Most people don’t think about what AWARENESS really means. 

What awareness should mean is: Being ready to make a decision. If there is no improvement in their ability to make a decision, what’s the point in making people take training?

Watching videos and asking people what they remember does not prepare them to face a threat in the real world. Sending out fake phishing emails, and shocking those who click does only the bare minimum; making them fear opening emails.

To prepare people to be able to make an informed decision when they see something unexpected, they need real practice. But employees must be motivated to use a practice environment, and correct decisions must be reinforced immediately.

Security awareness paradox

It’s been a “super-fantastic” experience to see people learning and talking about security threats.

For just $325 USD, you can run a 6 week, automated program for phishing, social engineering and working from home.  (Normally valued at $999 USD)

Use Promo Code: 6WEEKS

Just because people UNDERSTAND what we want them to do doesn’t mean they will behave that way.

STATIC CONTENT COMPLETION (text or videos) + LIVE PHISHING TESTS ≠ SECURITY AWARENESS

 

Scott Wright is CEO of Click Armor, the gamified simulation platform that helps businesses avoid breaches by engaging employees to improve their proficiency in making decisions for cyber security risk and corporate compliance. He has over 20 years of cyber security coaching experience and was creator of the Honey Stick Project for Smartphones as a demonstration in measuring human vulnerabilities.