So it's not always the most exciting subject, but ignore cyber risks and you could end up in hot water!
We’re all good at updating the software and security systems on our phones and computers at home; these days we can barely function without them! But in the workplace, it seems to be much harder to engage people.
Most cyber security breaches are spotted by individuals, not the software and cyber security programmes we rigorously update. With over 90% of cyber security breaches happening as a result of human error, it’s pretty shocking to learn that only a fifth of businesses have sent their staff for internal or external cyber security training in the last 12 months.
So what can businesses do to get employees involved and learning about cyber security? Read on for 5 tips that might help you out.
Break things down into bite-size chunks
With such a vast subject area to cover, making things more digestible will help people to learn: think about the areas you’re worried about, what’s going to affect your people the most and then break it up into modules.
Every business is unique, and so are the cyber challenges they face. Here are some common subjects to start with:
- Password security
- Software updates
- Network security
- Shopping security
- Social media safety
- Protecting and backing up data
- Using smart devices safely
- Protecting data
Quizzes are brilliant for cyber security– from self-profiling quizzes that get us thinking about our individual behaviours, to general knowledge tests with hints and tips to promote learning. Think along the lines of: ‘How safe are you online at home and work? Take our quiz to get your rating out of 10’.
Cyber treasure hunts to find scams or spot the differences in phishing emails use gamification to help with learning. Some even include fake phishing attacks, to raise awareness of how sophisticated these threats are and how careful people need to be.
Content, content and more content
Develop content to get people thinking. Less waffle, more punch. Show the benefits, don’t just tell them. Explain, don’t preach. And whatever you write, make sure you keep the conversation about cyber security going – don’t just create a one-way dialogue.
Here are some starters for 10…
- ‘3 tips to create the ultimate password’
- ‘5 fake scams running now’
- ‘How to spot a spoof email address’
Make it a masterclass
Give people the chance to become experts on the subject of cyber security as an effective way of getting them engaged. Make it achievable in just 30 minutes a week. Think simple tasks, such as reading articles, watching webinars, completing knowledge quizzes and then signpost to further resources. Incorporating tips that are relevant to people at home as well as work will help them to wise up and nail the ‘what’s in it for me?’ question.
Use your line managers to get everyone involved
Work with them to create a managers’ toolkit that will slot in with activities they’re already doing or introduce simple 10-minute update sessions they can integrate into their weekly/fortnightly team talks.
Managers’ toolkits should include things like ‘the topic in 5 mins’, discussion points, checklists, mini-challenges for the following week and activities to pick and choose from as a team. By involving managers in the creation of the kits, ideas can become better embedded and have greater success. This way, it’s a learning journey the whole team can go on. Need some inspiration? Ask us for examples of the ones we’ve done before.
Drop us a line for more ideas or for help with training your people in cyber security.
Some areas we can help with include:
- Code of conduct
- Cyber security
- Security vetting
- Health & Safety