The purpose of awareness is to draw attention to a desired focus. Let’s face it, the current compliance-based approach to security awareness isn’t just ineffective in creating positive change in employee behavior; it does the opposite of what a security awareness program is designed to do in that it repels. Companies continue to implement the latest and greatest technology and rely on the standard awareness program of monotonous videos and some phishing assessments that provide them with the false perception that compliant=secure.
Luckily, for my end users – and for you if you attend my talk at BSidesLV – I have never been able to stay inside the box for long. My passion for fun and games crossed paths with the complaints of my end users, so security-focused games and challenges were the end result. From answering security trivia questions to earning pieces needed to assemble a bike for charity to building security escape rooms and the Security Bowl (a football-themed security board game), the security culture in my company has been significantly strengthened.
Indeed, employees have become more comfortable in asking questions and reporting threats than when I started.
Don’t just take my word for it. In my talk, I will address the psychological reasons of why people make voluntary decisions and how games meet basic human desires. Games not only act as a conduit to drive attention (awareness) towards security; the meeting of these basic needs generates positive emotions in the participant, ultimately acting as a reward in itself. These factors combine to go a great distance in building a positive security culture in an organization.
You probably can recall pretty quickly your latest game craze or maybe your favorite game from childhood. Hold that thought! We will walk through the building blocks of creating a great game and how to incorporate security topics that are applicable to your organization. I will discuss how clever and unique features will not only create a memorable experience but drive viral interest in participation and ultimately success for your campaign. Now it’s time to turn that cherished childhood game into one of your greatest security culture influences and have a lot of fun while doing it!
Drew is presenting on July 26 at 14:30 at BSidesLV.
At Living Security, we reduce the #1 cybersecurity risk for enterprises, human error, through engaging and impactful security awareness training that is brought to life by innovative tech enabled experiences.
Living Security co-founders, Ashley and Drew Rose, recognized that traditional security awareness programs were failing to move the needle and it was time for a fresh approach. Our immersive training experiences engage the enterprise using science backed techniques to motivate behavior change and refreshed content that’s relevant for the current threat landscape.
Our innovative Cybersecurity Escape Room experience builds security awareness concepts into an engaging team experience people actually enjoy. Watch the video here.
Online security awareness training platform leverages game based learning and a custom curriculum to make cybersecurity awareness training fun and effective.
Our gamified training platform allows program owners to assign users training and track through completion and beyond. Our interactive video series are broken in to episodes that cover critical security awareness concepts through story based learning and interactive puzzles. Customize your program through the addition of role and concept specific micro-modules and incentivize completion through leaderboard challenges and rewards and recognition. Series and modules are also available in your SCORM packages for delivery on your LMS.