There is a reason why many IT directors turn to funny (or at least interesting) cyber security training videos to educate employees about IT security risks.
Ask any CIO, IT director or IT professional what keeps them up at night and they’re likely to acknowledge cyber security risks at their organization. The reason they lose sleep isn’t because of their lack of due diligence. In fact, it’s likely that they’ve done their research and armed themselves with cyber security protection to the extent that they can.
It’s the vulnerability of knowing that human errors by anybody in their workforce can create a firestorm of cyber security trouble that will land in their laps.
When it comes to organizations suffering staff-related IT security mishaps about 50 percent of the worst ones are caused by employee error, according to a report by Axelos.
U.K.-based publication IT Governance Blog contends that when most employees compromise IT security it’s an uninformed mistake. It cites the U.K.’s Cyber security breaches survey from 2017, showing that reveals that 72 percent of reported cases of cyber security breaches occur after a staff member falls victim to a phishing email.
That same report shows that only 20 percent of staff members surveyed had attended any form of cyber security training.
Cyber Security Training Doesn’t Need to Be Boring
Andrew Rinaldi and Rob Simopoulos, co-founders of Defendify, a cyber security consultant and solutions provider for small businesses, confront organizations’ IT security risks every day. When it comes to mitigating risk, human error is good area to target, they contend.
That starts with creating strong and clear guidelines and policies when it comes to how they’re expected to use computers, mobile phones and applications, Simopoulos says. “So basically writing a rule book and then training the heck out of that.”
He suggests also doing some testing to see that the human error aspect is under control. “You’re basically sending phishing emails to employees to see if they click on links and files and so on.”
However, the security training and even the phishing tests can be done effectively in a lighthearted manner. “It’s a very serious topic,” Rinaldi adds, “but it doesn’t have to be so serious in the way that you produce these kinds of trainings and assessments – and produce these policies.” He suggestions that the messages will land better by “weaving a little bit of fun” into the training materials for both in-person an online videos.
Cyber security training videos shouldn’t be too long and IT directors should focus on creating content that will hold people’s interest, Rinaldi adds. “I think that’s really important because it’s not always the most exciting material, but if you can weave a little bit of fun into it it’s really helpful.”
With that in mind, here are nine cyber security training videos that may not always be laugh-out-loud funny, but they’re not boring.