Platform

Unify HRM Overview

Platform

Capabilities

Identify: HROC Dashboard
Human Risk Quantification (HRI)

Insights

Benchmarking

Protect: Action Plans
Nudges: Communications & Employee Scorecards

Training: Risk Based SAT and Phishing

Orchestration: Policy Playbooks

Report
Report
Measure progress and ROI of action plans

Board and Executive Reporting

Manager Reporting

Bundles

Unify Go
Start your journey to HRM here.

Monitor risk by:

Security Training Compliance

Phishing and Email

Unify Enterprise
Covers risk in Unify Go and adds:

Malware & Ransomware

Data Loss

Account Takeover

Featured Resources

Living Security Blog
What is Attack Surface Management?
link

Living Security Blog
Why Your Team Should Have A Business Continuity Plan
link
Solutions

Solutions Overview

Solutions

By Role

CISO
Provides CISO’s, executives, and boards a complete picture and prioritization of workforce risk by type, department, location, and more.
link

Security Awareness Team
Go beyond training completion and phishing click rates and proactively safeguard your organization from human-induced security incidents.
link

GRC
Identify, resolve and track commonly violated policies with granular accuracy to lower risk and improve workforce compliance.
link

SOC/IR
Unleash the true potential of your human firewall with data-driven insights and action plans that curb threats before they become incidents.
link

By Risk

Training Compliance
Monitor training compliance status for users and segments across the enterprise.
link

Phishing & Email
Identify the users most and least at risk to social engineering attacks and protect them.
link

Malware & Ransomware
Proactively protect users from malware including viruses, worms, Trojan viruses, spyware, adware, and ransomware.
link

Data Loss
Pinpoint when data is at risk of leaving your controlled environment through unauthorized access or malicious intent.
link

Identity Threats
Get visibility into the most susceptible users for account compromise and mitigate their risk.
link
Products

Products

Products Overview
Transform how your organization approaches Security Awareness and Training by shifting to a proactive HRM approach that creates a strong culture of security.

Living Security Blog
What is Attack Surface Management?
link

Unify Human Risk Management
Establish a proactive security loop.
Security Awareness Training
Interactive compliance training for modern threats.
CyberEscape Rooms
Put your team in the center of security scenarios
Cybersecurity Awareness Month
Create a cyber vigilant workforce in October
Cybersecurity Engagement Training Go beyond compliance training Phishing
Stop social engineering attacks in their tracks with realistic simulations and training
across phishing, vishing, smishing, and more.
HRM

HRM

Human Risk Management: Proactive Security
Human Risk Management (HRM) is the process of identifying, assessing, and mitigating risks associated with human behavior in relation to an employee's use of technology.
HRM Maturity Model
How far is your company along the path to true proactive security?

Living Security Blog
What is Attack Surface Management?
link
Resources

Resources

Resources
Level up on Human Risk Management with a comprehensive collection of webcasts, whitepapers, ebooks, and more.
Blog
Access hundreds of informative blogs with deep dives and best practices relating to the full array of cybersecurity risks we face.
Webinars
Watch dozens of webinars tackling some of cybersecurity’s biggest challenges featuring thought leaders from leading organizations.
Case Studies
See how a variety of organizations utilize Living Security’s HRM Platform, Training, and Phishing to reduce risk with proactive defense.

Partners
Human Risk Management Powered by Partners.
Technology Alliance Program
Extend the value of your offering with HRM.
Partner Support
Unlock your potential with our partner hub.

Living Security Community Share HRM best practices Newsroom Read the latest news on Living Security. Support
The more you know, the more you grow.
Why Living Security
Establish a proactive security loop.
Start Now

March 4, 2021

What is Experiential Learning & How Can it Transform Security Training?

Ever wonder why your team just isn’t having your security awareness program? You purchased this expensive, video-based training module and explicitly spelled out what they need to do, yet... they still don’t seem engaged!

While resource libraries and video training can be extremely effective learning tools, they’re not the only way to educate employees and managers about cyber threats.

Sometimes your team needs something a little more... real—an interactive lesson in security. While you can’t ask a hacker to kindly breach your systems and walk your team through a step-by-step recount of their attack, you can give your team a different kind of hands-on approach to understanding cybersecurity.

