This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies
By closing this message or continuing to use our site, you agree to our cookie policy. Learn More
This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • Home
  • News
    • Security Newswire
    • Technologies
    • Security Blog
    • Newsletter
    • Web Exclusives
  • Columns
    • Career Intelligence
    • Security Talk
    • The Corner Office
    • Leadership & Management
    • Cyber Tactics
    • Overseas and Secure
    • The Risk Matrix
  • Management
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • More
  • Physical
    • Access Management
    • Video Surveillance
    • Identity Management
    • More
  • Cyber
  • Sectors
    • Education: University
    • Hospitals & Medical Centers
    • Critical Infrastructure
    • More
  • Exclusives
    • Security 500 Report
    • Most Influential People in Security
    • Top Guard and Security Officer Companies
    • The Security Leadership Issue
    • Annual Innovations, Technology, & Services Report
  • Events
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
    • Security 500 West
  • Resources
    • The Magazine
      • This Month's Issue
      • Digital Edition
      • Archives
      • Professional Security Canada
    • Videos
      • ISC West 2019
    • Photo Galleries
    • Polls
    • Classifieds & Job Listings
    • White Papers
    • Mobile App
    • Store
    • Sponsor Insights
    • Continuing Education
  • InfoCenters
    • Building AppSec in Enterprises
  • Contact
    • Editorial Guidelines
  • Advertise
Home » How to Turn Every Employee into a Cybersecurity Expert
Cyber Security NewsSecurity Education & Training

How to Turn Every Employee into a Cybersecurity Expert

cyber-class
January 5, 2017
Leslie Redd
KEYWORDS cyber security awareness / cyber security education / cyber security metrics / eLearning / phishing campaigns / security training
Reprints
One Comment

Chief security officers are the obvious point people to address a workforce’s cybersecurity concerns. While it is the obligation of a CSO or CISO to spearhead a company’s defense against cyber attacks, the responsibility cannot fall solely on the shoulders of a single person. With 43 percent of data breaches caused internally and the average data breach costing $4 million, fostering a companywide commitment to cybersecurity awareness becomes a shared responsibility.  

Given the technical nature of cybersecurity, the average employee may not have a full grasp of best cybersecurity practices. In fact, up to 90 percent of internet users haven’t had any recent cybersecurity training. To ensure that each employee helps fortify an organization against an attack, providing digestible, effective training is critical – and eLearning is making it easier than ever for companies to educate their employees.

 

Making Cybersecurity Digestible

The most successful training is accessible, entertaining and engaging. These qualities are especially critical when the content is complex and heady, and eLearning solutions can deliver these elements with a responsive, visual interface.

Like any subject matter, cybersecurity can be intimidating for those not already versed in it. While lectures on cybersecurity may dive into obscure topics or use jargon, it is critical to consider employees’ knowledge and utilize training techniques that align with and build off of their understanding. Though it may be tempting to discuss the nitty gritty details of a hack, consider what employees actually need to know to protect your company.

Given the weight of the topic, it’s also imperative to employ training methods that resonate with employees. While corporate training sessions historically may have caused employees’ eyes to glaze over, given the monetary loss associated with a breach, CSOs need to consider how the training will engage employees and encourage retention.

Considering today’s digitally savvy workforce, eLearning may be a more attractive option than more standard training fare when it comes to engagement. Audiences tend to receive educational content better when it’s visually and aurally stimulating, which can be fulfilled by the video capability of eLearning. Adult learners in particular tend to reap video’s benefits, with better engagement and retention.

Video is also the perfect medium for a compelling narrative, which is another key component of effective instruction – modules can introduce learners to characters who face similar scenarios. For example, a module could focus on a character who is trying to decipher whether an email is genuine or phishy, a scenario that your employees experience weekly if not daily. From there, the module can bring the user and the character together on a mission to learn the corresponding best practices.

 

Linking Conceptual Cybersecurity to Reality

The flexibility of eLearning makes it easy to render the training as relevant to users as possible, not only through storytelling but also through capabilities like course customization and responsive technology.

Along these lines, consider interactivity and having employees actually practice cybersecurity best practices in a low-stakes environment.

