If you want to more effectively manage human risk in your organisation, scale up awareness-raising and improve understanding of how different teams and individuals throughout your organisation feel about cyber security – a champions programme is for you.
A successful champions programme is a great way to positively influence cyber security culture, but they take time to develop and too often can fizzle out. Perhaps you don’t have the time or the experience to build a programme from scratch. That’s where we come in. We know the pitfalls and pain points of setting up – and maintaining – a cyber security champions programme and we have experience in overcoming them.
Here are three top tips for setting up a successful cyber security champions programme:
1. Overcoming obstacles
It is often said that nothing good comes easily. Launching and maintaining a champions programme takes a lot of work, and you will face obstacles, but you will be rewarded ten-fold for the effort you put in. Identifying potential pitfalls before you get too far into the programme, and building mitigations, helps everything go more smoothly. Two common issues we see causing challenges for champion leaders are incentivising champions (especially long-term) and gaining senior level buy-in and support. Let's take a look at these two obstacles now.
2. Improving incentives
We recently launched the Cygenta Champion Leader Framework and our first cohort of clients are going through it. In a recent virtual consultancy session with one new champion leader, a common question came up: “how much money do we need to spend on incentives to recruit champions?”.
My answer is that monetary incentives - like goodies, swag and rewards - are the icing on the cake. We’ve found that if you dig deeper to tap into the intrinsic motivation of potential champions, you will be rewarded with more loyalty, dedication and commitment. Using monetary incentives can be a nice way (but not the only way!) of obtaining short-term engagement, but for longer-term commitment, you need to harness the personal values of your champions.
3. Senior support
Securing senior buy-in and support for your champions programme is no different to obtaining it for anything else. Put yourself in the shoes of your executives and ask what matters to them. Using case studies, speaking the language of the business, aligning your programme with organisational priorities and demonstrating the value of your programme are all good tactics. Metrics matter to management so make sure you will be able to track progress of your programme and demonstrate success.
For years we’ve been working with clients to develop their cyber security champions programmes and we’ve spent the last 18 months pulling all of that expertise and experience together so that we can share it with you. Contact us to find out more about our Champion Leader Framework or subscribe to our mailing list to be the first to hear about an exciting online launch coming soon!
🏆 UPDATE 🏆
We have now launched our online course 'How to Set Up a Cyber Security Champions Programme'. This is the ultimate guide to becoming a successful champion leader with 11 modules, 13 short videos, and 25 resources to download and keep, including templates, posters and exercises. We’ve been there and done it for some of the biggest organisations in the world, now let us guide you through every step of setting up and running a cyber security champions programme.