We often talk about the importance of awareness training to improve your organisation’s cybersecurity. While that is an important message, there can still be many things to consider, including ways to deliver your training. In this blog post, I will discuss ways of training your team: the traditional (classroom) approach and with e-learning. This could serve as a guide to decide which combination works best for you.
We all know what traditional learning is, as we all remember our younger selves sitting in the classroom, learning history or mathematics from the teacher. When training your team this way, the instructor gives several sessions where the learnings must be physically present in the same room. The content is transmitted verbally by the instructor and is often supported by PowerPoint presentations or videos.
Despite what many may think, e-learning is not just the same lectures taught in an online environment; it is more about using various technology and web-based tools to provide training and support learning.
Specifically, it could mean a combination of short readings, videos, and interactive tools (e.g. a quiz, game, or support forum), that are all hosted on an online platform.
It depends! Both forms of learning have their pros and cons and can be used effectively in the right context.
For traditional learning, the main benefits centre around the fact that your team and the instructor must physically come together during a predefined time slot.
First of all, this means everybody must take 1 or 2 hours out of their day to dedicate those hours to learning. This ensures that distractions are minimised and that you have their full attention.
Secondly, it fosters personal interactions and discussion with the instructor and among the learners. By all engaging with the learning content together as a group, your colleagues may learn as much from each other as they do from the instructor. This allows for asking questions directly to an ‘expert’ and immediately clarifying any uncertainties the learner might have.
Of course, traditional learning also has some downsides.
For one, it could prove to be very difficult to schedule these physical sessions. Many people have busy calendars, so finding 1 or 2 hours where the entire team are available would be quite the challenge. This does not even include the organisational, setup, and travel time.
Additionally, the number of learners may be too large, or they might be geographically separated. This requires the instructor to hold the same training several times for different groups, which could lead to a sharp increase in costs. Bringing in external experts is often costly and having to hold the same session multiple times could add up.
Lastly, when it comes to the group discussions, it usually turns into one long monologue from the instructor without much student interaction. In other words, the learning quality is very dependant both on the instructor’s mood and behaviour, as well as on the willingness of the learners to actively engage. Many people also struggle to maintain focus for longer classroom sessions.
Many of the disadvantages of traditional learning are directly countered by the main advantage of e-learning: flexibility.
Learners have access to a variety of online tools and resources and can access these at the time and place of their choosing. The learning content is often split up in smaller chunks, which allows the learner to progress at their own pace, depending on their schedules.
Through eye-catching graphics and interactive tools like quizzes, or simulations, it is also easier to motivate learners and maintain their attention. This means that your team would be engaging with the learning content on a more continual basis over a longer period, which improves long-term knowledge retention and leads to a deeper understanding of the material.
Additionally, the learning contents can often be viewed and reviewed as many times as desired, allowing the learner to refresh their memory when necessary.
Lastly, for larger organisations, e-learning is significantly more cost-effective. One e-learning platform can be used to train the entire organisation, often with easy integration of multiple languages.
Just like traditional learning, e-learning also has some drawbacks.
First, with e-learning, there is no instructor, thus no central authority figure or expert to consult when a learner has questions. The lack of an instructor also means the e-learning course needs to be designed and formatted in the right way so that learners can progress through the courses on their own without instructor guidance.
Secondly, the learner learns on their own, so the training may lack interactive discussions. There are of course e-learning platforms with discussion boards or forums, but some people would argue this is not the same as having face-to-face discussions. It is also hard to measure the effect of e-learning. You can read more about measuring awareness-training here.
The kind of training to choose depends on the specific context and needs in your organisation and on the topic of the specific training.
Nevertheless, a relatively easy conclusion to make is that a blended learning approach, i.e. a combination of classroom and e-learning, would be a safe choice in most situations.
By using e-learning, the training material can easily be pushed to most of your co-workers in the most cost-effective way. By pushing new content to the platform periodically, you ensure that everyone continually engages with the learning content and it gets ingrained in your team’s mindset on the long term.
E-learning would then be the training standard which can occasionally be supplemented by physical training sessions. These would provide another way for you team to engage with the content they’ve been learning over the past few months.
Everyone would get a chance to ask questions and clarify uncertainties. These sessions could also be more practically oriented – putting everything that’s been learned on the platform into practice through e.g. some interactive exercises or role-playing situations.
Using such an approach provides a very high chance for achieving the learning goals in your organisation.
Having given a short overview of traditional learning and e-learning, let’s now briefly talk about awareness training. After all, that is what we’re all about at CyberPilot.
With awareness training, the main goal is – you guessed it – creating and maintaining awareness. In other words, it doesn’t exactly require a super deep understanding of the subject matter. Your co-workers should simply be aware of the different risks out there and how to deal with them.
Therefore, using an e-learning solution is a good approach awareness training. Frequent and small chunks of knowledge that are distributed will ensure your team’s awareness is continuously kept up to date. This way, they will always be able to deal with those cyber threats.
Additionally, as you can read in some of our blog posts about security awareness, this awareness must become part of the culture of your organisation. This is another reason why e-learning is such a great tool for achieving strong security awareness. By letting your team continually engage with fresh learning content about how to recognise phishing emails, how to set up good passwords, how to handle data safely and securely, etc., you ensure that they internalise these good habits in the long term.
Finally, integrating some traditional learning elements of course wouldn’t hurt. For example, combining the e-learning with occasional practical sessions, like a phishing simulation, ensures your co-workers can act on their awareness in real life and know what the threats look like.
By doing this, you are almost guaranteed to make great progress in the journey towards a strong IT security culture in your organisation.
Join our 2000+ subscribers and sign up for our newsletter. You will receive inspiration, tools and stories about good cyber security practice directly in your inbox. Our newsletter is sent out approximately once a month.