It’s something we all know instinctively, if a whole load of new information is thrown at you, your recall of it will be somewhat cloudy one week later. This is exactly what German psychologist Hermann Ebbinghaus showed back in 1885 when he developed the forgetting curve. Though his research is over a century old now, the principle remains true today. Most of what you learn will be forgotten within an hour.

Security training

This may help explain in part why people are still falling victim to phishing attacks. Did their security training consist of being herded into the break room for a lunch and learn while being shown a bunch of slides on how to recognise the signs of a phishing attack? Was that the entirety of their security training for the last 6 months? If so, as Ebbinghaus showed, memory retention will be down around 20%, so mistakes and clicks will be made!

So how do you get around this? Well, Ebbinghaus also showed that revising the information frequently greatly enhances the newly learned information. Translating this to security awareness training, we can see that training must be repeated frequently; think short snippets every month rather than a 1-hour presentation every 6 months.

security training new zealand

Here at Simplify Security, that is exactly what we believe. Our Managed Security Awareness training is done in short, sharp doses. We recommend once a month. What Ebbinghaus hadn’t yet discovered back in 1886 was the power of storytelling and engaging content which greatly enhances the memorability of information. Facts listed as bullet points are soon forgotten but a story can engage many areas of the brain from the motor cortex, sensory cortex and frontal cortex, making recall much stronger.

If you are still experiencing people clicking on phishing emails, it’s time to evaluate your security training. Make sure it’s delivered often in short doses with engaging content to enhance memorability.

Recent blog posts

We are becoming Amaru

We are becoming Amaru

The name Simplify Security doesn’t capture our mission enough. And as a result, we’re rebranding to Amaru. Bigger mission, same vision, same values, same purpose. When I started this business in 2019, I wanted to help organisations grow better with more innovative,...

What is OSINT and what are the benefits?

What is OSINT and what are the benefits?

Open-source intelligence (OSINT) is the practice of gathering, analyzing, and using information from publicly available sources. This can include data from websites, social media, news articles, government reports, and other sources that can be legally and ethically...