systems connected to successfully completing tasks.
- Keep it frequent (i.e. events) – Training programs should be more than something done once per employee or once per year to meet compliance standards. Create a quarterly cybersecurity boot camp to take your team through updates and insights so they feel as much a stakeholder in protecting the business