When talking with company leaders about what they are implementing in their organization in terms of cyber awareness training, many are proud to say that they have mandatory 90-minute seminars every year. While it is great that they have recognized cyber awareness training as a cause worthy of allocating many resources for, it is a shame to see those resources allocated towards a training tactic that is so outdated and ineffective.
These "training days" are often very expensive for organizations. Many times, they contract an expert to come in and lecture an audience about the best practices in cybersecurity. While the actual content may be high-quality and valuable, the audience often does not retain the information projected. Content is worthless without retention.
Security awareness training is a serious matter as a projected 90% of cyber risk and credential compromises come from some form of human error between employees, contractors, or vendors. It is very important to make sure employees are capable of identifying cyber threats in order to not becoming victims of an attack. That being said, it is important to have the training of employees as effective as possible in order to avoid frivolous expenses and not take up too much time.
This is where continuous microlearning comes in. Microlearning is the process of providing bite-sized lessons at a higher frequency. Instead of 2 hours annually, employees are assigned 2 or 3 minute lessons once every 2 or so weeks. These educational modules are long enough to teach a valuable lesson regarding cybersecurity while also short enough to keep employee attention throughout its entirety.
Higher frequency is simply more effective. If new, immediate, information comes out regarding security awareness training, it can be added to the curriculum and distributed in under 2 weeks. However, under annual training, it much be added to the itinerary for next year's training. With more frequent educational modules, employees can learn on their own time and do not have to schedule their work around a yearly seminar. An employee can choose when to do their microtraining lessons instead of a management-mandated date and time.
All in all, technological advances have made it easier to effectively train employees. Smaller, yet more frequent, educational modules can be distributed through technology to more effectively teach employees the best practices for avoiding cyber threats. The way we consume information has drastically changed over the last 20 years, and the days of an expert lecturing an audience on an annual basis are over.
Securable.io takes microlearning to the next level with a data-driven element added. With the Securable solution, not only do employees receive educational modules regarding cyber awareness training, but these modules are selected for each individual user to help them in the areas they need to most help. Securable uses many data collectors and user behavior analytics to build out profiles and identify each employee's cybersecurity vulnerabilities. After the analysis is done and the vulnerabilities are identified, specific educational modules are assigned to them from our library of over 200 modules.