Why Your Entire Workforce Needs to Be Part of Your Cybersecurity Strategy

Despite companies’ investments in bolstering their networks’ security, cybersecurity attacks are actually on the rise, with spear phishing scandals targeted at employees increasing 55 percent in 2015.

From phishy e-mails to weak passwords, it can seem like the Internet is a minefield of cybersecurity breaches waiting to happen to you and your company. So it’s no surprise that an estimated 95 percent of cyber attacks are caused by human error. Considering the shortage of easily digestible information on how to guard companies from data breaches, employee cybersecurity training is a crucial step in turning your workforce into a strong line of defense against hackers.

Employees Can Be the Weakest Link in Cybersecurity Strategy

Despite security incidents becoming an increasingly common problem for businesses, only 29 percent of companies had a cybersecurity expert in their IT department last year. Even if your company does have cybersecurity professionals on the team, the responsibility of security awareness and protection can’t fall solely on the shoulders of a few people. Employees are the cells of the company body, and it only takes one compromised cell to let a virus into the system. Thus, every individual employee needs to be educated on cybersecurity in order to keep the business from succumbing to virtual illness: a data breach.

Despite companies’ investments in bolstering their networks’ security, cybersecurity attacks are actually on the rise, with spear phishing scandals targeted at employees increasing 55 percent in 2015. Given that most attacks target known vulnerabilities, it’s well worth it to emphasize employee training as an essential part of the company’s existing cybersecurity strategy. This way, every worker is aware of the company’s digital infrastructure and possible weak points within it.

Why Cybersecurity Awareness Requires Training

Like any subject matter, cybersecurity can be intimidating and misunderstood for those not already versed in it. While there is a wealth of available material about cybersecurity best practices and considerations, it’s often written with expert audiences in mind, including jargon and obscure topics. To be able to extract relevant, tangible knowledge requires a guide, which enterprise training can offer.

The most effective employee training programs leverage adult learning techniques that maximize retention, which is especially important with a topic as complex as cybersecurity. Training should prioritize which information the everyday professional needs to know and deliver it in an engaging manner. For example, adult learning audiences often respond well to content that is emotionally driven—lessons that incorporate entertainment, levity, and storytelling will be easier for employees to digest.

Meaningful education also requires the full attention of the student, which is why it’s important for the training program to deploy engagement techniques. Action items within the modules, for instance, give users a chance to immediately practice what they’re learning in the context of the lesson. We can all recall training sessions in which employees passively listened to a presenter—and the information went in one ear and out the other.

E-learning in particular lends itself well to engaging methods, as it can provide dynamic content and be tailored to the individual user. Audiences tend to receive educational content better when it’s visually and aurally stimulating, which can be fulfilled by the video capability of e-learning. Users can move at their own pace, and software can instantly give feedback to every person in an efficient and accurate manner.

Also, it’s only natural that employees learn about cybersecurity through a technological medium. E-learning is reflective of the digital way in which employees interact with each other and on behalf of their company, which cybersecurity training aims to improve. Additionally, e-learning is capable of collecting data, which the company then can examine and analyze in order to identify knowledge gaps. From there, the program can be customized to meet the remaining needs.

Fortify Your Defense Against Cyber Breaches

The average total cost of a data breach for a U.S. business today is $6.5 million. That means cybersecurity is an issue not just for the IT department, but for the whole company. Proper e-learning training programs are an effective way to disseminate cybersecurity knowledge to all employees. This education could be the difference between suffering from a data breach for years to come or effectively mitigating cyber risks.

Leslie Redd is cofounder and CEO of LearnBIG, which creates engaging, cloud-based learning solutions for organizational change and leadership development. The company mixes interactive video and storytelling with humor and brain science to create immersive learning experiences.


Training Top 125

2017 Training Top 125 winners demonstrated a strong focus on effective training and employee development tied to corporate strategic goals and business impact.

From the Editor

While editing one of the articles, “Lessons for New L&D Leaders,” for this issue, I read something that struck a chord: “When meeting with peers and up-line colleagues, ask: ‘How can I help you

Digital Issue

Click above for Training Magazine's
current digital issue

Training Live + Online Certificate Programs

Now You Can Have Live Online Access to Training magazine's Most Popular Certificate Programs! Click here for more information.

Emerging Training Leaders


Spectacular. Impressive. Dazzling.

Spring is—finally—in the air.

By Lorri Freifeld

ISA Directory