Why does cybersecurity need an “awareness month”?

  • Because we all know we’re probably not doing it right as often as we should
  • Because when was the last time you actually updated all your passwords?
  • And remember that email you opened the other day and you clicked that link but then you were pretty sure it was actually spam but, you know, what can you really do about it, so then you just tried to stop thinking about it a few minutes later? (that kind of attack is called, phishing, which is just one kind of social engineering attack, by the way)
  • Because cybercrime results in over $10 billion of loss and damages every year and is growing exponentially. But people find it hard to think about and hate hearing about it or imagining it happening to them.
  • Because the phrase “cybersecurity training” probably makes you want to bang your head against a wall

Cybersecurity for most of us is at best boring and at worst anxiety provoking. And ultimately ineffective either way.

No items found.

At its core, why does cybersecurity need an awareness month?

Because cybersecurity messaging and communication needs an overhaul.

You’ve probably done cybersecurity training in your workplace as one of an innumerable number of forgetful and tedious other trainings—even if the material in each was actually important. If you remember it at all, you likely saw a low production value video of a shady room with some obviously out-of-date computer equipment and some shadowy figures hunkered over it, clearly doing nefarious things.

Brands spend so much time, effort, and of course, money, honing brand personality and voice, telling a story in pursuit of increasing awareness and sales. The value of doing the same for something as critical as cybersecurity is deeply underappreciated. It grows brand equity, both internally and externally. Most importantly, it builds trust.

We have an ongoing partnership with Cisco’s Security and Trust Organization, including the blockbuster Keep Cisco Safe campaign, one of Cisco’s most successful internal communications campaigns to date. As the world’s leading networking company, Cisco’s approach to cybersecurity has to be world-class and forward thinking. As such, it has overhauled its approach to cybersecurity training with our help, rethinking strategic internal workforce communication from the ground up. That began with the monsters that represent online threats. Recently we’ve worked together to expand it even more.

No items found.
No items found.

Cisco’s Security and Trust Organization asked us to help them create their newest mandatory cybersecurity training (see cliches to be avoided above). With the success of the monsters still remembered across the organization, the bar for something excellent was high. Truly groundbreaking, entertaining, and deeply informative. Simple information delivery isn’t enough. Nor should we settle for it! Because the fact of the matter is, learning and habits are intertwined with narrative and story. In order to change behavior, we need to push people to rethink their established thinking and evolve their routines and habits. Oftentimes complex subjects are best expressed, and changes of behavior effected, through story.

So, drawing on our longstanding creative relationship and a deep well of trust, we worked with Cisco to take an attempted breach from 2022 and turn it into something powerful. Working with creative postproduction partners Animal Farm, we conducted and filmed candid, gripping interviews with key figures on Cisco’s security team. Those interviews created the basis for a dramatic, true-crime-documentary style video that conveys the urgency of taking cybersecurity seriously, using a real-life event in an entertaining but eye-opening and informative, way.

Cybersecurity training, usually focused on vague and abstract threats that could happen, became so much more tangible and real with something that did happen.

But that was just a start. We cut that down to an even more intense, edge-of-your-seat, sixty second trailer and built anticipation in the weeks leading up to the release of the creatively-styled training that would be mandatory across Cisco. Our own hearts were pumping when we saw the results. One minute of fast cuts, hyped storyline, and, most importantly, anticipation. Perhaps for the first time in cybersecurity training history, employees weren’t dreading it. They were excited about it. Reviews started coming in immediately:

  • “It was getting intense, so I paused the video so I could get a bowl of popcorn, then resumed watching.”
  • “I’ve never seen anything like this. It’s not mandatory security awareness training. It’s cinematic. Can I get a movie poster??”
  • And most importantly: “Folks are going to learn—don’t care how technical you are—and it will change the way people think about their work passwords and MFA.”

Partners GP Strategies helped complete the experience with a tailored and strategically positioned quiz after watching the video, the development of which we managed.

No items found.
No items found.

Cybersecurity matters a lot. Cybersecurity awareness in the contemporary, connected, computer-driven world is crucial. The same old tired tropes and administrative, check-the-boxes approach to raising awareness about the incredibly high stakes of cybersecurity haven’t worked and won’t work.

Communicating clearly about cybersecurity and training effectively around cybersecurity isn’t just an IT issue. It’s a critical brand issue and an opportunity—that should be viewed as a necessity—to communicate well and efficaciously to build trust, internally and externally.

The paradigm needs to be rethought completely. We’re proud of our work with Cisco. We’re thrilled to work with them to confront the status-quo of cybersecurity communication and training. Cisco’s openness and creativity in tackles what is, truly, one of the most important and biggest challenges confronting brands, and the world at large, today. And we relished the opportunity to do what we love and do best: help our clients convey complex messages intuitively and powerfully and rethink what can be done with compelling design and brand communication.

No items found.
No items found.