Research shows that 80% of professional security incidents are due to human errors. Most organizations are well aware of the importance of cyber security. But how do you convert that into lasting, cyber secure behavior among employees? As it turns out, cyber secure behavior is not something you just whip up. We explain which aspects are crucial to durably integrate cyber security awareness into your corporate culture.
Many companies launch a one-time cyber security training, and bombard their employees with e-learning, tips or other information during a short, defined period of time. That in itself is not wrong, but usually doesn’t bring about a long-term change in behavior.
Therefore, use the power of repetition, and approach certain topics from different angles to stimulate the curiosity of end users. That way you ensure that cyber security remains top of mind, and that you ultimately achieve a sustainable change in behavior.
To make employees truly mindful about phishing and other digital risks, you need to incorporate the training organically into their workflow. You do this with a well thought-out learning campaign that runs over a longer period of time (about 1 year).
We realize like no other that employees have many daily tasks on their hands. The learning activities that are part of a cyber security campaign must therefore be short and powerful. Microlearnings are the perfect solution for this. Think of compact videos or concise e-learnings that come straight to the point, for example. What's more, end users can go through them at their own pace, whenever and wherever they want.
How do you attract the attention of end users, and retain that attention for a long time? By using learning techniques that motivate and create engagement with employees, and by challenging and rewarding them during the learning campaign.
At Neo Learning, we believe in the power of immersive storytelling and gamification. Where they offer added value, we are happy to use those techniques. For a topic such as cyber security, storytelling and scenario-based learning are grateful methods.
By using real-life examples or even real-life cybercrime cases in e-learning or videos, you speak to users on a more emotional level. As a result, the message sticks much better.
To measure is to know. Only by identifying risk-sensitive points within your organization can you actually do something about it. That is why starting with a baseline measurement is particularly interesting for an awareness campaign about digital security.
Not only does a baseline measurement identify the pain points black on white. You also have a starting point to later monitor the evolution of knowledge levels and behavior of your end users. Is evolution showing to be slower than expected, or are employees not completely in step with the expectations? Then you make adjustments immediately. Thanks to this goal-oriented approach, you can expect effective results.
The experts at Xylos and Neo Learning developed InviQta, a campaign that makes your employees actively and sustainably aware of cyber risks and dangers. During this end-user security awareness campaign, we convert them into involved end users who embrace the required behavioral changes and together guarantee the cyber security of your company.