from the course being a mere formality to a beneficial and valued way to gain the skills required for the job market .
New cyberattack scenarios are coming , so courses will be updated
Cybercriminals always develop more sophisticated ways to conduct their attacks . Here is an extraordinary example : last autumn , researchers revealed that fraudsters impersonated a CEO of a German company by mimicking their voice Deepfake , and forced an employee to transfer € 220,000 . Now , security awareness training advises employees who have received a suspicious letter to call and ask the addressee if they really requested this . But unfortunately , this advice will not be of help in this case .
We cannot say for sure if this sort of attack will be common , but this case demonstrates that security awareness training agendas should be reviewed regularly . So , future basic cybersecurity courses will include topics and recommendations that we cannot even foresee now .
But even now , effective training should not only make people remember several certain rules , but also develop vigilance and pattern recognition skills . As a result , when employees face a new threat , they will be able to recognise that something is wrong and apply the rule to this specific situation .
Corporate education will resemble massive open online courses
If you have taken an online course during the Coronavirus lockdown , you are not alone – many online learning platforms saw an increase in registrations . And learning was considered as an activity carried out in people ’ s free time before the quarantine . Even in 2016 , 74 % of adults in the US participated in at least one educational activity due to it being in their personal
Businesses need to explain to their employees how to recognise ‘ dangerous ’ situations and ensure they know how to react appropriately .
interest . This illustrates the tendency that people want to engage with life-long learning and now continue to gain new knowledge after they have graduated from school or university .
How will it affect corporate learning and development and security awareness training in particular ? People who regularly attend courses and see the different approaches to education will likely have more specific requirements for corporate training . If online Spanish classes can be viewed from a mobile device whenever the user prefers , or online course on Artificial Intelligence or biostatistics can explain difficult matters in simple words , why shouldn ’ t corporate training be the same ? So , to fulfil these requirements , security awareness courses will change both in terms of content and form of delivery .
Security awareness training will be more personalised
The amount of information produced and consumed by people is growing – no doubt you are accustomed to this message . Maybe , you feel irritated that an article wastes your time as it repeats facts you already know . And employees who are taught information that ’ s already familiar to them – while there are plenty of other things they have to learn and remember – may feel the same .
Therefore , security awareness training will become more tailored . These courses will take into account not just the skills and rules that are relevant and new for a role – good training should automatically be adjusted to a particular employee ’ s level of knowledge , pace of learning and their individual learning preferences . This will ensure employees are not burdened with irrelevant information and can instead spend more time focusing on the skills they do not already have .
We are regularly communicating with our customers and see that these trends are already transforming the way cybersecurity education is organised within companies . This is a long-term process and changes in methodology don ’ t happen overnight . Therefore , we recommend learning and development specialists to think about what they can amend even now . For example , it ’ s definitely worth stopping practices where employees are left scared about possible penalties in case they don ’ t uptake training programmes on offer to them , and highlight the possible benefits instead . These small steps will foster cybersecurity corporate culture with the help of effective security awareness training in the future . u
76 Issue 31 | www . intelligentciso . com