The Format of Training on Haekka

Travis Good
November 8, 2020

Haekka is a security engagement platform. Technology companies hire Haekka 1) to check the box on compliance training and 2) to engage employees in security and privacy, building it into their cultures. We achieve this with our content. Content broadly speaking is both the actual content as well as the cadence of the content.

There are two types of content on Haekka, and they serve different purposes. 

Courses

The first type of content is Courses or Trainings. These contain lessons. And these are taken to 1) establish a baseline of knowledge (think new hires) and 2) meet audit and compliance requirements. Our current catalog of courses enables Haekka customers to meet the training requirements of HIPAA, SOC 2, PCI, GDPR, and CCPA. You can find a complete list of courses available on Haekka here.

Below is the outline of a Haekka Security Awareness Course.


Spaced Repetition

The second type of content is called Spaced Repetition. This type of content is associated with a training category (HIPAA, security awareness, GDPR, CCPA, etc) but, in contrast to courses, it is delivered as relevant, topical micro-trainings each week. The goal of spaced repetition is to increase awareness of security and privacy on a day to day basis, build security and privacy into your culture, and gauge and continually improve employee engagement around security and privacy. Research shows that spaced repetition improves learning and retention.

Below is a Haekka Spaced Repetition Topic on HIPAA.


While courses establish a baseline of knowledge and address evidence requirements of auditors, Spaced Repetition is designed to engaged employees on topics of security. As employees are more regularly engaged on topics of security, they are more vigilant in their actions (opening emails, clicking links, installing macros or attachments, etc). Spaced repetition goes beyond checking the audit box.

At the same time, the metrics we measure for spaced repetition focus on engagement and comprehension of specific security topics. These metrics allow for continual improvement of the human element of security effectiveness.

Spaced repetition creates security engagement. Security engagement improves security effectiveness.

---

Security awareness training doesn’t have to be a chore for trainers or for learners. It should be deliver value to the company and employees. The key is to go beyond awareness to engagement.