- CISO Guides
- 13 min read
Our attention spans and working models have changed forever. Your cybersecurity awareness training must reflect this! As we move away from traditional training styles, microlearning offers the best opportunity for knowledge retention and recall.
Did you know the microlearning journey actually began in the 1800s? Psychologist Hermann Ebbinghaus conducted a self-study on learning and retention. He found that when he studied traditionally, only 20% of the information learned was retained four weeks later. When Ebbinghaus switched to microlearning, his retention levels increased to 80/90%! More current research reveals that people are more likely to retain information when it is presented in a shorter format of three to 10 minutes long.
With microlearning, one potential goal is to substitute long and tedious study sessions with short bursts of learning and development to improve knowledge retention. However, the best solution is to use microlearning in tandem with more concentrated study sessions to refresh key knowledge points and learning objectives.
A holistic, skills-based approach that incorporates short-sessions as well as engaging long-form learning is essential for improving your workforce’s security awareness. This is particularly important as ArcticWolf data from 2021 reveals that cyberattack rates are growing at 20% a year and are not only affecting businesses, but supply chains, customers, and partners.
Microlearning also avoids days being taken away from day-to-day work, leading to corporate projects falling behind.
The need for cybersecurity fortification is greater now more than ever!
With microlearning, employees are taught valuable cybersecurity information in small chunks, over short periods and frequently. This helps them to not only avoid being overwhelmed with added information but also improves their ability to absorb and recall said information.
Furthermore, with microlearning, managers can avoid significant disruption to working hours. In fact, micro-learning can even become a constant aspect of an employee’s daily itinerary thus embedding security awareness as a necessary check for all their professional actions.
Microlearning sessions are:
Microlearning is so effective in improving an employee’s knowledge absorption and retention because it takes advantage of how the human brain processes, stores and recalls information.
The human brain is constantly blasted with sights, sounds and interactions at a breakneck pace. According to experts, the brain can only think about four things at one time, whilst everything else is ignored. To do this, the brain filters and stories information using the following methods: spotlighting, chunking and assimilation.
Microlearning participants can recall information 28% faster than traditional learners (ArcticWolf). Furthermore, employees who were assigned persistent microlearning by way of phishing simulations saw their click rate drop to 12%, whilst traditional learners sit at a 26% click rate (Webroot). Further Webroot data reveals that an ongoing security awareness training approach results in a massive 70% decrease in click rates on phishing links! And, to top it all off, Shift eLearning reveals that microlearning creates 50% more engagement in training than traditional methods.
It works better with the human brain’s best way of learning and retaining information than traditionally longer learning sessions.
Microlearning lets your mind work at a steady and healthy pace through targeted and concentrated learning objectives rather than multiple longer wider-reaching days of training. Microlearning presents information in the way the brain naturally functions. This can only increase the rate of retention and recall.
At TSC, we believe that to stay cyber safe, your security culture needs to extend beyond protective software and clicks. We understand that even the best defence technologies can be circumvented by employees who are not aware of the risks and nefarious individuals operating in the cyberspace. Microlearning is one of the most effective ways to build a strong cybersecurity culture.
If you would like more information about how The Security Company can help deliver security awareness training, raise awareness, increase security skills, and establish a secure culture, or how we can run a behavioural research survey to pinpoint gaps in your security culture, please contact Jenny Mandley.
© The Security Company (International) Limited 2023
Office One, 1 Coldbath Square, London, EC1R 5HL, UK
Company registration No: 3703393
VAT No: 385 8337 51