Beyond Awareness, building Cybersecurity Competence through Behaviour focused Training
Discover training that influences positive Cybersecurity Behaviour using the time-tested Learning by Doing method.
Awareness, Behaviour & Competence
Awareness is the know-how of a subject. Behaviour is the response or reaction to a particular situation or stimulus. Competence is the skill or ability to do a task successfully or efficiently. Competence (skill or ability) is dependent on both Awareness (know-how) and behaviour. In short, to be considered competent, the person must know and be able to do.
The Cybersecurity Competent Employee
A Cybersecurity Competent employee knows (is aware) the necessary Cybersecurity rules and procedures required by the employer. Further, the employee responds or reacts (behaviour) to risks by applying the procedures accurately and efficiently. Hence, the combination of Awareness and Behaviour (skills) is vital to make an employee Cybersecurity Competent.
Using the Learning by Doing method for Competence training
Learning by doing is a time tested method that applies the principle of learning through experiences. Experience-based learning differentiates itself in one critical aspect. The learning goes beyond awareness and influences behaviour.
Most Cybersecurity training programs focus on the awareness component. But, to influence behaviour, the Training must have four fundamental qualities to change behaviour.
Immersion, Analysis, Decision and Outcome.
- Immersion is when the quality of the training content engages the learners’ undivided attention.
- The analysis is when the learner confronts a situation that demands a choice to be made by evaluating various factors.
- The decision is the execution of the best choice according to the learner.
- The outcome is the effect produced by the decision.
The outcome, whether good or bad, creates an experience. Experiences, accumulated over time, build behaviour.
Cybersecurity Training: The shift to Experience training
Intelligent Cybersecurity Managers have been exploring the power of Training that can positively influence behaviour. But, often they are frustrated by the lack of training programs that provide experiences. The Cybersecurity team and the creative Multimedia artists at Security Quotient have successfully developed and delivered Cybersecurity training that provides Risk experiences.
Each Risk experience is a 3D simulation that re-creates a Cybersecurity Risk scenario by implementing the Learning by Doing method. The learner is expected to solve the risks through, you guessed it, Immersion, Analysis, Decision and producing an Outcome. Every outcome, in this case, creates a Cybersecurity experience.
By consistently engaging the employees in Cybersecurity Risk Simulations, over time, the employees accumulate experiences that trigger the appropriate behavioural response in real-world risk situations.
Discover behaviour focused Cybersecurity training by visiting our 3D and Virtual Reality page.