<- Back to all blog posts

Working Out Your Security Muscle

October 27, 2022

Are you searching for a way to enhance your organization's security awareness training? Look no further than Haekka! Schedule a demo with us to discover how we can help you reduce costs by 75% while boosting employee satisfaction with our training by 81%.
Schedule a demo

Security is a core competency that every person should possess. This does not mean every person should be a security or cybersecurity expert. But, in light of the constant onslaught of cyberattacks against all of us, being able to ask the right questions and make the right decisions to protect yourself and your data is essential. The primary way to accomplish this is with a security mindset.

๐Ÿ” What is a security mindset?

We define a security mindset as security thinking that is integrated into the flow of work. More concretely, and to not use โ€œsecurityโ€ in the definition,, it is considering the risk to data from your actions and decisions in real-time.

A security mindset goes beyond security awareness as a security mindset is actionable. Building a security mindset should be the goal of a security training program or security awareness program.

How do you build a security mindset? ๐Ÿคบ

Building a security mindset is like building any other muscle. Itโ€™s a habit. A person can be conditioned to have a security mindset using the following strategies.๐Ÿ‘‡๐Ÿ‘‡

๐Ÿ‹๏ธโ€โ™€๏ธ Exercise Consistently

The key to conditioning any muscle is consistency. Regardless of the format of engagement on security topics, doing it on a regular, consistent basis matters a lot. When it comes to learning and retention, data shows that the more frequent, the better. We recommend weekly touchpoints to keep security top of mind.

๐Ÿƒโ€โ™€๏ธ Repetition

When it comes to physical exercise, the number of repetitions varies with the workout. When it comes to conditioning a security mindset with security awareness training and engagement, repeating the same topics is a feature not a bug. The topical priorities should be within the bucket of social engineering as these account for the vast majority of โ€œhuman errorsโ€ when it comes to security hygiene. Repeating these topics over and over is a good way to build security muscle.

๐ŸŠโ€โ™‚๏ธ Variety

There are multiple exercises for each muscle. Using a variety of techniques to condition your security muscle will only make it stronger. When it comes to security awareness training, there are multiple ways to engage users - phishing, regular short content, annual training, and announcements.

๐Ÿฝ Nutrition

Exercising is not the only way to get and stay healthy. What you eat is a big part of that as well. A healthy diet supports exercise. Metaphorically, an employee with a security mindset needs support while in the flow of work. Connecting security knowledge into the tools and workflows helps support security thinking whenever and wherever employees work.

๐Ÿ˜ด Sleep

A body needs rest to recover from exercise. When it comes to security, users need support in the form of tools, apps, and services that make having a security mindset easier. This includes obvious and ubiquitous solutions such as firewalls but it also includes less obvious things like making it simple and non-punitive to report security incidents and ask security questions.


We stretched the metaphor above to show that there are multiple ways to support employees in building and maintaining a security mindset. Weโ€™ve seen this as one of the most valuable skills to have for modern work.


Schedule a demo

Start delivering training via Slack today.

Get started with a free trial by scheduling a demo today. One of our training experts will walk you through a live Haekka demo.

Excellent! We received your demo request. You should be redirected to our scheduling system. If you ran into an issue, please contact us.
Hmm. Something went wrong while submitting your form.
Please refresh and try again.