Security Awareness

5 Reasons You Shouldn’t Use Curricula for Security Awareness Training

Julie Morrison

Curricula is known for being one of the easiest security awareness training platforms to manage, using fun stories instead of fear tactics to enlighten employees on the importance of cyber security. However, we understand that’s not everyone’s style. So we thought we’d help you figure out if you’re the right fit.

If you agree with any of the statements below then you should definitely not use Curricula:

1. It’s better to use boring content

Do you or your employees find cyber security boring? Do you think it’s effective to teach your employees using repetitive videos and dull presentations? Do you want your employees to not have fun at work and go home regretting their entire career choice?

At Curricula we draw the line here. We understand that security isn’t the most exciting topic and can’t expect everyone to be interested in it. Because of this, we think it’s especially crucial to provide your employees with engaging content that they’ll actually pay attention to and enjoy.

It’s kind of like the thought of waiting in a long line until you find out you’re waiting in line for a rollercoaster. Once you experience the fun of a roller coaster you’d be willing to wait in lines over and over. We view security awareness training similarly.

Using a story-based learning experience opens a whole new mindset for what security awareness training can look like. This behavioral science approach to learning allows your employees to connect with the heroes, villains, and stories that make up the world of Curricula and prove that you care about their method of training.

Rather than just ‘checking a box’ think about if your employees will learn or retain anything from your current training strategy. So it’s time to stop killing your employees with ‘death by PowerPoint,’ because it’s not helping you or your organization’s security awareness.

2. I like clunky admin consoles and complicated billing

If nothing makes you happier than scouring through support articles, long conversations with aggressive salespeople, and LOTS of awkwardly placed buttons, then Curricula is not for you.

The solution is simple. Literally, our platform is simple. From our self-serve pricing plans to the moment you sign up, it only takes a few clicks to get your security awareness training up and running for your entire organization. We pride ourselves on being product-lead and encourage the ability to be self-sufficient.

Did we also mention integrated directory syncing, automated employee reminders, and no forced demos or awkward billing calls? However, if you have time to kill and want to spend countless hours fiddling around with a complex interface, these things may not be a priority.

And if you need to contact someone, we have a team of security awareness training advisors standing by to help support you if you need it. All of our advisors and support staff are extremely dedicated, friendly, and always happy to chat. You might even make a new friend rather than an enemy.

3. I want my employees to be more scared of me than hackers

There’s a stereotype that anyone in charge of IT security has to be the Toby from The Office, but it’s time to put an end to it. Your employees should look to you as a coach rather than an enemy, someone who is there to support, not punish.

Using fear tactics to train your employee does more harm than good to your security awareness training. It can evoke negative emotions such as annoyance or anger and disrupt the open line of communication between you and your employees. If an actual cyber breach or attack happens would your employee be too scared to tell you?

If you can’t confidently answer “no”, then something needs to change.

With Curricula, we use DeeDee (our infamous AI hacker) to put a face to the phishing simulated attacks. And more importantly, a face that isn’t yours. DeeDee helps to gamify the entire process and encourages everyone in the organization to work together to beat her.

Here are a few ideas of how to get your employees to not hate cyber security, and actually even embrace it!

  • Incentivize people who succeed at phishing tests, rather than punish those who fail
  • Invest in fun training that employees enjoy
  • Build a security culture

4. I want to make training more like a chore

Do you want your employees to view completing security awareness training the same as doing the dishes? Thinking “it has to be done, but I don’t have to care and I’ll complain the whole way through.”

This is a common problem we see when organizations get to compliance-driven and rush the training process regardless of results. If there’s a lack of care from management, there will be a lack of care from its employees.

When security awareness training becomes a chore, people will want to push it off as long as humanly possible. Like a child waiting until every inch of their bedroom floor is covered and has run out of clothes before they clean it up. So unless you’ve adopted all of your employees, you never signed up to be a nagging parent.

With a culture of security and fun training, we don’t think it should be a chore. We aim to end this miserable routine and make cyber security awareness training no longer something to dread, but rather look forward to.

5. I like confusing my employees

Algebra, how the pyramids were built, and the flavor ‘blue raspberry’ all have one thing in common — they’re confusing. So why would you want your employees to view security awareness training in the same way?

We can assume most of your employees are not cyber security experts. Meaning if you throw excessive technical jargon at them, it won’t go over well. Just as a chef breaks down each step in a recipe. With enough practice and training, you’d be able to make it yourself.

Using the same analogy, if you’re taught how to make a three-course meal of soufflé, beef Wellington and macaroons, then a year later if asked to replicate it, exactly how good do you think that’ll taste? From the wise words of Gordon Ramsey “pass the sick bag”. Inconsistent and annual training is not the way to educate employee’s on your cyber security policies and best practices.

In addition to comprehensible and consistent content, the infrastructure needs to also be straightforward. Ditching the ‘clunk,’ for an effortless employee user experience will minimize any confusion and extra time on your part.

Don’t agree?

We can’t stress enough that if you agree with any of the five statements above, Curricula is probably not for you. If so, we just suggest you invest in a lot of coffee and Advil. You’re gonna need it.

If you’re searching for a simple to use, effective security awareness training program with fun content that your employees will love, you’ve come to the right place.

Just remember it’s not a bad thing to teach your employees using fun tactics, rather than fear tactics. So we are officially promoting you to CFO, Chief Fun Officer!

Ready to watch an Episode?

Try it out for free.

© 2021 Curricula Group, Inc. All rights reserved.