Cyber Security Awareness is a top priority for banks (especially in October)

Cyber Security Awareness is a top priority for banks (especially in October)

This week kids will be trick-or-treating, prizes will be awarded for the most elaborate pumpkin carving, and adults will hunker down and watch re-runs of Halloween and Nightmare on Elm Street. And at the same time, security analysts around the world will be monitoring screens to spot potential cyber attacks – both inside and outside the corporate firewall – in an effort to protect their organisations and their customers’ data. There are make-believe bad guys like Freddy, and there are real world ones for whom the customer data that sits on corporate servers is the ultimate prize. It is a truly scary story; nation state actors and organised crime groups- with incredible levels of technical sophistication – are orchestrating attacks on our data on a daily basis.

Interestingly, October has been chosen, in some parts of the world, as the month for raising awareness of the security threat we’re all facing. So it’s European Cyber Security Month, National Cyber Security Awareness Month (NCSAM) in the US, and Cyber Security Awareness Month in Canada. These are all initiatives that seek to raise awareness, shift behaviours, and provide useful educational resources to help people understand how to keep safe on-line. I’m not sure if October was chosen because it coincides with Halloween, but regardless, these programmes are an important part of the critical task businesses (and governments) face in providing accessible, practical advice for citizens, customers and employees.

The challenge, as ever, is to communicate effectively, at the right level, to people with vastly different levels of understanding of a very complex subject. It’s fair to say that most programmes in existence right now – especially within businesses – fail to engage their audiences because the content is too static and one-dimensional. And if you don’t engage, people lose interest and even if a course is completed, behaviours are unlikely to change.

I happened to notice on the NCSAM page that they have a #CyberAware trivia game, it’s basically a Powerpoint deck where you guess at answers and test your overall knowledge of the threat landscape. It’s quite interesting, very ‘real world’ (meaning it’s accessible) and practically useful, assuming a certain level of knowledge to start with. 

The point I wanted to make here is it’s vital for organisations who have an agenda to educate an audience on cyber security – whether it’s employees or customers – that the content is delivered in an engaging way. It’s simply not enough to just throw a load of dry instructional documents on an intranet and ask people to complete module after module. The metric is not whether someone has read the material; it’s whether or not they are likely to change behaviour in the longer term.

This is a view that was strongly endorsed by 3radical customer Ellie Warner of Standard Chartered Bank, when discussing the application of our gamification technology within the Bank’s the CyberSpace project, at a webinar we held with Forrester last month. Standard Chartered has built a gamified engagement platform based on 3radical Voco, designed to enhance the way the organisation manages the human element of information and cyber security risk. The idea is that the Bank’s employees are engaged in an ongoing cyber security awareness programme that measures, inspires, and drives secure behaviour across all cyber touchpoints.

October may seem a somewhat arbitrary month to pick – notwithstanding any spurious Halloween relevance – to ramp up cyber security awareness levels. But all of these initiatives help, especially if organisations can go the extra mile and add some real creativity (and technology) to the way in which they deliver training programmes to employees. 

Discover how 3radical can boost your digital engagement marketing today.