We use cookies to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information you have provided to them or that they have collected based on your use of their services. Read how we use cookies and how you can manage them by clicking on "Preferences".

Preferences Accept

Privacy Preferences

When you visit our website, the website may store or retrieve information via your browser, usually in the form of cookies. Since we respect your right to privacy, you can choose not to allow the collection of data from certain types of services. However, not allowing these services may affect your experience.

Privacy policy

You have read and agreed to our Privacy policy

REQUIRED
LinkedIn & Twitter

We use the LinkedIn and Twitter services to enable social networking content on this site.

Google Analytics

We use Google Analytics to analyze website traffic.

Privacy policy
17 Apr

What is security awareness

What exactly is security awareness? What is the meaning of security awareness? Security awareness is also known as security awareness. Security awareness is the knowledge, attitude and behavior that people possess with regard to the protection of physical resources, devices and especially data. But also the awareness of the risks that exist with regard to these data, resources and devices. In the business context, we are talking about data, resources and devices of the organization.

Not every organization does security awareness training. And if it does happen, in practice it turns out that the results are disappointing. With the arrival of the General Data Protection Regulation, abbreviated AVG, more and more companies are aware that they have a responsibility. They need to do more about the security and privacy knowledge of their employees. The risks surrounding cybersecurity and the leakage of personal data are now so great that awareness of this alone is insufficient. As a result, employees have to take the next step; from conscious to competent. The training programs must therefore lead to behavioral change.

We want to measure the behavioral change

A lot of current security awareness training measures the knowledge per employee. While we want to measure the behavioral change. Organizations often opt for e-learning. The employee gets some theory followed by some questions. And usually presented with animations, which get boring after a module. In addition, 93% of employees do not find the subject of security interesting. On top of that, many companies require security awareness. As a result, the motivation to start the training at all is completely gone.

In reality no one has a clue what it is about

What you then see at many companies is that employees pass on the answers to each other. As a result, they learn nothing. You also see that doing the training is postponed as long as possible, in the hope that they don't have to do it. Although ultimately the results are good on paper, in reality nobody has a clue what the e-learning was about. As a result, not every employee recognizes a phishing email, social engineering or cyber attack or knows what to do. Most people know absolutely nothing about the rules surrounding the GDPR.

The strength of our approach lies in the combination

This must therefore be different. Security training is not about everyone becoming a security expert, but about recognizing the usefulness and necessity of wanting to learn about securing their own work. They do this, among other things, by experiencing and experiencing the consequences and risks of their own actions, so that people then really want to know what to do! The strength of our approach lies in the combination of private and business situations of the subjects. This helps employees in the awareness process.

Variation in security awareness training, everyone learns differently

The combinations are based on the security awareness framework. This framework consists of four phases: analysis, planning, training and reinforcement. Of course training is the foundation, but it has to be so good that you are curious about the next one. And the next one doesn't have to be exactly the same as the previous one. Everyone learns differently, which is why there is variation in our learning solutions. Research shows that variety keeps your brain active. This allows you to absorb the knowledge faster. Knowledge that does not acquire a functional meaning in action is meaningless information and therefore quickly disappears – experience-oriented learning. The perception or experience ensures that people can identify and recognize themselves in what can be learned.

Participants immediately want to start

Motivating employees to attend any training at all is the most important key to the success of any security awareness training. That is why we help organizations to do a kick-off together with the management. Alain rees, owner of Cyber ​​Inc: “When I give a presentation together with the director, I see that the employees immediately want to start with the awareness program. That is really nice to see. Especially if there are prizes to be won every quarter. Employees can see their score on the leaderboard, which makes them even more fanatical. Besides the fun, there is also good discussion about the content and participants learn something.”

Not the egg of Columbus

Security awareness training is of course not the egg of Columbus. It is part of a complex set of measures. In the fight against cybercrime and data breaches, companies and organizations have a great responsibility to arm their employees with knowledge. This is not possible with one-off actions. This requires ongoing programs that, in addition to offering the necessary knowledge and behavioral change, are also fun and interesting to do. Only then will they be motivated to look forward to the next training.