11 Sep Cybersecurity is a team sport – we all have our role to play
In this new blog, guest author Nick Wilding from RESILIA® Cyber Resilience looks at the increasing role Learning and Development has to play strengthening the critical human factor in keeping digital systems safe with cybersecurity training.
Our organisational resilience and security against growing cyber-attacks really is a team sport – everyone in our organisations has a critical role they need to play.
Global research regularly highlights the harsh reality that at least 90% of successful cyber-attacks succeed because of the mistakes we can all make – our human error. Whether we sit on the frontline or in the boardroom there are things we do that can enable an attack – whether that’s clicking on a suspicious link or attachment, sharing personal information on social media that can be used against you, continuing to rely on poor passwords, sending information to the wrong person, accessing sensitive information via insecure public wi-fi…we’ve all been there at some time.
So, we need to provide our workforce with new digital skills and behaviours for the digital age to understand what safe behaviours look like and to help them make the right decisions at the right time.
For organisations this means moving beyond annual ‘tick-box’, corporate mandatory training to providing our people with truly engaging, innovative, short and relevant cyber awareness training for all.
Like any technical security control in our organisation any awareness training must be effective. Think long term and design a user education and awareness programme that constantly weaves cybersecurity into the culture and behaviours of your organisation.
It’s all about making sure we are providing our people with the appropriate digital skills that will instill and sustain the right behaviours across our workforce…whether you’re in the boardroom or on the frontline…on a continuing and engaging basis. The challenge remains how we can truly engage our workforce so they feel they have the know-how, confidence and motivation to do the right thing at the right time in the face of growing and ever-changing cyber threats.
There are some key learnings from our experience in offering GCHQ certified online cyber awareness training to client organisations that can help:
1. Keep it personal
Provide story-based training about how your workforce can better protect their own or their families’ information
2. Keep it appropriate and short
Nugget based (microlearning) training that’s aligned to your particular risks assist in giving simple, practical advice quickly and concisely
3. Keep it simple
Demystify cybersecurity through plain English to explain the risks we all face at home and at work
4. Keep it regular
A managed campaign that provides regular refreshers and reminders (online and offline) work well in reinforcing behaviours and building collaboration
5. Keep it relevant
Offer training that’s aligned with the tasks your people perform as part of their job
6. Keep measuring
Make sure you track adoption rates, progress against your targets and to identify common gaps in your people’s understanding
7. Keep it immersive
Use gamification and other new training techniques to immerse yourselves in recognizable scenarios, like games, to grow understanding and memory retention
8. Keep listening and adapting
Involve your people in finding out what’s working and not working so well in your campaign. They’re your audience, and will be a source of great new ideas.
Our digital skills need to play a key role in our organisational resilience. It really is a team sport and we need to make any training engaging, relevant and fun to motivate all our people to do the right thing at the right time.
About RESILIA®: As part of AXELOS, RESILIA® provides cyber resilience best practice training to clients around the world. RESILIA® Frontline is GCHQ certified cyber awareness training that provides engaging, immersive, short and cost-effective online awareness learning for all staff.
To find out more today, just get in touch to book your personal demo: