Cyber security is more than a buzz word for businesses today; it’s a very real, big deal. Because of this, more and more organizations are investing time and money in cyber security training for their team. In an age of increasingly advanced phishing attempts, these trainings are more than necessary… but are they leading to actual behavior change?
Kevin Bever, an independent information security consultant, warns in a recent blog post for IBM that many well-intentioned security training programs don’t lead to visible behavior change at all. This is due to a variety of factors: lack of engagement, lack of listening to employee feedback, and being unaware of blind spots – to name a few.
Is your organization doing all that it can to achieve its security goals? Read Bever’s full piece, Security Awareness Training Should Always Lead to Changes in Behavior, on the IBM blog for practical tips on evaluating and, if necessary, modifying your training programs to maximize employee behavior change.