“Nope. I haven’t enough head-space to deal with all that.”
My friend Carol has asked if I could help ‘super secure’ her social media accounts.
‘Strong password, a phrase that would only mean something to you. Two-factor authentication through an app and biometrically lock the app’ were my suggestions.
She sighed. ‘What I really want is something I don’t have to think about.’
The problem with cyber security
And that, in one sentence, is one of the problems we have with cyber security. It can be too complicated.
In fact, you don’t want to think about it. Because you’ve a million other things you have to think about and one more thing will probably trip a circuit somewhere.
And your staff are the same. What can we do to make things a little bit easier?
It’s automatic now
One way is to make it automatic. Like locking your front door as you leave the house.
The first few times you leave your new house, you’re extra careful about locking that door.
After that, you know the routine and follow it without thinking. Then when something out of the ordinary happens, the door doesn’t make the usual clicking sound when it’s locked, it gets your attention.
The same goes with cyber security routines. If you keep repeating the same email checking routine, you’re more likely to pick up something that’s not quite right in a phishing email.
It’s not fool-proof, because we all leave the door unlocked occasionally, but it helps.
The same old (cyber security) routine
For this to work, you need to learn what you need to do, then create a routine until it becomes a habit.
‘Sticky’ training (active engagement, using emotions, linking to what you already know, and so on) is good because it helps keep what you’ve learned in front of your mind.
Then it’s down to you. And for that, you need a bit of positive motivation. What’s in it for me?
For example, if you’re training staff in checking for phishing emails, they can also use this knowledge at home. They’re now helping protect the company and themselves and their family.
With the right motivation, you keep going until you no longer need to go through it step-by-step each time.
Then one day you spot an email that turns out to be a sophisticated phishing one, and you’ve saved yourself (or your company) a lot of problems.
And that keeps your headspace free for more enjoyable things.
Do you need help with your cyber security training?
I’m a specialist technology training writer, here’s…