Snacking Your Way to Better Cybersecurity

When we go onsite to visit our clients and when we attend Chamber of Commerce meetings, we bring bags of snacks for everyone.
We started this tradition many years ago, when it was just a candy and a cute card.

It progressed to an envelope with a security related article and a few treats.

Today, we have a bag filled with snacks. most have a security related cartoon or reminders to stay safe right on the snack.  It also includes an article pertaining to security topics important to all computer users.
Topics have included:

  • Safer Travel
  • Securing Your Backups
  • How Password Managers Protect Your Accounts
  • The Grinch LOVES a Gift Card Scam!
  • The Dangers of QR Code Scams and How to Stay Safe
  • YOU are a target
  • FEMA – Safeguard Critical Documents and Valuables
  • Hackers May Have Stolen Your Social Security Number
  • And more.

We call these bags our WOW bags (Words of Wisdom) and we give out 200- 300 every month.
You can find previous topics HERE.

Making cybersecurity awareness training fun and engaging is far more successful than traditional, tedious training for several key reasons:

1. Increased Retention & Learning Effectiveness

  • Studies show that people retain 90% of what they do compared to only 10% of what they read and 20% of what they hear (National Training Laboratories’ Learning Pyramid). Interactive and gamified training encourages active participation.
  • A study by Cybersecurity & Infrastructure Security Agency (CISA) found that employees engaged in interactive cybersecurity training were more likely to remember and apply best practices than those who received traditional lecture-based training.

2. Higher Engagement & Completion Rates

  • Traditional cybersecurity training is often viewed as a check-the-box exercise, leading to low engagement and completion rates.
  • Gamified training or microlearning approaches can increase completion rates by up to 80% (Brandon Hall Group Research).
  • According to a study by TalentLMS, 79% of learners said they would be more productive and motivated if their learning was more game-like.

3. Reduced Human Error – The Biggest Security Risk

  • IBM’s Cyber Security Intelligence Index reports that 95% of cybersecurity breaches are due to human error.
  • Engaging training helps employees internalize security habits, reducing risky behaviors like weak passwords and phishing susceptibility.
  • A study by Osterman Research found that phishing simulation and interactive training reduced phishing click rates from 40% to below 10%.

4. Encourages a Positive Security Culture

  • Fun, interactive training normalizes cybersecurity discussions and makes employees feel empowered rather than punished.
  • Google found that positive reinforcement in security training increased security-conscious behavior, whereas fear-based messaging had minimal impact.

5. Better ROI & Cost Savings

  • Organizations lose an average of $4.45 million per data breach (IBM Cost of a Data Breach Report, 2023).
  • Investing in engaging cybersecurity training reduces security incidents, saving companies from costly breaches and downtime.

Conclusion

Fun and interactive cybersecurity training: ✅ Boosts retention
Increases participation
Reduces human error
Fosters a positive security culture
Delivers a better ROI

Weekly Cybersecurity Tips

Find out more about our Security Awareness Training Program