Training employees on anything can be an expensive process. You incur the cost of investing in necessary materials plus the time it takes away from your employees doing revenue-generating activities. But what’s worse, when it comes to cyber security training, is the expense you’ll incur if that training fails. Statistics show 60 percent of small and midsize businesses are forced to close their doors after a cyber attack.

Further, recent studies show that human error plays a role in a shocking 90% of data breach cases! Smart partners, directors and business owners are taking a proactive approach and training their employees on cyber security do’s and don’ts. While we applaud their efforts and encourage all partners, directors and business owners to take this step, research suggests their efforts aren’t paying off. Despite their willingness to train employees, the number of data breaches continues to increase.

What gives? We’ll be first to say it – cyber security training can be boring. And what happens during boring presentations? People aren’t engaged, so they tune out and miss the critical information needed to keep your firm or company secure. After the presentation, they sign off, saying they have learned the lessons, but have they really or are they a ticking time bomb that is just waiting to go off in your organisation?

The latter is likely true. If you want the information to stick, you must take some additional steps – and the most important is putting them to the test!

According to Education World, interactive activities are six times more effective when learning and remembering material than simply listening to a lesson. You can incorporate this tactic by putting employees to the test to find out whether or not they can apply what they learned.

One of the best ways to do this is to use what is known in our industry as phishing simulations. Here’s how the process works:

  1. A third party creates a realistic but fake phishing or scam e-mail that shows identifiable signs discussed in the training. An example could be creating an e-mail that is similar to the CEO’s, Managing Partner’s or Director’s style of communication requesting private information, an outside company sending a bad link, etc. You can customise it to look like something relevant that your employees could potentially see and fall for.
  2. The employees are then put to the test. You choose which employees will receive what links and what dates the e-mails will be sent.  Will they be able to identify the threats or will they fall for the scams?
  3. The results are collected and shared with you to develop more comprehensive training programs and help you identify which employees are your biggest risks so you can provide specific coaching.

Another great way to use phishing or scam email simulations is to send out the tests before the training. When employees see that other people in the firm are making mistakes, they are more likely to pay attention to the lesson.

It’s not enough to just teach the information! It must be learned and implemented every day to be effective and keep your organisation secure.

If you’re looking for effective cyber security awareness training for your employees, our team has a comprehensive program that will engage, teach and test your employees so you can have peace of mind knowing they are working to keep your firm safe. Click here to get in touch with our team and get started on your cyber security training session today or call our team on +61 8 6244 2556.

My Info Tech Partner is a trusted IT Services and IT Support provider in Perth that specialises in helping the equity principals, partners, directors, and practice managers of legal, accounting and financial services firms from making big expensive mistakes with technology and ultimately, protect their livelihood.

Naturally, we are the only one that offers you enhanced peace of mind with our “Never Pay The Ransom” $10,000 Money Back Guarantee.