Generating Change Through People and Making It Stick!
Do you remember that information security policy you signed last month? No? Didn’t think so.
It can be difficult to realise the advantage of investing valuable time and money into cyber security training for your organisation when within a mere couple of weeks the majority of this information will be lost and forgotten.
However, human error and a lack of employee awareness regarding security protocol are the most prevalent factors in the cause of most data breaches and security risks facing organisations today. According to a recent survey, 78% of SMEs conduct security training just once a year. This is simply not enough considering that most employees will forget 90% of their training within only one week.
Here are some top tips to ensure your cyber security training strategy actually works!
Consider it part of the fabric which binds your company together. Your organisation should aim to live, breathe, eat and sleep best practice when it comes to protecting your company against the risk of an attack. Making best practice a habit greatly reduces the risk you face. It all starts with your human firewall and this begins with commitment from management. Consider also appointing information security champions within various departments.
If your employees are to remember key messages regarding cyber security, you must remind them. Keep it constant and consistent. This will ensure that best practice does indeed become a habit, not a chore. You can ensure this by drip feeding repeat reminders on a weekly or even daily basis. Be it an email, policy notification, e-learning course, poster, knowledge assessment or webinar, each of these elements when mixed and combined will make for a more informed, less confused employee base. This is the first step in ensuring your organisation is protected against a cyber attack.
Who said cyber security has to be boring? While it may not be the most riveting of subject matters, you can really engage your employees just by turning these messages into fun, eye catching graphics. Humans are visual by nature so make sure your key security messages are reinforced by placing subtle visual cues throughout the workplace. This will go a long way in making sure your message is understood and remembered. As stated in our last tip … repetition is key!
Be your employees for a day. Understand where and how they work. This will help you ensure that their training covers how to be cyber secure regardless of location and situation. Whether your staff works remotely, at home, or in the office, it is vital that they understand the security protocol pertinent to their situation. Ensure that the information they need to know in these circumstances is understood by supplying engaging e-learning, visual aids and policies. MetaCompliance has a vast range of courses in our Cyber Security & eLearning Library, as well as free downloadable posters available to make sure you are covered.
Ensuring that your organisation is secure from a cyber attack does not mean buying every anti-virus and anti-malware software package on the market. It goes much deeper than that. Security starts with awareness, therefore building and maintaining your human firewall is key. Make sure your strategy is integrated and seamless. Cyber security is not just a protective armour you wear - get under the skin and make sure it’s understood. Don’t leave your employees to figure it out themselves!Implement a clear desk policy and ensure that this becomes common practice so there is no room for confusion.
MetaCompliance have developed a unique Intergrated User Awareness Management system to ensure that security best practice becomes a part of everyday life in your office. Our strategy combines elements of eLearning, policy management , knowledge assessment, incident management and simulated phishing , thus providing a multi-pronged approach and hitting the threat of a cyber security attack on the head.
This approach is an integral component of our ‘Generating change through people’ initiative. We can also assist in providing engaging posters and helpful awareness days where information security topics are promoted and discussed company wide.
Contact us to discuss the best options available to your organisation today. It all starts with a chat!