It’s called experiential learning, and for adult learners, it’s making a remarkable difference.

What is Experiential Learning?

Everyone has their own preferred learning style, but conventional cyber security awareness training programs only focus on two types: visual and auditory. Participants read educational resources or watch videos to understand the threat landscape, but one important learning style is neglected— tactile, hands-on learning.

The approach of “learning by doing” (vs. watching or listening exclusively) is a process called experiential learning, since it’s all about being involved in an experience.

In school, these hands-on learning experiences could have involved science labs, internships, studying abroad, performances, etc. It’s anything where the participant is interacting directly with their work— experimenting, solving problems, getting creative and critically thinking about and analyzing their decisions.

But how does experiential learning translate into cybersecurity?

Examples of Experiential Learning in Cybersecurity Awareness Training

Experiential learning is all about creating interactive experiences—and here are three ways SAPOs are integrating a “learning by doing” approach to security training:

Escape Rooms

You probably know of at least one company that’s sent individual departments on a day-retreat to an escape room. They ”trap” the team in a locked space and ask them to solve a puzzle or mystery together before a timer runs out, all aimed at facilitating teamwork and collaboration.

This same approach has been repurposed for cybersecurity training, wherein teams solve interactive puzzles to escape, all while learning about security.

In recent years with the COVID-19 pandemic and the expansion of geographically-divided remote teams, the in-person escape room has been converted back into a digital experience.

But while cyber escape rooms still happen behind a screen, they involve live-action storytelling and a great deal of interactivity. Everyone is still expected to participate and collaborate to problem-solve, with the correct answers to little quizzes unlocking virtual doors to get one step closer to freedom. Learn more about our virtual escape rooms here and why enterprises are thrilled to use them.

Security Awareness Interactive Games

Escape rooms are just one of a long list of interactive security awareness games your company can try to make training feel like a true interactive experience.

From “Game of Threats,” a helpful activity a lot like escape rooms that simulates cyber attacks and forces participants to make important decisions under a timer, to “Security Feud,” a spin on the Family Feud TV game show, there are dozens of in-person and online games to help your team learn, hands-on.

Here are 10 of the best cybersecurity games we recommend for fostering better engagement in your initiative.

Virtual Reality Technology

Take “seeing” to the next level with a virtual reality cybersecurity exercise. With the use of augmented (AR) or virtual reality (VR), participants can interact with things directly in their environment. Either by seeing virtual objects superimposed in the room (AR) or by moving through a completely invented word (VR), this training is more immersive and realistic than most desk-confined exercises could ever be.

Some technologies are using AR glasses or VR headsets to simulate phishing and other cyber threats in a near real life experience, allowing participants to perform tasks and directly practice best practices for improving security.

Why Experiential Learning is the Better Approach to Security Awareness Training

There’s no doubt that many learn better by doing versus seeing or hearing alone. Here are some big reasons experiential learning is a gamer changer for many cybersecurity programs:

It boosts learning.

This hands-on learning involves critical thinking, problem-solving and decision-making beyond traditional security training programs with videos and tests alone. Real life experiences facilitate better understanding and retention, since it’s often easier to remember what you yourself did versus what you watched someone else do.

It’s more engaging.

Instead of dozing off behind a computer screen, those involved in experiential learning are forced to be more than a viewer— they must participate. This keeps them alert and accountable, ensuring they’re involved in the education and not just going through the motions of passing an online assessment. Experiential learning experiences follow a plot and a real story and asks them to be a part of it, peaking their interest.

It’s actually FUN.

Many experiential learning exercises are in-and-of-themselves games. They’re meant to foster healthy competition and collaboration and even leverage rewards to help participants feel like they’re playing. Sure, they’re learning while gaming— but they’re playing nonetheless!

Mind if We Help with the Heavy Lifting?

We know that creating an engaging security awareness training program takes a lot of time, creativity and resources.

Let us take some of the weight off your shoulders so you can focus more on the program itself and less on the technicalities.

Our Campaign in a Box package contains neatly bundled resources for rolling out your security program. Think monthly-themed emails, messages and content for Security Awareness Program Owners like you! Easily nurture your training program with a little help from Living Security.