State-of-the-art approaches to cybersecurity awareness training are challenging the old employee education models
CybeReady, provider of the world’s fastest security awareness solution, today announced the availability of a new on-demand webinar featuring Michael Makstman, CISO for the City & County of San Francisco and Michal Gil, Head of Product Development for CybeReady. In this webinar, Michael Makstman shares his experience of using positive training techniques, combined with advanced automation to motivate more than 30,000 employees to take an active role in mitigating cyberattacks.
Known for its progressive approach to deploying innovative technologies, The Golden City decided to shift from a legacy security training model to engage in a more effective employee-centric cybersecurity culture. During the webinar, he shares how a positive and more modern training approach, combined with advanced automation, now motivates over 30,000 employees to take a more active role in mitigating cyberattacks.
Michael Makstman mentions the primary challenges faced by CISOs today:
- Understaffed and overburdened security teams with endless tasks, which are time-sensitive and essential for keeping the organization safe.
- The focus of employees on their own professional development and KPIs who view cybersecurity training as a waste of time.
- Workforce dynamics such as a high number of remote employees with high turnover rates which is now resulting in additional risk and uncertainty from new, untrained employees.
According to Makstman, “The role of a CISO is no longer limited to the technology aspects of an IT environment. Being part of a larger ecosystem, CISOs must be part of the business and understand employees and customers in order to make better informed decisions. It includes looking at business aspects, understanding employees, and understanding the potential ramifications throughout the decision-making process.”
When it comes to security awareness training, the CISO’s challenge is amplified. Cybercrime is escalating and so are the attacks employees are facing. Organizations must embrace change to address these evolving challenges, and create a new culture-based training.
To start building a cybersecurity culture, Makstman suggests the following:
- Define your KPIs – Set measurable goals you can work toward and choose a solution that allows you to track progress over time.
- Set employees up for success – Deploy a positive training approach with immediate feedback for maximum success. Training sessions should be short and embedded in employees’ work day to generate quick, rewarding engagements.
- Communicate continuously – Conduct the training in ongoing cycles to create multiple opportunities for engagements and at the same time, yield multiple data points for adapting the training to each employees’ performance.
“CISOs today have a lot on their plate. Training employees can be a tedious task if the wrong path is taken, which often results in training taking a backseat to other activities,” said CybeReady’s Head of Product, Michal Gil. “Having a highly automated security awareness platform that communicates continuously and ensures progress is the preferred direction for CISOs today.”
Following the webinar, the following resources were shared to help cybersecurity leaders build an effective cybersecurity awareness program:
- Access the free webinar here
- The CISO Toolkit – short decks with easy tips to help employees stay cyber-safe.
- The Phishing Simulations Playbook – ten (10) best practices for building an effective phishing simulations & learning program