Just because your team are ‘cyber aware’ doesn’t mean it’s working…
Creative, engaging training will only take you so far, sure it will make your team say “that was really fun and engaging” but will it change their daily habits and ultimately your company’s digital culture?
Probably not, no. So, let’s look at a real-life example…
- An email has arrived and is suspected as suspicious by the user – Lisa.
- Lisa has done the training and after a quick look, she knows the email is fake (phishing email).
- Lisa has deleted the email.
- However, she doesn’t report it or take any other action.
The training has worked in educating her, but has it changed the company culture? The organisation is still carrying more risk than it needs to.
If there’s no change in digital culture behaviours – there’s no change in the amount of security risk!
So what can a leader do to influence digital culture changes?
- Stop the ‘tick box’ mentality – Just because Lisa has ‘ticked’ a security box – doesn’t mean she has started to change the company culture.
- Accept that ‘awareness’ has limitations – Let’s look at our example, Lisa, she is aware but the culture hasn’t changed and that is what we ultimately want.
- Don’t focus on learning, focus on ACTION – Learning without changes is meaningless.
- Communicate clearly with your team – Be specific with the changes you want to happen in the company and what you want to implement.
- Set real objectives – eg, “I want to reduce the instances of incorrect emails sent to stakeholders”.
- Be confident in what you’re telling your team – Research why your team need to be taking these objectives seriously (or take a look at our blog, we’ll help you out).
- Measure what matters – Start measuring the impact you’re having on digital culture, you can measure these using our digital culture systems.
- Give real support – Your team want real help. Personalise the help they get and nudge them in the right, and most effective way.
- Don’t try and catch your team out – You want trust between you and your team, don’t make them feel like they’re under a constant test from you. There are enough tests from external factors, so steer clear of phishing simulations.
- Culture is KEY – You’re going to need to dig deeper if you want to influence long-term culture changes.
So, where do you start?
Access our Digital Culture Systems and start to implement them into your business today… what are you waiting for?