Select Page

Some people love to take a risk. So shouldn’t we be tailoring security awareness training?

CYBSAFE-SebDB Webinar-preblog-221011MS-36

18 April 2019

 

 

As you may already be aware, most people prefer to avoid taking risks.

In fact, most people prefer to avoid taking risks so much that they fail to do so even when taking the risk makes complete and total sense.

This isn’t just CybSafe opinion. The typical human fear of risk has been noted and demonstrated in countless studies by numerous lauded academics since at least as far back as 1738. But, if you still need proof, which of the following appeals most to you?

The prospect of being giving £100 on the spot.

Or the prospect of winning £205 if a coin toss lands on heads… but getting nothing if the coin toss lands on tails.

Why most people prefer to avoid taking risks

 

In the above thought experiment, as you’ve already worked out, the risk makes statistical sense.

(The expected gain of the gamble is 50% of £205, which is £102.50; slightly more than simply being given £100.)

But statistics are no match for the gut-wrenching unease a risk can provoke. Risks are uncertain, and make the future impossible to predict. They can cause our minds to whirr and panic to set in. Ask enough people and it soon becomes clear that the risk-free option is the most popular choice.

Most people prefer to avoid taking risks. But don’t go getting too comfortable. Because if most people prefer to avoid taking risks…

What does that say about the minority?

 

Should security awareness training vary?

 

Given the fact that attitudes towards risk differ from person to person, it’s quite remarkable to think that traditional security awareness training is uniform.

With traditional security awareness training, the same people are served the same, compliance-based content no matter what. Fine. On one end of the spectrum, a story about the dangers of public Wi-Fi might convince risk-averse people to use a VPN.

But on the other end of the spectrum you have people who quite enjoy a small amount of risk.

Is the story really going to change the way risk-lovers behave?

 

 

Tailoring awareness training with AI

 

As our attitudes to risk are individual, security awareness training must be tailored. In a big organisation, proving tailor-made security awareness training is a very big ask.

Could AI and machine learning lend a hand?

At CybSafe, we’ve introduced AI-machine learning to our unified cyber awareness platform for a few reasons.

CybSafe’s AI-machine learning monitors individual security knowledge, individual security habits and individual security attitudes. Importantly, the innovation then tailors security awareness training in response. Those happy to shoulder risk might require additional training. If that’s the case, CybSafe picks it up and automatically offers supplements in response.

If recent history tells us anything, it’s that traditional, tick-box security awareness training isn’t doing all that much to reduce cyber risk.

By tailoring security awareness training based on individual requirements, organisations can dramatically, meaningfully and demonstrably reduce their cyber risk.

Behave Hub newsletter CybSafe

Do one more thing right today. Subscribe to the Behave newsletter

You may also like

Maximizing security awareness engagement: How the pros do it

Maximizing security awareness engagement: How the pros do it

Ditch mandatory training, starting riiiight…now!Want to boost security awareness? Talk about something else entirelyGet serious about funThe top mic-drop insights from our Cybersecurity Awareness Month engagement webinar We know people whose organizations make a big deal of CAM are much more...