Security awareness training is about reducing human risk. Humans are the primary target for cyber criminals, therefore it is critical that your security awareness training program works to mitigate that vulnerability by including relevant and timely topics and by presenting information in formats that will adapt to every learner’s needs. Properly position each person in your organization, and you become a stronger shield against cyber threats.
But it isn’t always that simple. Learning is a multi-step process. Retention takes time. SANS Security Awareness Training content is focused on a learning methodology that increases retention of all learners, regardless of their comprehension level.
To expect retention and behavior change at your organization, it involves a variety of techniques to engage the learner and inspire them to apply what they’ve learned. When developing content, SANS is sensitive to the three main phases of the learning process:
- Remembering the information
- Understanding or comprehending what was presented
- The application of what was taught
If learners can’t recall the information, a security awareness program won’t have as high rate of success because the learner won’t be able to remember important information at the critical time.
We strive to develop content that is meaningful and engaging for all learners, so we rely on a tiered training approach to train, retest, and build upon the necessary behaviors. This will increase the success of a quality security awareness program. Training content should be relevant and relatable. So, we’re introducing exciting new flavors to our EndUser Security Awareness Training content in 2019:
A live action host and motion graphics are combined for an interesting visual twist to capture the learner’s attention in this captivating, multi-sensory learning module.
Live Action Videos
Live actors overcome real-world cybersecurity challenges in these engaging, Hollywood-style mini movies.
Interactive games spark a learner’s desire to succeed as they practice critical skills, empowering them to respond properly and confidently when encountered with an real-life cybersecurity threat.
Challenging, yet enjoyable games engross players as they work to defeat security threats, giving learners the ability to apply a deeper understanding of security behaviors.
By leveraging our adult-learning behavior methodology with our leading subject matter experts, these new additions to our training content will enable a greater adoption of varied learning levels, while also empowering the security awareness officer to cater directly to the unique training needs of specific departments and to an entire organization. The flexibility is directly in the hands of the security awareness officer. The end result? A more mature security awareness program.
SANS Security Awareness Maturity Model
As outlined in the 2018 SANS Security Awareness Report, The Security Awareness Maturity Model© is the key measure of program impact and success as established by the level of measurable human risk that can be mitigated by changing behavior.
The Maturity Model was established in 2011 through a coordinated effort of over 200 awareness officers. It continues to enable organizations to identify and benchmark the current maturity level of their security awareness program and determine a path to improvement of their own program. The most successful, most mature, security awareness programs not only change behavior and culture, but can also measure and demonstrate their worth via a metrics framework.
These new flavors coming to the 2019 SANS EndUser Security Awareness Training content will drive more engagement and retention for each learner, collectively leading the entire organization up the maturity curve.