Top 8 WHS resources for
Top 8 resources for meeting COVID-19 WHS obligations By Natalie Darby While many businesses have implemented a COVID-19 Safety Plan
Sustained results: Essential tips for reducing clicking on scam emails
Working with Endeavour Energy over the last three years to build cyber skills in their organisation, we’ve learnt a few things about what really gets results. Here are our essential tips for building cyber smarts.
1. Customised and contextualised content
While an off-the-shelf eLearning package can have all the essential information, if you really want to inspire behavioural change then the message needs to be personalised for your audience. An eLearning package which had specific email examples, relevant to both field and office staff at Endeavour Energy, was twice as effective as the off-the-shelf package previously used.
2. Keep it short
You don’t need a lot of time to demonstrate how to check if an email, link or attachment is safe. Using images, animations and video messages from key people across the organisation is extremely powerful. At Endeavour Energy a 30 minute eLearning was twice as effective as the 60 minute eLearning at reducing the number of scam emails clicked. Since then annual 15 – 20 minute eLearning packages have been sufficient to sustain a low scam email click through rate.
At Endeavour Energy a 30 minute eLearning was twice as effective as the 60 minute eLearning at reducing the number of scam emails clicked.
3. What you CAN do is as important as what you CAN’T
Instead of always focusing on what people should not do, it is important to focus on what they should be doing. An ‘Acceptable Use’ of technology animation can really support smart behaviours and encourage technology use in those who are not ‘digital natives’. We need staff to embrace the advantages of technology and use it efficiently. We don’t want a falsely low click through rate because people are avoiding use of technology out of fear. At Endeavour Energy the low rate of clicking on scam emails has been sustained even while the use of technology has increased.
4. Build upon skills
It is important to build upon skills and not try to tackle everything at once, or repeat yourself time and again. Use data from the cyber security team on the real risks are and where people are tripping up, to keep the information current without being too repetitive. The same philosophy can be applied to the use of passwords, passphrases, biometrics and two-factor authentication for protecting information. Find out where your organisation is at. Then expose staff to what is relevant. Build upon what they’ve learnt in previous years and fill current skills gaps.
5. Regular and consistent communication
Link your eLearning to ongoing communications campaigns which reinforce key concepts and messages. We use the S.C.A.M. acronym in the eLearning and then use it to explain current threats. For example, when COVID-19 scams were prevalent an email advising staff could be sent in the following way:
- Be Sceptical / Suspicious: if you see an email prompting you to act out of fear or urgency in relation to COVID-19
- Check the email is from a reliable source by looking at the domain name (.gov.au or nsw.gov.au) and check for a padlock symbol on a website before providing information.
- Act Smart / Savvy by deleting and reporting suspicious looking emails.
- Manage: If you do think you’ve may have become a victim, disconnect from the network and report the situation immediately to the Help Desk.
For more information see our case study.
How to get quality eLearning
How to get quality eLearning With the way we work changing so drastically over the last 12 months, more and
How much should you pay
How much should you pay for eLearning? By Natalie Darby As an instructional designer and eLearning developer for the last
Essential tips for reducing clicking
Sustained results: Essential tips for reducing clicking on scam emails Working with Endeavour Energy over the last three years to
Cyber Strategy 2020 for Non-Techies
Cyber Strategy 2020 for Non-Techies By Natalie Darby Cyber Security is one of the biggest risks facing Australian businesses right now. It