Curated Content | Thought Leadership | Technology News

Search
Close this search box.

Sign In

Curated Content | Thought Leadership | Technology News

Storytelling: The Most Effective Approach for Phishing Training?

Peer-to-peer lessons.
Kelsey Brandt
Kelsey Brandt
Contributing Writer

Companies have spent millions of dollars on cybersecurity training for employees, yet phishing attacks continue to fool many people. While standard training can often utilize fear tactics and strict rules that fail to truly change behaviors. A peer-to-peer, story-based approach to phishing education might be the key to long-term behavior changes.

Research shows that when employees share cautionary tales about peers falling for phishing scams, people absorb the lessons more deeply. Hearing the details of how a friend or colleague had their information compromised leads people to envision themselves in that situation and take action to avoid repeating the same mistakes. Furthermore, storytelling spreads organically as listeners repeat impactful anecdotes to their own networks.

Why it matters: Rather than top-down rules from intimidating experts, funny or embarrassing stories from relatable co-workers have great power to change attitudes and actions regarding cybersecurity. Peer-to-peer storytelling can improve cyber vigilance organically and effectively.

  • The problem with cybersecurity training is that traditional methods often rely too much on fear appeals, strict policies, and phishing simulations that breed stress and cynicism rather than genuine behavioral change.
  • Leaders should recognize and enable a more grassroots, organic approach: peer storytelling. Research shows that when employees share personal tales of falling for or narrowly avoiding phishing scams, lessons resonate far more deeply.
  • Unlike lectures from intimidating experts, funny anecdotes or cautionary stories from relatable co-workers tap into innate human qualities of narrative learning and social bonding.
  • By identifying respected “security champions” to openly tell their own embarrassing or eye-opening experiences, companies can spur natural, casual dialogue on cyber vigilance. Stories with clear cautions that prompt reflection on potential personal consequences are most impactful.

Go Deeper –> The Power of Storytelling in Cybersecurity Training – The Wall Street Journal

Save

Save

Sign in to comment

×
You have free article(s) left this month courtesy of CIO Partners.

About TNCR

Manage My Account

Sign In

Profile

Saved Articles

Explore TNCR

STAY IN TOUCH

NationalCIOReview.com Copyright (c) 2024 All Rights Reserved.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Unlimited Access

Digital Annual

$10.00/ month

Billed Annually

Unlimited Access

Learn More

In the Game of Thrones, Where Do You Sit?
In the Game of Thrones, Where Do You Sit?
As technology becomes a central role to business, so does the CIO.

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters