Skip to main content

Embedding Workforce Exercising:Top Tips

There are several things to consider to effectively embed Workforce Exercising within your organization, including:

  • Buy-in

Do you have the buy-in that you need across all levels/areas of the organization to enable success? Ensuring buy-in from the very top is more likely to lead to successful outcomes.

  • Mandatory or voluntary

Do you want participation / completion of scenarios and labs to be mandatory or voluntary? This will likely depend on how motivated people are to engage with security-related training in your organization.

  • Incentives

Do you want to provide additional incentives for participation or facilitate any off-platform gamification? Would any additional incentives be social, material or built into business processes?

  • Barriers

Have you identified and addressed any potential barriers to engagement by allocating time for people to participate, making people aware of why you are using Immersive Labs and how it can help them, and ensuring they can easily access it in their work environment?

  • Off-platform engagement

Are you planning to link to or promote Workforce Exercising within any off-platform interventions (e.g., internal marketing campaigns)? This may include communications across the online, physical, and social environments.

Roll-out Plan

To get the most out of Workforce Exercising, we recommend that you create a roll-out plan that encompasses:

  • Potential cross-area/cross-team collaboration, incorporating security risk management, threat intelligence, and learning and development colleagues to ensure your plan addresses the areas that you need it to.
  • Senior-level communications and engagement are filtered across the organization to promote buy-in where needed and ensure engagement with content when it is released.
  • Consideration of timelines alongside other business priorities to ensure that teams will likely have the time and resources needed to support the roll-out and that everyone will have sufficient time and focus on participating. Avoid known busy periods in your organization.
  • Wider strategic campaign planning, including additional activities related to specific risk areas that you plan to undertake concurrently or wider internal and external events with which you plan to link. Ideally, your plan should be mapped throughout the year, including the topics you want to focus on and when, how, and why.

Positively encourage engagement with Workforce Exercising, using outcomes and data in a way that contributes to a positive security culture.

You can read more about developing a positive security culture in our blog:

How to build a positive security culture in 3 steps

 

Key Takeaways
  • We recommend using Workforce Exercising to help build a positive security culture, promoting engagement and participation by encouraging buy-in and reducing barriers within your organization.
  • To get the most out of Workforce Exercising, we recommend developing a roll-out plan incorporating wider strategic communications and campaign planning alongside security risk management. 
  • Make sure that you focus on the outcomes you want throughout your Workforce Exercising journey and map out the what, when, why, how, and who of what you are doing to get there.
  

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Related articles