Cybersecurity training, videos, phishing testing: we all know the drill. For many, it’s just one more thing to click through before logging off for the day. The human element in cyber is often overlooked and just seen as a point of failure in enterprises’ cybersecurity solutions. General cybersecurity training aims to educate employees on good cyber practices, but without interest and motivation, these efforts are often ineffective.
What would happen if we put the human side of cyber first?
Instead of writing off risky behavior as something to be corrected, what if we dig deeper to understand why we make the decisions we do? Learning your risk tendency is an important step to understanding how to approach risk and avoid making critical mistakes.
For instance, if presented with a big red button, how would you react? You aren’t told whether to push it or not, and you have no idea what it does. Maybe you really want to push it, but while you’re open to taking a risk, you need to evaluate the situation first. Maybe the button does something incredible. Maybe it does something bad. You feel the need to weigh the pros and cons of taking the risk before acting.
Style-aligned Cybersecurity Education
If this sounds like you, then you might be a “risk taker.” You are action-oriented yet evaluative; you are open to taking worthwhile risks. You prefer situations where expectations are clear and you can control the results. Knowing your unique risk tendency and learning about your strengths and weakness allows you to think critically about all the decisions you make, not just ones in the workplace.
Cybersecurity education specifically geared to the unique risk profiles in your organization won’t just help it avoid ransomware attacks; it will also make employees think twice about clicking that spam email at home.
ISG and cyberconIQ are partnering to bring enterprises an innovative style-aligned education program, so employees across the company can all play a stronger, more mindful role in cybersecurity. Continue following ISG and cyberconIQ during National Cybersecurity Awareness Month for more information on risk-profiles and what they mean for your organization. Or contact us to find out more.
About the author
Doug Glair is a Director in ISG’s cybersecurity practice. Doug is a cybersecurity and supply chain leader with remarkable background leading, designing, and operating large enterprise-wide cybersecurity and supply chain programs. Exceptional relationship builder and collaborator with proven ability to deliver improvements in cybersecurity risk posture using established standards, industry leading practices and ROI-driven controls.