Don’t underestimate how much human psychology comes into play when talking about training and awareness, this for me comes down to three principles: Relevant - make sure the training being completed is what is relevant to an individuals role. Concise - keep the training that is done focused on one aspect at time Quick - psychology tells you 5-10 minute chunks are shown to improve retention, so keep it that brief Ultimately, the current model for applying generic, every topic covered 40 minute training pieces is not going to work for anyone. If this is the model you’re following, go ask your staff to be honest about how much attention they paid. The answer will hurt.

There are following approaches Regular Refresher Courses:Schedule periodic refresher sessions. 2. Interactive Learning Incorporate quizzes, simulations, and interactive activity ieexample, phishing simulation exercises can help employees recognize and respond to potential threats. 3. Pilot testing employees understand the practical implications of their actions. 4. Accessible Resources:Provide easy access to training materials, guides, and resources. 5. Ongoing Communication:Keep the conversation about security alive through regular newsletters, emails, and team meetings. H 6. Recognition and Rewards Acknowledge and reward employees who demonstrate good security practices. 7. Set Clear Boundaries

Below strategies have worked for my team: 1. Gamified learning and simulations- Keep the audience engaged and invested in the learning. 2. Periodic reminders through mails- Serve as a refresher for the concepts learned. 3. Checklists and templates- Ensure good practices are followed before finalizing deliverables. 4. Positive reinforcement- Rewards or tokens of appreciation provide further motivation to retain the learnings.

セキュリティポリシーは定期的に見直しが必要です。その後、ウェビナーを実施して学習プロセスを深めます。検証を行い、改善に努める必要があります。人間の倫理が試されます。セキュリティは技術的な問題というよりも倫理的な問題であり、情報資産の情報漏洩は倫理的な問題から発生します。ソーシャルエンジニアリングの問題はこれに該当します。さらに、CEH認定資格やCISSP認定資格を取得してもらうことで、意識を高めていきます。

In my opinion, the following steps will be fruitful: 1. While a good simulation is undoubtedly helpful, conducting a test simulation a few weeks after training will help determine if participants retained the information and can apply it effectively. 2. Awareness or learning exams can also play a vital role. Consider conducting regular awareness checks with proper marking for team members. To encourage participation, set rewards, bonuses, or tokens of appreciation, and make these exams a mandatory part of their growth and development. For those who fail, repeat the exam until they achieve success.