Why Continuous, Long-Term Security Awareness Training Will Build Tomorrow’s Cybersecurity Champions

Back in 2003, a Swiss tennis player named Roger Federer won his first grand slam title – the prestigious Wimbledon championship. Federer has since won more than 100 ATP titles, making him one of the most accomplished tennis players in history – thanks in large part to his training.

From the early days of his career to this very day, Federer has implemented a 10-hour daily training regimen. He calls it “a lifelong plan” and without it – experts claim – none of his shots would have looked like the ‘famous Federer shot’ that tennis enthusiasts around the world consider nothing less than astounding.

Steph Curry fulfilled his childhood dream and was drafted to the NBA in 2009. In 2014, Curry won the NBA Most Valuable Player Award and led the Golden State Warriors to their first championship since 1975. He has since won multiple awards, broke dozens of scoring records and led his team to multiple NBA Championships. Curry said in a number of interviews: “There are no days-off in my practice routine. I’m always working on my game, always trying to get better”.

Both leading athletes implement a continuous, dynamic training approach. They acknowledge that staying at the top means constantly evolving their training routine per their changing goals and physical abilities.

4 Reasons Why to Implement a Long-Term Training Regimen

Training for excellence means chasing a moving target. With each accomplished milestone, a higher and more challenging goal is created.

Organizations need to train 100% of the workforce year-round using a smart, adaptive methodology. The longer you keep an effective security awareness training program running, the better your employees respond when faced with phishing attacks, minimizing risk and keeping your organization ahead of the curve.

Here’s why:

1. Aim for more

When aiming for success, ’good’ is simply not ‘good enough’. Just like in athletics training regimen, an effective cyber security awareness training program helps employees build ‘anti-phishing muscles’ and sharpen instincts to immediately identify malicious emails when those slip through their mailbox. The more frequent employees’ practice, the faster they improve. While the largest KPI improvements are naturally noticed within the first 6-12 months, a steady improvement will continue to manifest even after 36 months.

2. Use it or lose it

We live in the information age and forget things faster than we are willing to admit. The simplest way to remember important things is to get them to the “top of the list” regularly. Our research shows that an average of 12 “reminders” a year is just the right amount to keep employees aware without overwhelming them.

3. Stay ahead of the curve

Hackers are never idle; Phishing attacks constantly evolve and become more sophisticated, aiming to target employees at their most vulnerable moments. ‘Staying in shape’ means studying your new opponents and knowing what you’re up against – an essential practice to avoid falling prey to new phishing schemes.

4. Be all-inclusive

Modern enterprises experience high employee mobility from outside and within the organization. Just like adding new players to a sports team, if new hires lag behind their peers’, the team is weaker. The longer an enterprise delays new employee security awareness training, the higher the risk for the organization.

*** This is a Security Bloggers Network syndicated blog from Security – TechSpective authored by Mike Polatsek. Read the original post at: https://techspective.net/2019/07/24/why-continuous-long-term-security-awareness-training-will-build-tomorrows-cybersecurity-champions/