Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    [VIDEO] Avoid These 10 Common Security Awareness Training Program Fails

    If you want to succeed with your organization's security awareness training program, here are some of the top "faux-pas" we have seen over the years that you should be sure to avoid:

     


     

    1. Avoid singling out users that click on a phishing link and making a public example of them. Do not punish employees that make mistakes early on.
    2. Avoid sending phishing campaigns only every 90 days. Quarterly phishing tests really just take a baseline, whereas phishing users at least once a month is an effective method to groove in making smart security decisions.
    3. Avoid sending the same phishing template instead of randomizing the templates to each user, and running campaigns on predictable times like every Monday afternoon.
    4. Avoid starting out with 5-star phishing templates that are too difficult to identify.
    5. Avoid sending only phishing attacks and overlooking stepping users through interactive training.
    6. Avoid forgetting to emphasize that this program will also help your users to keep their family safe online.
    7. Avoid forcing the program through your users throats, and bypassing getting C-level air cover for the program. You want as much buy-in from the get-go as possible.
    8. Avoid neglecting to inform key stakeholders, department managers and tech support before you send the initial baseline test.
    9. Avoid not reporting the positive results to the stakeholders with graphics that show improvement over time.
    10. Avoid not having a good procedure / process that allows users to report phishing emails that they found in their inbox, and not having a Social Engineering Incident Response program.

    You can also access the infographic here

     

    Return To KnowBe4 Security Blog

    Get Your Customized Automated Security Awareness Program, ASAP!

    Many IT pros don’t exactly know where to start when it comes to creating a security awareness program that will work for their organization.

    We’ve taken away all the guesswork with our Automated Security Awareness Program (ASAP).

    ASAP is a revolutionary tool for IT professionals, which allows you to create a customized Security Awareness Program for your organization that will show you all the steps needed to create a fully mature training program in just a few minutes!

    asap-monitor-1Here's how it works:

    • Answer seven questions about your organization’s goals, compliance needs, and culture
    • ASAP recommends suggested training content based on your answers
    • See a detailed calendar with a customized task lisk to get your program started
    • Easily export detailed and executive summary PDF versions of your program
    • Get a fully mature awareness program ready in 5 minutes

    Get Started Now

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/automated-security-awareness-program

    Topics: Security Awareness Training

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews