PREDICTIVE intelligence
attack , EY research indicates that Gen Z workers increasingly consider themselves knowledgeable about cybersecurity ( 86 % vs . 75 % in 2022 ), pointing to opportunities to better equip younger workers to turn this knowledge into confidence by investing in upskilling and training that caters to their unique experience as true digital natives .
Cultivating a culture of cyber confidence
The rapidly evolving nature of AI has made it essential for organisations to adapt training protocols regularly and remain committed to providing frequent , up-to-date training that addresses the latest AI-driven threats and cybercrime trends . A vast majority of employees ( 91 %) say organisations should regularly update their training to keep pace with AI , especially as AI ’ s role evolves in cyberthreats ; but only 62 % say their employer has made educating employees about responsible AI usage a priority .
“ Cybersecurity training and attention from leaders across the C-suite contributes to the development of a strong security posture within an organisation ,” said Dan Mellen , EY Americas Consulting Cybersecurity Chief Technology Officer . “ When security practices are ingrained in the company culture , employees are more likely to prioritise security in their day-to-day activities and proactively report potential security incidents .”
The EY Cybersecurity team advises C-suite and senior business leaders to incorporate the following leading practices in their cyber agenda to cultivate a strong and confident security culture within their organisation :
• Build robust training exercises that are reinforced all year-round . EY US research finds employees who are ‘ rusty ’ on cybersecurity training are most fearful of using technology at work . Conversely , 94 % of employees who received training within the past year say cybersecurity is a priority to them .
• Drive employee engagement with gamification . Leaderboards and multiplayer features in gamified training programmes encourage healthy competition among employees , driving them to perform better . Gamification is particularly effective for antisocial engineering campaigns if it addresses the natural human curiosity that often leaves employees vulnerable .
• Partner , don ’ t police . Organisations testing their employees to see if they handle cybersecurity threats appropriately can inadvertently turn cybertraining into a ‘ gotcha ’ moment . Position cybersecurity protocols as working in partnership with their employees , not as police , by embracing a ‘ see something , say something ’ policy instead . Make the process for reporting potential attacks and vulnerabilities simple enough that workers across all generations can seamlessly integrate it into their day-to-day lives .
• Incorporate hands-on AI training protocols . Including protocols that incorporate hands-on training for the use of AI in the workplace offers employees exposure to
34 WWW . INTELLIGENTCISO . COM