Statistics have told us that among companies suffering data breaches, 95% of the time it is because of an employee error. It’s a tough stat to take if you are a C-suite level employee or an IT specialist working for the company, because it means that 19 times out of 20, all of the sophisticated software, malware-seeking AI, and layers of precautions and firewalls you’ve invested in and deployed are being defeated by mistakes, laziness, and ignorance.
Clearly the main issue in all this is human error and lack of training for people who are unfamiliar, uncomfortable, or simply unaware about cybersecurity and the threats it poses.
Companies all over the world are already incorporating gamification into their cybersecurity package, engaging users to solve problems and motivating them by introducing elements we’re already familiar with in this text, such as rewards and competition with coworkers. The push behind it is a study by Pulse Learning that found that 79% of corporate learners would be more productive and motivated in regards to cybersecurity if it took place in a game environment.
In the corporate world, Price Waterhouse Cooper trademarked its own gamification environment known as Game of Threats to help C-suite staffs and boards of directors understand the danger of cybersecurity when it is not properly utilized. The game works for both individuals and teams with a system of rewards and penalties for their responses to various cybersecurity situations. Cybersecurity firm Digital Guardian has a game called DG Data Defender that can engage every single employee of a company to test their skill when it comes to protecting data. It goes beyond mere prizes to include a public leaderboard, e-store gift cards for employees performing well, and badges that can be printed as a visual stimulus for good behavior. The leaderboard notes which employees have prevented the most data loss over a period of time.
The Password Police
Passwords are a tough row to hoe in the corporate environment. Most employees have a login and a password for their own work stations, another for the copy machine, a third for any sort of cloud or virtual desktop they use, and numerous others for various apps and programs used during the day. Throw all of those passwords to memorize on top of all of an employee’s responsibilities and numbers to crunch and it’s easy to see how passwords are compromised, written down, lost, shared, and shuffled. It leads many companies to query why learn 20 passwords when you can just learn one? Several innovative companies like Dashlane are taking the stress out of passwords. Each user stores all of their accounts and passwords into a single “box” and then memorizes a master password that keys each of the others. The master password is long but it’s the only thing each user has to remember. Meanwhile inside of the box, the user can choose their own settings concerning how often new passwords and generated for all of the other accounts. This is done with a randomizer software powered by artificial intelligence that makes it virtually impossible to hack.