<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=426345&amp;fmt=gif https://dc.ads.linkedin.com/collect/?pid=426345&amp;fmt=gif ">
blog-header.jpg

IT and Copier Talk Your Business Can Rely On

Cybersecurity Training Tip – Why Explain Why

Posted by Monique Phalen | Sep 20, 2017, 11:59:45 AM

When it comes to security, explaining the “why” can lead to improved network security results.

“Because I said so.”

How often did your parents answer one of your questions with that statement?

Infuriating, wasn't it?

While I'm older and can understand how frustrated and annoyed parents get at the repeated questioning of their decision, explaining why would usually work well with getting me to do whatever it is they wanted me to do (at least sometimes).

In our professional lives, it's very much the same.

No one likes to be told “because I said so” as an adult – even if that someone is paying your salary.

I don't know about you, but I perform better when I know WHY I'm doing something.

When it comes to security, explaining “why” can lead to improved security results.

How are your employees supposed to take security issues seriously if you don't explain to them:

  1. How serious and important information security is
  2. How important a role they play in keeping information secure

Why, Not Just How

If you've ever been around a three-year old, you know “why” is a popular question. It could also hold the key to successful IT (and information security) training.

We've all been in training that showed us what to do and what not to do. Click this. Don't click that. That's the majority of current IT training.

However, research shows that “mindful” training – answering “why” –  lead to fewer clicks on phishing emails. A joint university study, Technology Use: Conceptual and Operational Definitions, is the source of this insight. You can read more details here.

Sharing with users why being impatient and clicking on phishing emails can hurt your business was more effective than just showing users how to identify a phishing email and being told not to click on one.

When training, think about combining both approaches and don't be afraid to explain to users and employees why they need to do something a certain way.

Even WITH great security infrastructure, your employees could cause a breach [free eBook]

Topics: Security, Data Backup, Resources & Training, Managed IT Services

Written by Monique Phalen

Mo is the resident IT go-to lady at AIS. She has traveled the world, run a marathon, is a self-proclaimed crossword champion, and can do ventriloquism. She has an uncanny memory ....down to the detail. She has completed 4 half marathons and hates running. In her free time, she likes to spend time with her 7 siblings and 20 nieces and nephews.

Leave a Comment