Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.

Accessible Cybersecurity Awareness Training Reduces Your Risk of Cyberattack

If you're not teaching all of your employees proper security hygiene, you are leaving the door open to risk. Close that door by providing accessible training.

Lise Lapointe, CEO and Founder, Terranova Security

July 12, 2022

4 Min Read
Wheelchair user accessibility symbol in yellow superimposed on gray circuitboard-like tech background
Source: Carloscastilla via Alamy Stock Photo

Many studies show that companies with gender and racial diversity within their board, leadership team, and workforce are more likely to have increased profitability and greater competitive advantage. Equitable access for all employees is an important part of ensuring diversity with the organization, but companies have a long way to go when it comes to accessibility, especially for people with disabilities.

According to the World Economic Forum, businesses that include disabled people see as much of an improvement in performance as those with higher degrees of female and racial minority representation. "With 28% higher revenue, double net income, 30% higher profit margins, and strong next generation talent acquisition and retention, a disability-inclusive business strategy promises a significant return on investment," its Valuable 500 project asserts.

Within cybersecurity, security awareness training programs are an incredibly important part of preventing breaches, given most attacks use some form of social engineering. However, many such programs are not fully accessible for all employees. This increases the risk of security threats, as a swath of employees are not educated or trained to recognize security threats, properly respond, and escalate.

For many, their online experience is already challenged by language barriers. An estimated 98% of Web pages are published in just 12 languages, and more than half of them are English, yet less than half of the world's population speaks one of those 12 languages as their first language.

This is compounded by the difficulties put in the way of people with disabilities. The average website home page contains more than 50 accessibility errors. Combine that with the poor digital usage rates of individuals who need accessible content most, and you can see how a significant number of users aren't getting the information they need to keep them, as well as their employers, safe from cybersecurity threats.

Human error exposes organizations to tremendous risk, as cyber breaches are often caused by these mistakes. When companies don't prioritize accessibility in training employees, they exclude a portion of their workforce who then cannot help combat cyber threats. If your security awareness training program isn't inclusive of diverse populations and does not meet minimum accessibility standards, you are more vulnerable to attack, and those you have not trained will be your weakest spots.

What Is Accessible Security Awareness Training?

Accessible security awareness training maximizes inclusivity — or, to reverse the thinking slightly, minimizes the number of people excluded from the program. This means the training content can be viewed by individuals who prefer learning in a language not considered the main language in your city or country, and individuals living with a disability and/or who use assistive technology, such as a screen reader, to consume digital content.

Basically, the training must be designed with all users in mind. From text courses to interactive learning and overall structure, there are a lot of variables to consider. Built-in customization gives those who require an alternate learning experience the opportunity to tailor training to their specific needs. This can be as simple as a tick box that serves as an opt-in for the accessible version of your security awareness training.

7 Ways to Make Security Awareness Training More Accessible

Truly accessible security awareness training content is built from the ground up, with various measures considered early in the creative process. Here are seven tips to help make your security awareness training more accessible to all users:

  1. Write clearly and concisely for better understanding.

  2. Make training available in multiple languages.

  3. Clean up your lesson structure to make content streamlined.

  4. Carefully consider the colors and contrasts you use.

  5. Use descriptive links and alt text.

  6. If video is essential, use closed captions.

  7. Use pop-out windows to maintain interactivity.

By considering these tips when designing your security awareness training program, you are including all people within your organization, which supports a culture of vigilant employees.

We implement security awareness training to equip our employees with the best tools possible, so they can help prevent cyberattacks and breaches. We need to make sure everyone is as safe online as they possibly can be. If accessibility is not present, we are failing our employees and creating risk within our organization.

Remember to check in on your organization's security awareness training program and determine what improvements can be made. Listen to your employees and recognize their needs so that you create the best possible first line of defense against security threats.

About the Author(s)

Lise Lapointe

CEO and Founder, Terranova Security

Recognized as an innovative entrepreneur, a visionary, and a leader, Lise has dedicated the last two decades to cybersecurity and has been in technology for over 30 years. In 2001, she launched Terranova Security, one of the first companies in the world to focus on cybersecurity awareness for organizations. Subsequently, Lise authored The Human Fix to Human Risk, a cybersecurity book on how to build a strong security awareness program. In 2021, Terranova Security is celebrating 20 years of bringing cybersecurity awareness solutions to companies both large and small around the world. Today, Lise and her team are committed to ensuring the safety and success of organizations by designing security awareness programs that change behaviors and drastically reduce the human risk factor.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights