Make Your Program Relevant
“Like a good neighbor…”
“Maybe she’s born with it…”
“What can brown…”
I bet you were able to fill in at least one of the blanks above. What do they have in common? They’re taglines of famous brands with hyper consistent messaging that reinforce their key value propositions. If you’re designing a security awareness program, consistency in message is just as important to garner the desired results. What message is going to resonate with your specific company culture? Figure out some potential themes and once you get buy-in - weave that message throughout your program.
Make Sure Your Stakeholders Agree to the Message, and the Fine Details
Security awareness training is rarely done in a silo. In most organizations, several groups work together to create a harmonious, ongoing program:
- Security
- IT
- Incident Response or Helpdesk
- Human Resources
- Corporate Marketing/Internal Communications
- Executive Staff
Ensuring your stakeholders are bought into the program’s messages is key to ongoing success and keeping your program running smoothly.
Some departments may ask to review the content being sent to users beforehand. If they do have change requests, being able to tailor the content is important to satisfy stakeholders and ensure the program launches successfully. Executive-level satisfaction is even more important to not jeopardize a continued investment in security awareness training. If you even think some content is going to potentially raise flags, it’s better to pass it by executives ahead of time.
Deliver your Message Consistently to Users
As administrators can quickly learn, there are significant pitfalls if users receive conflicting messages in their awareness program. Even if it’s one word in an email or an image in training, the smallest misstep can cause user complaints. Addressing these user complaints wastes valuable administrative time, but even worse these complaints can undermine a program’s messages and provide conflicting guidance.
Your Security Awareness Customization Checklist
If you’re transitioning from a home-grown security awareness program to one from a vendor customization is a valid concern. After being able to fine tune every assessment, training, and communication internally, handing over the keys to a vendor with an out-of-the-box solution can give teams pause, for a lot of good reasons.
To keep your common thread and provide true, customized security awareness training, you should look for a solution that can offer customization across the platform and in all communications with your end users:
- Simulated phishing, USB, & SMS templates, as well as the associated landing pages
- Knowledge assessments (including questions contained within)
- Training content: Text, images, screens, and questions
- Notifications to users (assignment reminders, past due, etc.)
- Security Awareness Materials like posters, infographics, newsletters, and more
- Reporting to key stakeholders
The final consideration should be cost. Not every solution will offer customization for free, so factor this into your ongoing program costs. Not only is everything above customizable, but it requires no statements of work or interface with us. All customization is self-service for customers and included in all of our packages.
Moving the Industry Forward
Our Customization Center continues to expand capabilities including all the elements listed above, with its unique Learning Science Evaluator which provides guidance on personalized content to maintain efficacy. Our upcoming Module Updater gives administrators greater control of how updates from Proofpoint are applied to their customized content.
And access to Customization Center is included as part of the platform, meaning that administrators can make any edits in a self-service manner, without increasing the price of the solution.
Request a demo today to see Customization Center and other customization capabilities for Proofpoint Security Awareness Training.
Subscribe to the Proofpoint Blog