The smartest and easiest way to improve your software security. Secure your code, from the start.

Cybersecurity Training and Positive Reinforcement

18th September 2017

I am glad to see Secure Code Warrior is not the only one thinking about how to deliver a change in behavior within a company using positive reinforcement and game-based elements.

This article in the WSJ really highlighted that cybersecurity awareness is more effective and has a greater impact on employees when the training is not dreadful, boring, repetitive or just useless. In the past, cybersecurity training was typically delivered by security experts who were technical and provided in-depth material but without much thought on how to deliver key messages that stuck with employees.

However, more and more, certainly with clients we work with, I am seeing how organizations are now involving marketing and communication teams and change managers, as well as using digital animation in their content and running events and challenges to make cybersecurity training more fun and engaging. With cybsersecurity threats growing year after year, security awareness and employee training is the most important investment your organization can make.

Positive-reinforcement campaigns are often one of the best ways to modify risky behavior, but they’re “definitely an outlier” in the corporate world, says Ms. Sedova

https://www.wsj.com/articles/a-better-way-to-teach-cybersecurity-to-workers-1505700120

Pieter is the Co-Founder and CEO of Secure Code Warrior, as well as a principal instructor for the SANS Institute. He also co-founded BruCON, one of the most awesome hacking conferences on the planet.

View Comments