Security Awareness Programs are a valuable part of every company’s security strategy. Security Awareness Programs are also abysmal failures and a waste of resources.

To see how to make your security awareness program FAIL! watch this short video.

 
But how you make one succeed? My Top 5 tips are:
1. Make it entertaining. You are competing with Angry Birds, YouTube and social media and your security awareness program has to be compelling enough to get folks to pay attention. Humor is good. Boring is bad.

Screen shot 2013-09-10 at 11.21.19 AM

2. Use Headline Marketing. Unless you grab their attention, they will never see the meat of your message.

Screen shot 2013-06-25 at 9.03.33 AM
3. Multimedia is King. People will not read long texts; they have no time or are culturally unable to digest too much information. Keep it short, sweet, using dynamic graphics and video productions. They work.

 

4. Do it over. And over. Security awareness is an ongoing effort that is never ‘done’. Why is Phishing still so successful? Because not everyone gets the memo. Think Coke. They spend billions on marketing to keep their name out their. You can spend a few thousand and achieve the same thing.

Screen shot 2013-09-10 at 11.21.40 AM
5. Make your program personal. Most people don’t care about company policy. They want to do their job and get paid. Teach them about security as it relates to their family and friends. Teach the risks and “Do Not…” messages. They will pay attention to this, and then relate the personal security messages to company security. It works.

 

Let me know what you think… and if you have some more great ideas! Tweet us @secawareco

The Security Awareness Company

With over 25 years of industry experience, we serve both small & large organizations to create successful security awareness and compliance programs on an international scale. Our team is a strong, creative powerhouse with a passionate vision and we consistently produce on-trend end-user training materials of the highest caliber.

Latest posts by The Security Awareness Company (see all)