It’s time to rethink cybersecurity awareness

In the ongoing AI-race between cyber defence and threat actors there is an important dimension that is often overlooked: the need to combat AI-driven threat attacks not only with AI, but with more HI – Human Intelligence. But to make that happen, we need to rethink cybersecurity awareness. And we need to do it in three steps.

First: Stop the blame game
Still way too many organisations run their awareness training programmes just to be compliant. With poor or unclear results as a given outcome. This often leads to organisations blaming employees for being the ‘major risk surface’ but at the same time lacking the frameworks to support them.

In rethinking cybersecurity awareness, we need to stop the blame game and change how we view our colleagues: Awareness training doesn’t fail because employees don’t care, but because it fails to align with how people actually work.

Second: Use a method that really creates learning
NanoLearning from Junglemap as a method comes with a bold promise: people will remember what they learn. By using a method built on spaced repetition, reflection and reinforcement we can challenge and combat the missing piece when it comes to changing behaviours: the forgetting curve.

Learning that sticks is fundamental if we want our security awareness training not only to be compliant, but to shape long-lasting security behaviours that will nudge and help people to stop, think, ask and react if something seems off.

Third: Measure what matters
Many European CISOs testify that:
– they can’t prove that their awareness training works,

– they can’t prioritise who needs what, and

– they can’t explain the value to the organisations’ leadership.

Today many security managers are confined to solely measure things like training completion rates and failed phishing tests, even though they know that activity metrics don’t equal risk reduction. It’s time to start measure what matters: behaviours.

It’s time to evolve. It’s time to start using a human risk management system where we can capture the security behaviours within a broader scope and then be more targeted in our awareness trainings.

Junglemap will always offer NanoLearning as a solid method for ‘raising the awareness floor’ in an organisation. This is the best way to start creating a cybersecurity culture that includes the whole organisation.

By becoming a part of MetaCompliance, we can now combine our organisational learning and change with a more sophisticated risk assessment, allowing organisations to enhance their cybersecurity posture.

European sovereignty – it starts right here!
We’re happy to be a part of Cybersec Europe. In a time of geopolitical turmoil like the one we’re experiencing now, it has become more evident than ever that we really need to come together. The EU, the member states, the public and private sector across industries.

Because by the end of the day, we’re not competitors. We’re all a part of a cybersecurity echo-system that needs to grow stronger. So, let’s share. Let’s share experiences, knowledge and best practices. I can’t think of a better place than Cybersec Europe to do this!

Arno van den Hof
Managing Director
Junglemap Benelux B.V.

As cyber attacks continue to threaten today’s tech landscape, this event is the premier platform for seasoned cyber security professionals and innovative start-ups to exchange knowledge and tackle cybersecurity challenges together. Organizations across all sectors will discover strategies to boost cyber resilience and safeguard critical assets. Don’t miss this chance to strengthen your cyber defenses.