• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » How gamification can transform cybersecurity training

How gamification can transform cybersecurity training

by Neil C. Hughes
1 May 2020
in Security
2
How gamification can transform cybersecurity training
0
SHARES

The global coronavirus health crisis has seen many adopt a more rigorous hygiene routine in their lives. Unfortunately, cyber hygiene practices inside businesses of all sizes still desperately need improving. Everything from secure passwords to security patches on systems have room for improvement in a world where remote workers are now using their own devices.

The Wall Street Journal reported that the Coronavirus cybersecurity fallout might not be felt for months. Many believe that we need a new approach to data security and embed a more proactive mindset. But there is also an argument that the road ahead is much more complicated than that.

A survey by Webroot revealed that although 80% of employees claim they know how to discern between a phishing email and a legitimate message. But 49% admitted they had clicked on a link from an unknown sender at work. These results highlight how no one sets out to be reactive and how they often believe they are actually taking a proactive stance.

Now that human error represents the biggest cybersecurity risk in organizations, maybe it’s time to admit that employees deserve more than an animated video and newsletter every few months.

Upgrading the dreaded mandatory training session

The dull world of mandatory corporate e-learning often involves mindlessly clicking next during awareness sessions on bribery, corruption, GDPR, and cybersecurity. Although they enable HR departments to tick the boxes on their list of regulatory requirements, the reality is they don’t work. Gamification can help solve this problem by introducing gaming elements into the corporate learning experience.

Gamification already surrounds us. Online platforms such as LinkedIn, Trip Advisor, Reddit, Github, and even the Apple Watch all leverage gamification to encourage and engage its consumers and subscribers. By taking game mechanics and applying them to business objectives, it becomes much easier to engage users in solving problems and motivating them by introducing competition and rewards.

Gamification expert Karl Kapp believes that this method is best used in objectives that require reinforcement over time and ensure the information is always in the mind of employees. These are just a few reasons why gamification is perfectly positioned to offer an engaging alternative to cybersecurity awareness sessions.

How businesses are using gamification for cybersecurity training

Everybody reading this will know somebody that clicked on an infected link, attachment, or accidentally installed malware onto a corporate device. Phishing remains an increasing concern for every organization and proves employees need something more than an annual security training session that results in death by PowerPoint.

Stay at home mandates and social distancing rules have made it easier for scammers to target people working from home with dangerous phishing attacks. PwC’s Game of Threats™ uniquely provides employees with the chance to play the role of both attackers and defenders. Working against the clock and with limited resources, they are challenged to beat their opponents while also teaching them more about emerging cyber threats.

Hoxhunt takes this approach a step further with software that combines machine learning with gamification to deliver personalized cybersecurity training. The training and response solution sends automated simulated phishing attacks to every employee. Staff are encouraged to report any suspicious-looking emails using the platform’s plugin. If a user falls for one of the simulated messages, they are made aware of where they went wrong and are provided with actionable tips to avoid making the mistake again.

Timely interventions during their working day are helping remote workers change their behaviours when evaluating emails. The gamified element enables businesses to reward employees with points for successfully reporting phishing emails. Departments can then reward top-performing teams and individuals but also highlight where additional training or intervention is required.

What about your technical employees?

Teams of developers, engineers, and InfoSec professionals will require something more stimulating, competitive, and engaging. Many businesses are choosing to host their own capture-the-flag (CTF) events which contain objectively measurable exercises and help their teams hone their security skills.

Techies are tasked with solving challenges that all require different skill sets. The interactive attack and defend competition format requires teams to identify flaws and patch accordingly without breaking the service’s functionality. But they must also use the same knowledge to attack the other team.

CTF events enable security professionals to play the role of attacker and defender in real-world scenarios across target machines. The winning team is the one that has solved the most challenges and achieved the highest score.

A new approach to cybersecurity to protect your organization

Every organization is tasked with increasing awareness around cybersecurity and changing user security behaviours. Addressing this challenge requires the engagement of every employee, regardless of skill level through dynamic, effective, and engaging content. But this requires more than PowerPoint presentations and mandatory annual courses that are nothing more than a regulatory box-ticking exercise.

Experts agree that traditional security training doesn’t work and that untrained employees are the biggest risk to businesses. The gamification of your awareness program can help you create an opportunity to upskill your staff. But also help them defend themselves and your company from cyber threats. 

Security strategies need to unite departments and approached with a mindset outside of IT security teams to obtain business engagement. To transform your cybersecurity training, you need to bring all employees and every aspect of your business along for the ride. The best way to finally align risk management and cybersecurity is to make it fun, engaging, and competitive for everyone.

A proactive, rather than reactive approach to cybersecurity doesn’t have to be a pipe dream. You need a different approach. So, what are you waiting for?

ShareTweetShareShare

Related Posts

Covid-19 vaccine

Covid vaccines are now an excuse to launch phishing attacks

22 January 2021
MyFreeCams data leaked on hacker forum

MyFreeCams hack: 2 million user records stolen from top adult streaming site and sold on hacker forum

21 January 2021
Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Telegram app on mobile

Watch out: there’s a new Telegram scam about

15 January 2021
Next Post
Oil and gas companies have more than dropping prices to worry about

Oil and gas companies have more than dropping prices to worry about

Comments 2
  1. Rupert Collier says:
    9 months ago

    Shameless plug, if allowed, for the technical training side of things – RangeForce provide a unified platform for ongoing, self-paced modules as well as comprehensive red team/blue team exercises (cyber-sieges). all hands-on and deeply technical. If anyone would like more info, I’d be happy to help.

    Reply
  2. Tony Brooks says:
    9 months ago

    I would add that it is not just that employees are untrained, but untested – RangeForce is the perfect platform for hands-on training but also the testing of employees in realistic pressured scenarios to see how they work as a team. A crucial element in dealing with any cyber attack. If you would like to learn more, please let me or Rupert know.

    Reply
Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    83031 shares
    Share 83021 Tweet 0
  • Facebook is tracking you: learn how to delete all Facebook data

    56 shares
    Share 56 Tweet 0
  • How to find what Google knows about me and get back my privacy?

    0 shares
    Share 0 Tweet 0
  • ProtonMail review: have we found the most secure email provider in 2021?

    69 shares
    Share 69 Tweet 0
  • Most common passwords: latest 2021 statistics

    381 shares
    Share 381 Tweet 0
Elon Musk

Elon Musk to offer $100 million prize for ‘best’ carbon capture tech

22 January 2021
Is there life on Mars?

Is there life on Mars?

22 January 2021
Covid-19 vaccine

Covid vaccines are now an excuse to launch phishing attacks

22 January 2021
Alphabet shutting Loon, which used balloon alternative to cell towers

Alphabet shutting Loon, which used balloon alternative to cell towers

22 January 2021
what is wireguard

WireGuard protocol: everything you need to know

22 January 2021
Parler loses bid to require Amazon to restore service

Parler loses bid to require Amazon to restore service

22 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!