A lot of time and effort is spenting trying to create the perfect information security or governance training package to educate staff. This time is often wasted.
Training all too often includes standard key messages, such as:
- Watch out for dodgy emails that might contain a virus
- Do not share sensitive or confidential information with 3rd parties
- Do not install software without checking with ICT
- Report incidents to managers
- And so on
Then staff are dragged away from their work to attend mandatory workshops or required to click on seemingly endless elearning modules.
Stop wasting everyone’s time!