For instance, have employees practice creating strong passwords and provide real-time feedback. ELearning solutions can provide real-time feedback at scale, and feedback given “in the moment” is far more likely to improve performance. Interactions that directly adapt to the user allow for a more personalized learning experience, while teaching actionable lessons that can be applied to everyday situations.

Given demands on employees’ time, it is also worth considering offering training that is flexible, allowing your team to access the content and pace at their own convenience, while keeping in line with the company’s broader timeline goals. 

 

Changing Company Cybersecurity Culture

Cybersecurity training not only provides employees with a wealth of information, but it can also arm CISOs and CSOs with valuable data about their workforce.

Maybe your workforce is well-versed in data storage and transmission practices, but has little knowledge about office tailgating, for instance. Software can show you broader company patterns that you may not have detected otherwise. With this information, your company can adjust the eLearning modules and general cybersecurity strategy accordingly.

Finally, ensure that the education you offer provides actionable next steps upon course completion. From there, employees can take the lessons learned and translate it into real-life best practices. With malware adapting to network security provisions, effective cybersecurity education is more critical now than ever. Because of its dynamic, responsive and flexible nature, eLearning presents an unparalleled opportunity to create a companywide ethos of cybersecurity knowledge and accountability. 

Subscribe to Security Magazine

As Co-Founder and CEO, Leslie Redd leads the LearnBIG team to create interactive eLearning courses for organizations to enhance customer relations, employee effectiveness, and operational efficiency. Her team combines science-based instructional design, gorgeous compelling video, clever technology, and just enough cheek to delight and engage learners.

Related Articles

5 Steps to Turn the NIST Cybersecurity Framework into Reality

RSA 2016: It's Time to Turn Big Data into Action

Related Products

The Database Hacker's Handbook: Defending Database Servers

Related Events

How You Can Turn Security Training and Awareness into Action

You must login or register in order to post a comment.

Report Abusive Comment

Subscribe For Free!
  • Print & Digital Edition Subscriptions
  • Security eNewsletter & Other eNews Alerts
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

cybersecurity breach

The Top 12 Data Breaches of 2019

Mark Hargraves

Security Industry Mourns Passing of Mark Hargraves

ransomware-enews

British American Tobacco Suffers Data Breach and Ransomware Attack

Dispelling the Dangerous Myth of Data Breach Fatigue; cyber security news

Major Retailer Macy's Is Hacked

SEC1219-Cover-Feat-slide1_900px

Contracted vs. In-House Guarding: No Universal Right Answer

360x184customcontent_1.23Everbridge

Events

December 17, 2019

Conducting a Workplace Violence Threat Analysis and Developing a Response Plan

There are few situations a security professional will face that is more serious than a potential workplace violence threat. Every security professional knows and understands that all employers have a legal, ethical and moral duty to take reasonable steps to prevent and respond to threats of violence in their workplace.
January 23, 2020

The Value of a Unified Approach to Critical Event Management

From extreme weather to cyberattacks to workplace violence, every organization will experience at least one, if not multiple, critical events per year. And in today’s interconnected digital and physical world, the cascading safety, brand, and revenue impacts of critical events are more severe. Organizations need to be prepared through a unified and rapid response to these events.
View All Submit An Event

Poll

Emergency Communications

What does your enterprise use to communicate emergencies to company employees?
View Results Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 6th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

See More Products
SEC500_250x180 clear

Security Magazine

SEC-December-2019-Cover_144px

2019 December

This month, Security magazine brings you the 2019 Guarding Report, featuring David Komendat, Boeing CSO, and many other public safety leaders to discuss threats and solutions for 2020 and security officer training. Also, we highlight Hector Rodriguez, Director of Public Safety and Security at Marymount California University, CCPA regulations, NIST standards, VMS and much more.

View More Create Account
  • More
    • Market Research
    • Custom Content & Marketing Services
    • Security Group
    • Editorial Guidelines
    • Privacy Policy
    • Survey And Sample
  • Want More
    • Subscribe
    • Connect
    • Partners

Copyright ©2019. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing