Platform

Unify HRM Overview

Platform

Capabilities

Identify: Human Risk Operations Center (HROC)
Dashboards

Power Insights

Benchmarks

Protect: Action Plans
Nudges: Communications & Employee Scorecards

Training: Risk Based SAT and Phishing

Orchestration: Policy Playbooks

Report: Human Risk Index (HRI)
Employee Scorecards

Manager Reporting

Board and Executive Reporting

Bundles

Unify Go
Start your journey to HRM here.

Monitor risk by:

Security Training Compliance

Phishing and Email

Unify Enterprise
Covers risk in Unify Go and adds:

Malware & Ransomware

Data Loss

Account Takeover

Featured Resources

Living Security Blog
What is Attack Surface Management?
link

Living Security Blog
Why Your Team Should Have A Business Continuity Plan
link
Solutions

Solutions Overview

Solutions

By Role

CISO
Provides CISO’s, executives, and boards a complete picture and prioritization of workforce risk by type, department, location, and more.
link

Security Awareness Team
Go beyond training completion and phishing click rates and proactively safeguard your organization from human-induced security incidents.
link

GRC
Identify, resolve and track commonly violated policies with granular accuracy to lower risk and improve workforce compliance.
link

SOC/IR
Unleash the true potential of your human firewall with data-driven insights and action plans that curb threats before they become incidents.
link

By Risk

Training Compliance
Monitor training compliance status for users and segments across the enterprise.
link

Phishing & Email
Identify the users most and least at risk to social engineering attacks and protect them.
link

Malware & Ransomware
Proactively protect users from malware including viruses, worms, Trojan viruses, spyware, adware, and ransomware.
link

Data Loss
Pinpoint when data is at risk of leaving your controlled environment through unauthorized access or malicious intent.
link

Identity Threats
Get visibility into the most susceptible users for account compromise and mitigate their risk.
link
Products

Products

Products Overview
Transform how your organization approaches Security Awareness and Training by shifting to a proactive HRM approach that creates a strong culture of security.

Living Security Blog
What is Attack Surface Management?
link

Unify Human Risk Management
Establish a proactive security loop.
Security Awareness Training
Interactive compliance training for modern threats.
CyberEscape Rooms
Put your team in the center of security scenarios
Cybersecurity Awareness Month
Create a cyber vigilant workforce in October
Cybersecurity Engagement Training Go beyond compliance training Phishing
Stop social engineering attacks in their tracks with realistic simulations and training
across phishing, vishing, smishing, and more.
HRM

HRM

Human Risk Management: Proactive Security
Human Risk Management (HRM) is the process of identifying, assessing, and mitigating risks associated with human behavior in relation to an employee's use of technology.
HRM Maturity Model
How far is your company along the path to true proactive security?

Living Security Blog
What is Attack Surface Management?
link
Resources

Resources

Resources
Level up on Human Risk Management with a comprehensive collection of webcasts, whitepapers, ebooks, and more.
Blog
Access hundreds of informative blogs with deep dives and best practices relating to the full array of cybersecurity risks we face.
Webinars
Watch dozens of webinars tackling some of cybersecurity’s biggest challenges featuring thought leaders from leading organizations.
Case Studies
See how a variety of organizations utilize Living Security’s HRM Platform, Training, and Phishing to reduce risk with proactive defense.

Partners
Human Risk Management Powered by Partners.
Technology Alliance Program
Extend the value of your offering with HRM.
Partner Support
Unlock your potential with our partner hub.

Living Security Community Share HRM best practices Newsroom Read the latest news on Living Security. Support
The more you know, the more you grow.
Why Living Security
Establish a proactive security loop.
Start Now

August 5, 2021

The "New-School" Approach to Security Awareness Training

Unless you’re talking about homemade apple pie or Don Draper’s favorite cocktail, “old-fashioned” isn’t a flattering description, particularly when it comes to your security awareness training program.

It can be tough to equip your teams with the knowledge and skills they need to combat ever-evolving cybersecurity threats. Unfortunately, the same old-school security awareness programs simply won’t cut it.

Luckily, new-school security awareness training has emerged that drives higher engagement and yields better results. Let’s take a look at what’s changed from then to now:

What Is “New-School” Security Training?

What’s the difference between the old-school way and the new-school approach, you ask? It’s very simple. Consider a traditional security awareness program. The training is stagnant; it’s often conducted as a one-time course aimed at basic compliance. There is little to no follow-up, and your trainees are typically unengaged or taught to be fearful of ominous cyber threats.

New-school security awareness training takes a new approach, one that dives deeper. It encourages a higher level of preparedness through continuous learning, assessing participants through simulated attacks and other security scenarios, leveraging interactive design, and always teaching with compelling content that users find engaging.

New-School vs. Old-School

Let’s say you stick to an old-school security awareness training program. Likely you’ll have your teams sit through static, boring Powerpoint presentations that occur only to check off the periodic employee training requirement. Then they will go on with their day and immediately forget the vast majority of material covered during the training. (We’re getting sleepy just thinking about it!)

Suppose you decide to take your security training efforts to the next level and give the new-school method a try instead. Now your trainees are learning compliance and best practices regularly with ongoing testing and practices. You’ll have a better understanding of who may need more training through consistent simulations of phishing, vishing, and smishing attacks. Your IT and security teams will sharpen their skills through repeated exercises and cybersecurity education.

Which would you rather?

What You Typically Get With the New-School Approach

The new-school approach promotes a higher level of readiness and security for your organization. A training platform that pushes a new-school cybersecurity awareness training approach typically includes:

Baseline Testing. Most new security training platforms will include a baseline of testing that often involves automated phishing attack simulations. This testing helps you determine which users are more vulnerable to these attacks and prepares your organization for defense against a real threat.
Content Libraries. Most new-school security awareness programs will offer a library of training materials to simplify and accelerate cybersecurity education.
User Management. You can easily store information, manage your end-users, and assign roles and permissions within a new-school platform.
Reporting Tools. Reporting features provide valuable insight into end-user performance and metrics that assess the efficacy of your training programs. Based on the actionable report findings, you’ll improve your process and better assist your teams.

What the New-School Approach Is Often Missing

New-school security awareness training drives preparedness through continuous learning, testing, and data-driven tools.

This is excellent news for CISOs, right? The solution to an ineffective old-school approach is to implement a new training program and move forward.

Not so fast!

While the new-school approach provides significant improvements over older methods, there are a few critical components to a successful program that even the newest-school approach doesn’t directly address.

1. Human Risk Management

What is the driving force behind traditional security training? Fear. That might sound dramatic, but it’s true. Consider the fundamental concept woven into most compliance and cybersecurity education programs: participants are taught to fear that if they make a mistake, the consequences will be disastrous. They hear that they are the weakest link in the line of defense, which is stressful and discouraging.

Human risk management is an approach to cybersecurity training that instead, empowers users through positive encouragement, motivational tactics, and experiential, customized learning. Human risk management, combined with the tech of a new-school security awareness program, offers the highest ROI for cybersecurity training today.

2. Personalization & Targeted Campaigns

Content libraries are no doubt helpful, especially for basic compliance education. But each company is unique, and CISOs have goals beyond the material that typical training platforms stock in libraries.

The most effective way to educate your teams is through targeted campaigns, explicitly crafted for your organization’s needs and IT setup. The combination of a robust library of general training courses plus the capability to craft company-specific items drives the best results.

3. Experiential & Team-Based Learning

New-school security awareness training programs do offer valuable testing, attack simulations, and large content libraries. However, few include interactive and gamified content as well as videos, documents, and training modules. According to research conducted by the eLearning Industry publication, adult learners who participated in gamified learning sessions scored 14% higher on skill-based assessments.

Human Risk Management Transforms Cybersecurity Training

If you’re considering an upgrade to a new-school security awareness training platform, remember that humans are your greatest asset when it comes to security, not your biggest weakness.

It’s almost impossible to change your culture around cybersecurity without understanding human risk management. And as cyberattacks continue to grow more sophisticated, it’s critical to inspire and motivate your team to succeed in protecting your organization.

Want to stay up-to-date on human risk management trends and best practices? Download the 7 Essential Trends Of Human Risk Management for 2021 guide today.