If you’ve ever taken an online security awareness or compliance course, you’ll now that it can be incredibly dry. Fun videos and micro-learning can make content more consumable and entertaining for employees, but if your training is not immersing people into an experience that engages them, they are likely to forget the message quickly.
Most online security awareness platforms are built on a Learning Management System (LMS) of some sort. These systems were built with an expectation that generic “learners” knew they needed to obtain the valuable content being provided in order to do their job tasks successfully. But that’s not the perspective of most employees when they are told to do security awareness training.
You’ll often hear excuses like “This is not why I was hired” … “It’s too boring” … “It’s too vague” … “I don’t have time”, etc., as employees try to justify their lack of support for their assigned security awareness training.
That’s because they aren’t convinced that the behavior an awareness program is trying to teach them is well-defined enough to really be part of their job responsibility. So, they have plausible deniability, because that behavior is not part of the “story” of their job. Instead, this occasional training obligation is something to be endured, not absorbed.
Without a high degree of interactivity that engages employees to think as if they are part of the story, it’s hard for them to change their behavior. That’s why an immersive approach is needed. It keeps employees engaged to the point where they’ve made the experience part of their story, and influences behavior.
When an employee has experienced a risk scenario in a gamified simulation, they can practice until they get it right, and they get rewarded for it. As a result, when they see similar risk scenarios in real life, they can recognize it and be confident in their actions to avoid or report it.
Employees can be an ally to security managers
With the right motivations, employees can be a powerful ally to security managers, making the job of securing the organization much easier. But this requires the right platform and methodology to immerse employees.
Find out how gamified, immersive security awareness from Click Armor can help take the stress out of security awareness training for your staff.
Scott Wright is CEO of Click Armor, the gamified simulation platform that helps businesses avoid breaches by engaging employees to improve their proficiency in making decisions for cyber security risk and corporate compliance. He has over 20 years of cyber security coaching experience and was creator of the Honey Stick Project for Smartphones as a demonstration in measuring human vulnerabilities.