How to Sell Security Awareness to Your Stakeholders

We all know members of staff who grumble at anything outside of their immediate job remit. But because of legislation and the increasingly threatening nature of modern cyber-security, being security-aware is part of the role of a healthcare worker. All of us have the duty of caring for patient data. So how do we engage staff in the process of security awareness?

Security awareness training packages, if done well, will be configured to engage staff—engagement results in better understanding. Security can be a dry area, difficult to drum up interest in. However, well-designed security awareness training packages like AwareEd can be configured to work within the context of your organization to create tailored training campaigns—specific to your needs.

One of the ways that you can make sure that your team is benefiting from the sessions is to make the training interactive and unobtrusive. People can get irritated when their workday is interrupted, so offering ‘security over lunch’ or “brown-bag training”, which is an informal and less intrusive way of learning about security, can be highly effective. Another area that helps to focus training and make it highly relevant is to tailor the training campaigns to a person’s role in the organization.

Keeping security relevant and making it part of the normal program of workplace on boarding and training in your organization, will make it an easier all-round sell to your extended team.

Ultimately, security threats need to be accepted as a serious issue across healthcare. This means engagement across your organization: from your top-level management, across all major departments, and ultimately by the people who will be trained – your workers. Bringing them onboard with the message that, understanding how cyber security is a threat, how that threat works, and how to mitigate that threat as an individual, will benefit both themselves and the organization as a whole, is a fundamental message.