Platform

Unify HRM Overview

Platform

Capabilities

Identify: HROC Dashboard
Human Risk Quantification (HRI)

Insights

Benchmarking

Protect: Action Plans
Nudges: Communications & Employee Scorecards

Training: Risk Based SAT and Phishing

Orchestration: Policy Playbooks

Report
Report
Measure progress and ROI of action plans

Board and Executive Reporting

Manager Reporting

Bundles

Unify Go
Start your journey to HRM here.

Monitor risk by:

Security Training Compliance

Phishing and Email

Unify Enterprise
Covers risk in Unify Go and adds:

Malware & Ransomware

Data Loss

Account Takeover

Featured Resources

Living Security Blog
What is Attack Surface Management?
link

Living Security Blog
Why Your Team Should Have A Business Continuity Plan
link
Solutions

Solutions Overview

Solutions

By Role

CISO
Provides CISO’s, executives, and boards a complete picture and prioritization of workforce risk by type, department, location, and more.
link

Security Awareness Team
Go beyond training completion and phishing click rates and proactively safeguard your organization from human-induced security incidents.
link

GRC
Identify, resolve and track commonly violated policies with granular accuracy to lower risk and improve workforce compliance.
link

SOC/IR
Unleash the true potential of your human firewall with data-driven insights and action plans that curb threats before they become incidents.
link

By Risk

Training Compliance
Monitor training compliance status for users and segments across the enterprise.
link

Phishing & Email
Identify the users most and least at risk to social engineering attacks and protect them.
link

Malware & Ransomware
Proactively protect users from malware including viruses, worms, Trojan viruses, spyware, adware, and ransomware.
link

Data Loss
Pinpoint when data is at risk of leaving your controlled environment through unauthorized access or malicious intent.
link

Identity Threats
Get visibility into the most susceptible users for account compromise and mitigate their risk.
link
Products

Products

Products Overview
Transform how your organization approaches Security Awareness and Training by shifting to a proactive HRM approach that creates a strong culture of security.

Living Security Blog
What is Attack Surface Management?
link

Unify Human Risk Management
Establish a proactive security loop.
Security Awareness Training
Interactive compliance training for modern threats.
CyberEscape Rooms
Put your team in the center of security scenarios
Cybersecurity Awareness Month
Create a cyber vigilant workforce in October
Cybersecurity Engagement Training Go beyond compliance training Phishing
Stop social engineering attacks in their tracks with realistic simulations and training
across phishing, vishing, smishing, and more.
HRM

HRM

Human Risk Management: Proactive Security
Human Risk Management (HRM) is the process of identifying, assessing, and mitigating risks associated with human behavior in relation to an employee's use of technology.
HRM Maturity Model
How far is your company along the path to true proactive security?

Living Security Blog
What is Attack Surface Management?
link
Resources

Resources

Resources
Level up on Human Risk Management with a comprehensive collection of webcasts, whitepapers, ebooks, and more.
Blog
Access hundreds of informative blogs with deep dives and best practices relating to the full array of cybersecurity risks we face.
Webinars
Watch dozens of webinars tackling some of cybersecurity’s biggest challenges featuring thought leaders from leading organizations.
Case Studies
See how a variety of organizations utilize Living Security’s HRM Platform, Training, and Phishing to reduce risk with proactive defense.

Partners
Human Risk Management Powered by Partners.
Technology Alliance Program
Extend the value of your offering with HRM.
Partner Support
Unlock your potential with our partner hub.

Living Security Community Share HRM best practices Newsroom Read the latest news on Living Security. Support
The more you know, the more you grow.
Why Living Security
Establish a proactive security loop.
Start Now

July 14, 2021

How To Incentivize Cybersecurity Awareness Training Within Budget

Security Awareness Program Owners everywhere know it can be hard to get teams excited about cybersecurity awareness training.

Employees already have full plates and want to know what they’ll get for putting their work aside to go through training. And oftentimes, the ol’ “way to go!” and a pat on the back just isn’t enough...

So program owners rely on rewards to boost participation and engagement, but free days off and prizes can be expensive to give out, and many security training budgets simply don’t have the extra wiggle room.

Luckily, there are a few other creative ways to get employees excited about training that won’t break your budget. Consider implementing one or more of the following incentives:

1. Assign “point values” to certain training modules.

When using a robust security training platform, you should expect some sort of built-in reward functionality. For instance, here at Living Security, our platform uses a ranking system, which gives participants points every time they complete a training module. Participants not only climb to different “Levels,” but they also have a “Leaderboard” to see how they’re stacking up against other employees.

Our platform also automatically triggers “badges” that participants can earn. Some include:

Raining Stars: Participant provides a rank on the content.
Perfect Score: Content is completed on the first try without error. That is. the maximum security score is attained!
Feedback Royal: Participant provides comments on content.
Early Bird: Content is completed before the due or expiration date.

These small badges, rankings, and digital high fives are a nice way to give online training an interactive touch without dipping into your awareness program budget.

2. Automate encouraging emails.

While sending out random “great work!” emails to all participants seems impossible for large companies, there are ways to automate training reminders. With the Living Security training platform, for instance, you can choose from helpful default training notification email types, such as:

Assignment date emails. This email gently reminds users when a training module is assigned and when it’s due.
Mandatory or optional emails. Not all departments need the same type of security awareness training. We give you the option to send participants details about which modules are required or which are helpful “extras” for them to explore beyond the required.

You might think, “why would someone do a lesson that’s not required?” but here at Living Security our “Netflix-style” mini-series are just as entertaining as they are informative that employees love watching episodes at work.

Overdue reminder email(s). If a due date for a training assignment slips by, our automatically triggered emails nicely remind your team they're falling behind—and on which modules. These reminder emails can even be set to repeat every few days to keep employees on top of training.
Campaign follow-ups. So you ran a phishing campaign and some employees fell for it. But what kind of follow-up are you doing? Send an end-of-campaign email declaring it’s over, and give a shout=out to some people who didn’t fall for the phishing, while still being kind to those who did. This is a great place to provide additional resources for recognizing tricky phish scams to help those who struggled.

3. Don’t underestimate verbal praise or small prizes.

Listen, we know that employees want more than a generic, automated “good job!” email that’s sent to everyone. But Security Awareness Program Owners with thousands of employees in awareness training just don’t have the time to curate personalized messages or give out prizes to everyone. And you shouldn’t be expected to!

However, we do think there is a time and place for personalization, even in large-scale awareness programs. Whether that means giving individual team managers the assets they need to distribute praise or gifts themselves or randomizing the rewards with an unbiased name shuffler. You can also think of creative ways to give a few lucky employees recognition and show your appreciation for their impact on your security.

Read our 5 Ways To Reward Your Team During Cybersecurity Awareness Training for more terrific tips.

More Support, Less Work—Thanks to Campaign in a Box

Don’t spend days on end crafting personalized reminders, supportive materials, and thank you messages. Your skills are needed elsewhere!

With our Campaign in a Box, program owners like you can access pre-written messages to support your teams and keep training top of mind—without the work.

Each month, we have a new topic theme—like data privacy in January or social engineering in February—and provide chat messages, emails, and blogs for you to send to employees.