In 2018, 35% of Cyber Security Chief officers stated that cyber security training is the highest priority in the industry. Employees engaged in cyber security training can become careless of cyber security issues, followed by feeling less vulnerable as being equipped to deal with cyber security. To sustain employees’ continuous engagement in cyber security, ongoing training is required.
What is Engagement?
Engagement is built. Listening, supporting, communicating, coaching, and guiding are the best and safe practices employers can provide to their employees. Safe environments are more likely to avoid security incidents and more likely to engage employees in cyber security practices. Engaged employees strengthen the organisation and organisational resilience. Unengaged employees experience frustration over cyber security.
What is the value of Engagement?
Approximately 22% of data breaches are the result of employee malicious activity. The EU GDPR applied extra responsibility to organisations where they can face up to 4% of annual global turnover for such incidents. Furthermore, reputation damage and the loss of trust are also present as non-financial costs of malicious events.
Employees need to feel empowered to make the right decisions, take the right actions, and have a tolerance for failure to be able to learn from mistakes. They should be invited to communicate their failure and feel comfortable seeking help. It will allow them to grow and create organisational resilience. Such empowerment helps employees to align with organisational values and build a sense of trust. Building a trusting and inclusive relationship between employees and organisations more likely leads to employee commitment, thus cyber security engagement.
What is cyber Engagement?
Cyber fatigue refers to the employee experiencing negative effects or emotional exhaustion related to cyber security. It can be followed by cyber disengagement or becoming careless due to the inability to cope with cyber security demands in the organisation. It creates a limited capacity for employees to make the right decisions over cyber security. Cyber fatigue can be reduced by taking breaks and focusing on different tasks.
Such tasks can be ongoing cyber security training as cyber gaming. It has a personal context and helps people to connect. Employees have an opportunity to socialise, thus releasing anxiety and fatigue by creating their cyber security scenarios different from the ones given by cyber security awareness training. A team environment of cyber gaming competitiveness engages in cyber security and adds a sense of creativity, and fun. It makes complex cyber security issues look easier, more understandable, and less scary.
Gamified cyber security learning environment leads to a higher employee engagement, is more successful in learning and training approaches, and is easily integrated into the working environment in the long-term run. It helps employees to make the knowledge stick and build a new skill.