Employees don’t engage when they are not confident.

We often forget that emotions impact an employee’s participation.

Here are a few ways to help employees in overcoming uncertainty about their own skills:

1. Make learning stress-free and/or fun
2. Allow them to “practice” without being assessed
3. Reward them for making any step in the right direction
4. Give them immediate, educational feedback wherever possible

It’s amazing how many security managers don’t realize the factors that affect an employee’s decision on whether to complete training or do some other important task.

If an employee doesn’t feel confident about their knowledge or abilities in cyber security, they will feel defensive and will try to avoid any training or assessments that they think are trying to test them unfairly.

Security awareness paradox

Photo by sydney Rae on Unsplash

It’s been a “super-fantastic” experience to see people learning and talking about security threats.

For just $325 USD, you can run a 6 week, automated program for gamified phishing awareness training and challenges.  (Limited time offer. Normally valued at $999 USD)

Use Promo Code: 6WEEKS

It’s easy for them to rationalize taking on a task with clearer value for them. We can’t afford to give them excuses to defer training.

Their lack of confidence can easily be one of those excuses.

Only after we’ve built up their confidence can we expect them to participate, so we can fairly assess their proficiency.


Scott Wright is CEO of Click Armor, the gamified simulation platform that helps businesses avoid breaches by engaging employees to improve their proficiency in making decisions for cyber security risk and corporate compliance. He has over 20 years of cyber security coaching experience and was creator of the Honey Stick Project for Smartphones as a demonstration in measuring human vulnerabilities.