Schedule a Consultation Today (614) 484-0918

Posted by A-Jay Orr

How to Make Cybersecurity Awareness Training FUN!

Your employees are a cyber-criminal’s No.1 target. We aren’t just talking about hackers anymore. These people are psychological terrorists who use social engineering to trick people into giving up private information. To defend against such a subliminal approach, security behaviors must become second nature to employees. But if you rely solely on PowerPoints and lectures for training, the only thing your staff will remember is the weird dream they had while snoozing through your session. Time to kick things up a notch! Here are four ways to create a FUN cybersecurity awareness program that your employees will want to attend and won’t soon forget.

1. Incorporate a Little Humor.

There’s nothing funny about cybercrime, but that doesn’t mean security leaders can’t lighten the mood during training. Check out this company, who teamed up with award-winning Hollywood comedy writers to create training videos that effectively walk the line between humor and seriousness. Balancing these two states of emotion is a surefire way to make lessons engaging and memorable.

2. Make Security Training a Game

Develop a point value system for specific security-related actions and offer cool prizes that will entice strong participation. At the end of each quarter, reward the highest scoring participants with a prize, such as a free day off, lunch with the boss, or an Amazon gift card. One way to up the ante in your security awareness game is to conduct periodic spear phishing tests to trick your employees into clicking on insecure email links. After each test, you can review the results to find out which employees fell for the attack and which did not. Dish out points accordingly and use failures as a teaching opportunity for the group. You can also reward extra points for employees who catch security mistakes made by their peers. This is a great way to build a culture of security but, keep in mind; you will want to design this rule carefully. Employees shouldn’t ever feel “ratted out” or “thrown under the bus”.

3. Feature a Special Guest

Get industry-relevant big-shots, local heroes, or even internal celebrities like the CEO to make a cameo appearance in your training program. KnowBe4 brought in Kevin Mitnick who was once “the world’s most wanted hacker” to enlighten their employees. If a backstory like that doesn’t spark interest — check their pulse.

4. Connect Training to Everyday Events

Luckily, there is no shortage of headlines to inspire your session topics. Security and cybersecurity breaches happen all the time. Tying lessons to the real world will legitimize the information. You can do this by discussing and debating the latest news-worthy attack, or even showing employees live news coverage of an event, followed by exercises that reinforce preventative security measures.

Remember to keep your training sessions fresh by staying up-to-date on all the latest cybersecurity news and best practices. Subscribing to trusted resources is an easy way to get updates delivered right to your email!

Looking for a summer project to fill the dog days of summer? Try one of these 4 Business Security Projects to Complete Before Summer Ends!