Month: October 2024

Keeping Security Awareness Sustainable

A good and effective Cybersecurity Awareness Program is not a ‘set it and forget it’ kind of thing. It takes constant care and feeding. If it is important to the organization (and it is), to our clients (and it is), and to our people (and it must), then planning for its sustainability is critical.

Part 3 of this series: Keeping Security Awareness Sustainable.

Practical Ways to Keep Your Program Sustainable:

Let’s remind ourselves of the big picture of the Cybersecurity Awareness Program journey.

Stay the course. Don’t stop just because something doesn’t work as you expected.
The cybersecurity awareness program MUST be agreed to and modeled by LEADERSHIP.
EQUIP Leadership (at all levels) to be successful in supporting Security Awareness.
Bake it into Onboarding. Start a new hire off with an understanding of the importance of security and security awareness at this organization.
Keep the tone POSITIVE. There’s only so much negative that people can take. Even negative stories/issues can reinforce the positive actions and awareness people need.
Deweaponize your Cybersecurity Awareness Program. If your program just catches people doing the wrong thing or just emphasizes what not to do, it will sour quickly in the minds of your people.
Be mindful of who sends the message. It can’t just be the IT Department. Here are some suggestions:
- Use multiple voices to get the message out.
- Leverage top executives for messages or information that is organization-wide or strategic in nature.
- Leverage direct supervisors to get more specific information to individuals on how this impacts them in their day-to-day work.
- Use peer-to-peer messaging. It’s always good to hear from the “normal people” in the organization. People will often listen to their peers before they listen to IT or leadership.
- Use outside experts to assist in your efforts. Sometimes, it takes an outside voice to get someone’s attention.
CLEARLY and REGULARLY state: Who to call/email; What to do if you have questions; What to do in the face of…
Use your metrics wisely.
- What you do with metrics matters. Measure security awareness-related activities that show or measure changes in behavior (statistical and anecdotal).
- Continue to gather them. Metrics give you opportunities to tie changes in the program to trends in behaviors of your people.
Cadence is important. Security Awareness information can’t be a “once a year” thing. A sustainable program creates an environment that expects a steady flow of useful security information, education, and guidance.
Leverage multiple learning opportunities or avenues:
- On-demand content
- Monthly topical emphases
- Live Events
- Be prepared to distribute “In the moment” communications and educational opportunities in the face of an incident that occurred, a new “Threat in the wild” for people to be aware of, or a testimonial of an organization or client event.
Invest in the program. It can’t be fully automated and requires time, attention, and resources.
- Ask how big of a team the organization can afford or cannot afford.
- Know that you can’t do it all yourself.
- Provide around-the-clock response.
- Outsource elements of the program if needed.

Security Awareness is essential in today’s world. People are the target and the primary starting point for security incidents. Invest in a program that is Engaging, Relevant, and Sustainable.

Reminder: If you need help getting your security awareness efforts off the ground or achieving all three goals with your cybersecurity awareness program mentioned in this series, we’re here to help.

About the Author

Kenny Leckie

Alterity | Senior Technology & Change Management Consultant

In his role as Senior Technology and Change Management Consultant, Kenny provides thought leadership and consulting to the community in areas of information security/cybersecurity awareness, change management, user adoption, adult learning, employee engagement, professional development, and business strategy. He also works with clients to develop and deploy customized programs with an emphasis on user adoption and increased return on investment. Kenny is a Prosci
Certified Change Practitioner, a Certified Technical Trainer and has earned the trust of organizations across the US, Canada, The UK, Europe and Australia.

Kenny has more than thirty years of combined experience as a Chief Information Officer, Manager of Support & Training, and now a consultant, providing him a unique point of view and understanding of the challenges of introducing change in organizations. He combines his years of experience with a strategic approach to help clients implement programs that allows focus on the business while minimizing risk to confidential, protected, and sensitive information. Kenny is an author and speaker and a winner of ILTA’s 2018 Innovative Consultant of the Year.

