Cybersecurity Training Loses Effect Quickly
1Experts recently discussed the impact of awareness training at a summit on cybersecurity. A reference was also made to an article on this topic at the summit. According to the article, cybersecurity training loses effect quickly. That’s why companies need to repeat awareness training at least every six months.
The article talks about the impact of phishing training. According to the researches, after the training, the safety awareness of the employees decreases as time goes by.
The research is carried out in Germany. The reason for this is that German public sector employees are subject to compulsory phishing training at regular intervals. Taking advantage of this feature, German academics conduct research on 409 out of 2200 employees of a public institution.
The experts conducted periodic tests to determine how long employees were able to understand phishing messages or emails. According to the test results, important data were obtained on how the effect of cybersecurity awareness training decreased over time.
In the research, experts divided the employees into groups. They tested these groups at different intervals. They conducted tests separately at 4, 6, 8, 10, and finally 12 months after the training, respectively.
Test results revealed that even four months after cybersecurity training, employees were able to detect phishing attempts. However, the same was not true for six months and beyond. If they didn’t repeat training in the following six months, employees could no longer detect phishing emails. Therefore, experts recommend that training should be repeated frequently and information should be reminded at regular intervals.
Cybersecurity Training Loses Effect Quickly: Except for Video and Interactive Training
In the study, experts tested four different methods to prevent this. After the training, the experts tried four different reminder methods when testing the groups. Among the methods used were reminders via text, video message, interactive applications, or SMS. After applying the methods, they tested the awareness levels of the groups again. According to the results, experts arrived at interesting solutions. The most useful methods were video reminders and interactive applications. Using these methods, employees could detect phishing attempts even six months after training.
As a result, experts say cybersecurity training is still the most successful weapon against phishing. But they draw attention to the importance of repeating the training periodically. It is also very important to support the training with interactive applications and repeat them with video reminders.
You can find the details of the article here.
How Else Can We Do About Cybersecurity Training Loses Effect Quickly?
1. Reinforce security awareness with phishing simulations after cybersecurity training.
We know that approximately 4 months after cybersecurity awareness training, employees start to make mistakes. So, to make the effects of training more permanent, the information must be put into practice. You can use our Phishing Simulation tool in order to arrange regular tests for your employees. We offer you industry-specific content, you can create unique scenarios that are suitable for raising your employees’ awareness. Test your staff with simulated phishing tests and you will see the results immediately!
2. Create a network in your company that will keep you informed of potential threats.
Creating a unified front against the attackers is one of the most important things when it comes to defending your company. A successful cybersecurity program should increase unity and solidarity within the company. Our Threat Sharing tool helps you establish the necessary network for information sharing. Using this tool, employees can share possible threats with their colleagues. This shortens the response time and reduces the costs of detecting attacks. To expand your company’s threat intelligence reach, start sharing information now!