Engaging managers on cybersecurity training in a way that’s meaningful for their role
Delivering an experience that speaks to their needs and delivers memorable outcomes
Create a safe environment where managers could ask questions and debate topics which may be difficult to address in everyday activities
A guided cybersecurity incident preparedness exercise that starts from a simulated crisis tailored to the manager role in DNB
Live activities, including interacting with websites and receiving SMSes, calls, and emails for a realistic experience
Practicing decision-making and collaborating with peers based on an evolving scenario
DNB is Norway's largest financial services group and one of the largest in the Nordic region in terms of market capitalization. Since the group offers a full range of financial services, from loans and savings to insurance and pension products, not a day goes by without cybercriminals trying to probe its defenses.
In an organization this complex, managers are key to leading the groups’ 10,000+ employees to success - in their day to day jobs and also in case of a security incident.
Knowing how important it is to engage them on the topic of security preparedness in a way that makes meaningful use of their limited time, DNB sought out a provider that could deliver an interactive experience with a strong practical approach.
This request came at a time when our team was getting increasingly numerous requests to train managers in dealing with cybersecurity incidents.
The most common question we get about cyber-drills is how we can engage managers - including senior management - as a target group. Managers are not a particularly homogeneous group, and, as specialized cyber professionals, communicating with them isn’t always ideal. However, in a crisis, it’s fundamental that communication is top notch! That's why it's so important to find common ground for a good, honest conversation between people who, after all, have a lot in common.
Together with Secure Practice, we conducted a security preparedness exercise tailored for the manager role at DNB to create increased focus on security among our managers.
With a combination of interactive elements such as websites, SMSes, emails, and voice calls, participants were able to contribute to the exercise in real time. Being in the same room, they could see how their individual decisions influence their peers and the unfolding cyber crisis scenario.
Compared to tabletop exercises, which are often very linear and where participation is scarce, this immersive experience galvanized all 300 DNB managers into action.
Attendees were able to make individual decisions and also discuss topics and challenges in groups, and see exactly how the crisis scenario evolved as a result. Knowledge-sharing and the stronger sense of camaraderie that managers developed didn’t remain confined to the room.
The results of this engaging learning experience continued to materialize after the training, with cybersecurity becoming a more frequent discussion topic in the company, both in meetings and informal conversations.
People talked and shared experiences across the groups. The feedback was that this was an exercise that got people really engaged. So this is something that we can highly recommend.
