The time is ripe to maximize internal collaboration platforms like Teams, Slack, Asana etc to deliver security awareness training for more reach and engagement.
Low attention spans of the modern workforce is a serious challenge for Cyber Security Awareness Program managers. The mandatory training delivered through Learning Management (LMS) Platforms occurs just once a year and it is not enough. Cyber Security learning is a continuous process and hence it is the right time to explore new-age solutions such as collaboration platforms to drive Cyber Security learning through engagements.
Cyber Security attacks occur almost daily? Does your learning program catch up?
Existing learning dissemination methods such as LMS and Emails are painfully slow to catch-up. It takes months to design a new learning course. While these approaches are effective to deliver Cyber Security concepts, they are not effective in preparing employees for a new phishing attack that has emerged a few hours back.
Email is not a collaborative platform
Email is ubiquitous, but it is essentially a one-to-one communication channel. Over the years we have observed the dissemination of flyers/ mailers via email. But, the viewership is steadily deteriorating.
Emails do not encourage simultaneous engagement or in other words – conversations. It is not surprising that organisations are flocking to Microsoft Teams, Slack, Asana and the likes to better communicate and engage with their workforce.
Hence, isn’t it time to explore the opportunities provided by these platforms for Cyber Security Learning Engagements?
Adopt a fresh mindset
While the concept and value of training is increasing, the methods that we use to deliver the same must change. This change must begin with a fresh mindset that asks the following questions.
- Cyber Security Risks emerge almost everyday. Can my learning program catch up?
- How can I disseminate important Cyber Security Awareness alerts, following an attack, quickly to a large workforce, no matter where they are located?
- How can I spin a positive aura around Cyber Security Learning? How do I connect and converse with my workforce?
- Where can I find my end users? Where do they congregate? Where will I be heard?
Start Cyber Security Conversations – Use Internal Collaboration Channels
There’s been a time when training was delivered with an intent to generate reports to satisfy auditors (and attain regulatory compliance targets). While such approaches drove “attendance”, they failed the “engagement” criterion.
Cyber Security Awareness Program managers must shift the ante and move to the positive zone of “Engagements”. Conversations are a great way to drive engagements.
There are a plethora of methods to drive engagement. Let us start with looking at what you have.
- Your internal collaboration channels such as Teams, Slack and Asana are the places where employees congregate – Be there
- Deliver engaging content, that is short and quick – Maybe an Infographic or a 1-minute animated video
- Ask questions around the topic of the content or request a feedback about the content
- And, when you get a response or feedback, respond immediately
Even if your initial attempts may not garner a huge response, you must stay the path and build the momentum. Frequent content dissemination is bound to bear fruits.
Think beyond awareness – Invest in Behavior Training
Awareness training tells you what to do.
Behavior training tells you how to do it.
Consider behavior training akin to a flight simulator session for pilots. The learner is placed in a situation where they are expected to take a decision. For instance – A ransomware attack or a phishing attack. These simulations help the learner to experience – Learning by Doing, a time-tested method for training.
Further, behavior training does not have to be long. You could have 1-2 minute cyber-risk simulations that help with building Cyber Security skills.
Respect the employees’ time – Invest in Micro-Learning
Micro-learning respects the fact that 99% of employees are busy and are not expected to become Cyber Security experts. They must know enough Cyber Security to do their job securely and protect business (and personal) information.
Micro-learning has been around for quite some time. Though the terminology may be new, we are familiar with bite-sized learning content such as emailers and infographics. And, for today’s Instagram generation you could create simple, less-than-a-minute videos that convey Cyber Security concepts.
Be agile, be flexible – Learning must immediately follow an attack
In spite of what your strategies may look like, learning is worthless if not delivered on time. Hence, you must have a plan for;
- Rapid content development – Examples are Infographics and Short Videos
- An effective delivery channel that is collaborative and engaging – Teams, Slack, Asana etc
Finally – Have a plan and time-table
Most Cyber Security learning programs fail due to the lack of a plan. Without a plan there is no predefined frequency of delivery.
The plan must be built around covering all essential Cyber Security topics that the employee must know while being flexible enough to incorporate new topics (e.g. a new attack or phishing email).
The time-table will ensure that the plan fits a predefined delivery plan (at least one content a fortnight). This ensures that Cyber Security stays fresh and relevant in the minds of the workforce
How can Security Quotient help?
Security Quotient has been helping organisations since 2007 to create Customized Cyber Security Awareness and Behavior Training programs. Instead of selling a product or off-the-shelf content, we develop a program based on our clients’ work culture, brand, language and compliance requirements. Further, we translate the content into multiple languages for effective dissemination in various countries our clients’ operate in. Further, we specialize in creating content for differently-abled employees.