New Year's resolution: improving your user awareness
The end of 2022 was filled with organizations falling victim to a Ransomware attack. Our New Year’s resolution is helping your employees in becoming your human firewall. How do you make a solid user awareness plan that keeps your employees vigilant towards different kind of attacks at all time? Here are some tips and tricks to keep in mind.
Train and test
The first rule of a solid user awareness program is to not only train your employees, but also test whether the training was successful. By testing your employees on top of the awareness training, your employees are motivated to enforce the learnings in their
day-to-day job. For example you can test your employees by sending out phishing-, smishing-, vishing-, or portable media campaigns.
Theme of the month
The second rule is alteration. Focusing on the same topics over and over again will bore your employees. Alter between different subjects by choosing an awareness subject of the month. You can chose awareness subjects based on the period of the year (e.g., working remote during the summer vacation period, online shopping prior to the holiday season, …). Furthermore, a third rule states to not be afraid mixing-up your awareness plan during the year, based on current threats and news items. This could include Ransomware attacks in the news bringing forward the Ransomware topic.
Hybrid is key
Our experience has shown that after each learning session, awareness content remains in direct memory for a time period of 3 weeks. After these weeks, the end-user’s vigilance towards different kind of attacks weakens. For that reason we recommend reminding your employees of awareness so that their memory is refreshed and the 3 week period can be extended by 1 week. This can be done by using offline learning techniques, such as posters.
Review - update - restart
Finally, an awareness program is a long-term engagement so ensure to keep track of your end-user’s progress. This trivial information can be used at the end of the awareness year to review the user’s progress. The information will also help identify well-known topics and less-known topics. Make sure you review which learning methods work best for your employees.