Five ways to raise security awareness

Educating staff about safe IT practices is a never-ending process — at least it is in the best organizations. But what’s the best way to do it?

E-mail pleas, memos left on desks, lunch-n-learn and intranet portals dedicated to security are some of the awareness techniques that have been tried. CSO Online has found several organizations that are taking it to the next level with some creative methods. They include

–Giving employees a challenge: Watch an educational security video to help raise money for a charitable cause. For every view of the video, the company will donate a dollar. The company created seven videos on topics including spear phishing, phone phishing, bot nets and social media threats. They were delivered monthly through emails and blogs;

–Giving staff a nudge: People sometimes forget to be restrained when writing email, so researchers are looking into an add-on that will remind them there’s a person at the other end of the message. As a user types, the tool randomly selects five people from the list of contacts who are about to see the post and it shows their profile pictures on screen;

–Giving staff a last chance: A proposed email tool will delay sending a message for 10 seconds, with a countdown timer appearing on screen. That gives writers time to think again about what’s going out;

–Make it a game: One company created an online game and accompanying Elvis-themed “Suspicious Links” video (a parody of Presley’s hit song “Suspicious Minds” ) to make employees aware of phishing scams. Those who watched the video and answered questions correctly were eligible to win an iPad Air;

–Just say Thanks: When an employee spots a very high-risk phishing scam and are one of the first people to respond, the security team sends a thank-you note and copies their supervisors, and, sometimes the CEO.

What’s worked at your organization? Let us know below.

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web