It’s All in How You Say It

When was the last time you were excited about going to a webinar? I have signed up for more webinars than I can count and about 5 minutes before each of them I find I am wrapped up in other things that I decide are more pressing. But what if it was not a webinar you were invited to, but a showcase?

A few times a year, the Alterity team rolls out enhancements to our learning portal. We send a few emails and then hold a webinar to show what we will be releasing. But this time I was not excited about holding yet another webinar. I decided we needed to change it up. We would hold a showcase instead. While it would feature essentially the same content, I wanted it to feel fresh and new.

How is a showcase different? I asked each member of the client support team to present their favorite enhancement. This meant that it was not just me talking for the entire time, it also gave the team a chance to flex their presentation skills and demonstrate their expertise.

The new format also allowed the team to inject their personal style. The team member who always enjoys showcasing new virtual backgrounds found us a fun red curtain spotlight image, so we were all coordinated with the showcase theme. I also had each person introduce themselves with the information they planned to share.

So, did this simple wording change work? Yes! We had the largest registration ever. We also had requests for the recording, even from those who attended.

Sometimes it’s as simple as how you word things from the beginning. Do you want to hold a training session or a technology showcase? Feel free to get a little creative! It’s amazing how a few simple word changes can grab someone’s attention.

Author: Molly Wolfe, Director of Learning Development and Client Support

Transform Your Workforce: Insights from the HRSouthwest Conference

In October 2024, we had the incredible opportunity to attend the HRSouthwest Conference (HRSWC) at the Fort Worth Convention Center as an exhibitor in the Event Marketplace. As one of the largest regional events for human resource professionals, this conference was buzzing with HR leaders and professionals, making it a hub of experience, knowledge, and networking.

A Diverse Gathering of HR Professionals

We met people from all over the region with titles ranging from CEO, CHRO, VP of HR, HR Director, HR Manager, to HR Generalist. HR leaders wear many hats, and these HR functions are key to organizational success. The overall outlook of each participant was very positive, and attendees welcomed conversations about solving problems and discussing solutions that will help them be more effective and efficient.

Key Themes and Needs

The needs of the attendees were many but can be summarized into three main areas:

Training (the right training and modality) – Empowering individuals through training & development.
Engaging employees – Educating team members with continuous learning, boosting employee engagement.
Delivering enhanced customer service – Elevating the entire organization through serving internal and external customers.

From non-profits to local government agencies, manufacturing, healthcare, and financial institutions, everyone sees the value in developing employees to ensure retention, focusing workplace strategies on their people. Employee growth and engagement were key topics of discussion in the Alterity booth.

Real-Life Examples

An HR Manager who was an “HR Team of One” was tasked with launching a learning and development program for her organization. The idea of having a partner to come alongside to strategize, prioritize, launch, and manage a learning program was very appealing. Filling the gap with Alterity’s Managed Learning Services to create a training roadmap and execute the learning culture for her organization would be a big win!

Another organization had identified a gap in training for the sales staff. The onboarding and sales training was good, but they wanted to make it great! One solution discussed was utilizing Alterity+, a “Practice & Feedback” solution that complements the existing training, allowing the sales team to practice the sales pitch, product knowledge, and objections as much as they want to master the skills. The AI-driven feedback is unbiased and focuses on the key learning objectives and outcomes of the sales training requirements. A solution like Alterity+ fits well within an organization that has a program already in place but wants to take their sales or other presentation skills to the next level.

Partnering For Success

Working in the Learning & Development space, we understand the pain that many HR leaders are experiencing today: growing the skills of employees, retaining good employees, and providing effective onboarding programs that include ongoing training for all employees. With reduced staff, many HR teams are challenged to get more done with fewer resources.

Let’s partner together to look at ways to make your programs better. Whether it’s developing a comprehensive training program, enhancing employee engagement, or improving customer service, Alterity will empower you and your team to succeed.