Security Awareness Program Owners everywhere know it can be hard to get teams excited about cybersecurity awareness training.
Employees already have full plates and want to know what they’ll get for putting their work aside to go through training. And oftentimes, the ol’ “way to go!” and a pat on the back just isn’t enough...
Luckily, there are a few other creative ways to get employees excited about training that won’t break your budget. Consider implementing one or more of the following incentives:
1. Assign “point values” to certain training modules.
When using a robust security training platform, you should expect some sort of built-in reward functionality. For instance, here at Living Security, our platform uses a ranking system, which gives participants points every time they complete a training module. Participants not only climb to different “Levels,” but they also have a “Leaderboard” to see how they’re stacking up against other employees.
Our platform also automatically triggers “badges” that participants can earn. Some include:
Raining Stars: Participant provides a rank on the content.
Perfect Score: Content is completed on the first try without error. That is. the maximum security score is attained!
Feedback Royal: Participant provides comments on content.
Early Bird: Content is completed before the due or expiration date.
These small badges, rankings, and digital high fives are a nice way to give online training an interactive touch without dipping into your awareness program budget.
2. Automate encouraging emails.
While sending out random “great work!” emails to all participants seems impossible for large companies, there are ways to automate training reminders. With the Living Security training platform, for instance, you can choose from helpful default training notification email types, such as:
Assignment date emails. This email gently reminds users when a training module is assigned and when it’s due.
Mandatory or optional emails. Not all departments need the same type of security awareness training. We give you the option to send participants details about which modules are required or which are helpful “extras” for them to explore beyond the required.
You might think, “why would someone do a lesson that’s not required?” but here at Living Security our “Netflix-style” mini-series are just as entertaining as they are informative that employees love watching episodes at work.
Overdue reminder email(s). If a due date for a training assignment slips by, our automatically triggered emails nicely remind your team they're falling behind—and on which modules. These reminder emails can even be set to repeat every few days to keep employees on top of training.
Campaign follow-ups. So you ran a phishing campaign and some employees fell for it. But what kind of follow-up are you doing? Send an end-of-campaign email declaring it’s over, and give a shout=out to some people who didn’t fall for the phishing, while still being kind to those who did. This is a great place to provide additional resources for recognizing tricky phish scams to help those who struggled.
3. Don’t underestimate verbal praise or small prizes.
Listen, we know that employees want more than a generic, automated “good job!” email that’s sent to everyone. But Security Awareness Program Owners with thousands of employees in awareness training just don’t have the time to curate personalized messages or give out prizes to everyone. And you shouldn’t be expected to!
However, we do think there is a time and place for personalization, even in large-scale awareness programs. Whether that means giving individual team managers the assets they need to distribute praise or gifts themselves or randomizing the rewards with an unbiased name shuffler. You can also think of creative ways to give a few lucky employees recognition and show your appreciation for their impact on your security.