Engagement. When it comes to training, engagement is everything. Engaged users retain more of the information they learn and are better able to put it into practice. How can you tell if your users are engaged in your current cybersecurity awareness training? Easy.
- They are excited about learning.
- They put into practice what they have learned.
- They regard the knowledge as important and are more likely to share their knowledge with their peers.
- Most importantly, they take responsibility for their part in cybersecurity.
When considering your security awareness and compliance training program, can you put a checkmark next to all four of these indicators? If not, odds are you are struggling with engagement. Maybe it’s time to switch things up a bit.
Gamification training can help!
Gamified learning for security awareness and compliance has recently gained popularity as a motivational strategy. With gamification, standard training is converted into a format that resembles – you guessed it – a game. Gamified courses may utilize points, leaderboards, badges, puzzles, scenarios and timing rewards. They all share a common goal: to make training more accessible, engaging and fun while simultaneously promoting learning.
How does gamified training work?
By design, gamification training increases employee engagement because it feels more like playing than studying. In addition, because gamified training adds gaming elements to the traditional eLearning design, most users find increased interest in the content being presented. In a gamified course, users must participate more actively. Rather than just clicking through slides and answering periodic questions, they’re faced with interactive scenarios, clocks to beat, puzzles to solve, and more sophisticated navigation. While they may not be participating in a “true” game, users often find themselves caught up in the scenarios or competition while at the same time absorbing the information and mastering the behaviors embedded in the learning.
Gamification, when done correctly, will utilize common scenarios that overlap or align with the user’s daily workflow, personal life and organizational processes. Take phishing, for example. A gamified training program on phishing may mimic a user’s email inbox where they receive possible phishing attempts. By immersing the user in a real-world scenario during training, the user is able to explore, investigate and “play” without consequence. If they click on a suspicious link in the game, they are remediated to understand what went wrong.
The competitiveness that comes with gaming compels the user to “get it right” to win. This then remains in the user’s memory, so when a real phishing attempt is in front of them, they will recall what they learned, and they won’t take the bait. In a real-life situation, if the user clicks on a suspicious link, there is no “undo” button or screen that tells them what went wrong. Instead, they are faced with the devastation of enabling a breach that could be costly to the organization and the user.
Benefits of gamification in security awareness training
Gamification takes advantage of competition and rewards to motivate learners. Earning points, beating the clock or achieving a higher score than other users releases endorphins in most users, providing immediate gratification and encouraging them to continue participating. In a traditional training course, the only “reward” might be a passing score on a quiz or a certificate of completion. With gamification training, users often feel a real sense of accomplishment and even happiness after doing well on a course in competition with their peers.
Finally, both engagement and increased motivation work together to improve content retention. This is where many traditional security awareness training programs really struggle. Even if users are required to complete mandatory training, much of that content won’t make it into long-term memory. However, with gamified training, because users are more engaged with the content, proud of doing well and often motivated to replay a game to increase their score, retention is likely to be higher. If the ultimate goal of the training program is to improve organizational security, then this increase in retention plays a crucial role.
Implementing a gamified program
The most important task when considering gamification for your employee training program is to assess your company culture. Not all gamified training is created equally. Types of gamification vary widely and can be geared to different learning styles and personalities.
Consider what will best motivate your employees. Will they be excited and encouraged by speed, competition and leaderboards? Or would they be more comfortable with a lower-stakes, less competitive but more mentally challenging puzzle? What are the demographics of your organization? Are your users primarily Millennials or Gen-Xers? More than half of younger people have played games occasionally or frequently for most of their lives. They will have higher expectations for the gamification experience than their older colleagues. They’re also probably more likely to enjoy highly competitive gameplay.
The key takeaway? Do your research when you are planning your security awareness training program. Selecting the right gamification training could make a huge difference in the success of your training deployment.
Finding gamification for security awareness
Once you’ve done your research, it’s crucial to choose a security awareness training provider to support your learning strategies and help you further develop and grow your overall program. Ideally, this provider should have experience with both traditional online learning and gamification training so that they can consult with you as you decide how and when to implement games, as well as what style of gamification will best suit your organization’s needs. A qualified security awareness training provider should be able to help you decide when, how, and how much training to gamify.
Global Learning Systems has over 30 years of experience in eLearning and has helped hundreds of customers choose and deploy both traditional and gamified training content. For more information on gamification and how to choose the best training for your organization, contact us today.