TECH CORNER
The One Lesson Business Owners Miss When Training Employees That Can Cost Them Thousands
BY DAVID JAVAHERI
Training employees on anything can be an expensive process . You incur the cost of investing in necessary materials plus the time it takes away from your employees performing revenue-generating activities . But what ’ s worse when it comes to cybersecurity training is the expense you ’ ll incur if that training fails .
Recent studies show that human error plays a role in a shocking 90 percent of data breach cases ! Smart business owners are taking a proactive approach and training their employees on cybersecurity dos and don ’ ts . While we applaud their efforts and encourage all owners to take this step , research suggests that their efforts aren ’ t paying off . Despite their willingness to train employees , the number of data breaches continues to increase .
What gives ? We ’ ll be the first to say it — cybersecurity training can be boring . And what happens during boring presentations ? People aren ’ t engaged , so they tune out and miss the critical information needed to keep your company secure . After the presentation , they sign off saying they have learned the lessons , but have they really , or are they a ticking time bomb in your organization ?
The latter is likely true . If you want the information to stick , you must take some additional steps — and the most important is putting them to the test !
According to Education World , interactive activities are six times more effective when learning and remembering material than simply listening to a lesson . You can incorporate this tactic by putting employees to the test to find out whether or not they can apply what they learned .
One of the best ways to do this is to use phishing simulations . Here ’ s how the process works :
1 . A third party creates a realistic but fake phishing email that shows identifiable signs discussed in the training . An example could be creating an email that is similar to the CEO ’ s requesting private information , an outside company sending a bad link , etc . You can customize it to look like something relevant that your employees could potentially see and fall for .
2 . The employees are then put to the test . You choose which employees will receive what links and what dates the emails will be sent .
Will they be able to identify the threats , or will they fall for the scams ?
3 . The results are collected and shared with you to develop more comprehensive training programs and help you identify which employees are your biggest risks so you can provide specific coaching .
Another great way to use phishing simulations is to send out the tests before the training . When employees see that people in the company are making mistakes , they are more likely to pay attention to the lesson .
It ’ s not enough to just teach the information ! It must be learned and implemented every day to be effective and keep your organization secure .
If you ’ re looking for effective cybersecurity awareness training for your employees , our team has a comprehensive program that will engage , teach , and test your employees . This enables you to mitigate the risk , knowing they are working to keep your company safe . Get in touch with our team and get started on your cybersecurity training session today .
David Javaheri is President & CEO of Direct iT . They are based in Massachusetts and to find out more about what they do and how they could help you , please visit directitcorp . com .