Adaptive cybersecurity training

How to find an individual approach for each employee without committing to a personal mentor for everyone.

In developing our cybersecurity awareness programs, we naturally devote a lot of time to analyzing their effectiveness in search of the “perfect scenario.” Why is it after taking the exact same course, some employees successfully apply the acquired know-how in practice, and others forget it the very next day? The answer to this question is not as simple as it seems — multiple factors are at play. But the main reason is basically that people are different.

And it’s not just that different people have different background knowledge. Some can hear something once and remember it forever; others absorb it only after a detailed explanation. Still others need slides with clear, concrete examples. Some absorb new knowledge confidently; others have doubts and seek clarification. Encountering information that’s already familiar, some trainees are pleased at the opportunity to refresh their knowledge, whereas others get irritated and skip the whole segment. Add another category for those who believe they know everything but in fact make basic mistakes: Communicating the correct point of view to them can be a major challenge.

Ideally, each employee would be assigned a personal mentor. But, as you no doubt know, that is not practical. Moreover, in large companies it’s not always possible even to divide staff into groups with similar “training profiles” — it’s too time- and resource-consuming. Having long sought a method that takes into account each trainee’s capabilities without overstraining organizers and trainers, we concluded that an adaptive learning methodology is best suited to our goals.

This technique involves an interactive platform that can tailor the training program to the individual’s existing knowledge (based on their correct or incorrect answers to questions), as well as their level of confidence in their skills. With no plans to reinvent the wheel, we took our idea to Area9 Lyceum, the developer of one of the best adaptive learning platforms and a pioneer in the field. Having combined content built on our expertise in cybersecurity and their experience in creating training solutions, we came up with a new joint product called Kaspersky Adaptive Online Training.

Thanks to Area9 Lyceum, the platform lets you develop a unique training course for all participants that adapts not only to the employee’s level of knowledge, but to their degree of confidence in that knowledge. At the very start of the course, users assess their grasp of the material, selecting a level from beginner to expert. That sets them on the right path from the start. The beginner is always shown the training material before each question, whereas the expert sees a stream of questions, with the material appearing only if they make a mistake or are unsure of their choice (of course, they can also access it on demand).

How do we know if they are unsure? Because when choosing an option, the user is additionally asked to indicate their level of confidence in their decision. The adaptive system then builds the most suitable learning trajectory. Algorithms hide content that the student definitely already knows, focusing on less-familiar material. The adaptive nature of the course also varies the time required to complete it. Experts can go through it much faster, avoiding the annoyance of repeating things they already know.

Kaspersky Adaptive Online Training currently offers lessons on security and protection related to passwords, websites, social networks, instant messengers, mobile devices, and work computers. However, we plan to expand the course and will add the next lesson (on the GDPR) shortly. For clarity and better content uptake, all lessons are built on real-life case studies, illustrated with examples from attacks that our experts encountered in their daily work. During the learning process, the solution provides detailed statistics on trainees’ progress and draws particular attention to those who “confidently make mistakes.”

Our lessons are currently available in English, German, Spanish, Arabic, French, Italian, and Russian. You can learn more on our Kaspersky Adaptive Online Training page.