In the realm of cybersecurity, a popular learning model from healthcare, the “see one, teach one, do one” approach, is gaining traction. This method involves observing a procedure, teaching it to others, and then performing it oneself. The same framework can be applied to cybersecurity to enhance employee awareness, tool efficiency, and risk mitigation strategies.
According to Reach Security’s analysis, a small percentage of users, approximately 3% to 5%, account for the majority of cybersecurity threats in an organization. These high-risk individuals, including top executives with privileged access and employees engaging in risky behavior, can pose significant security risks through negligence or deliberate actions.
To combat these threats effectively, organizations need to focus on educating and empowering these high-risk users. By implementing the “see one, teach one, do one” model, organizations can address the root causes of cybersecurity threats and allocate resources more strategically. This approach aims to reduce reliance on extensive security tools that may not be as effective in protecting high-risk individuals.
The first stage of this approach involves identifying the most attacked people (MAP) within the organization. By utilizing solutions that provide visibility into user data, security teams can pinpoint high-risk users and provide personalized demonstrations of potential threats they may face. This stage aims to increase awareness among high-risk users and help them understand the specific risks they encounter.
In the second phase, high-risk users transition from observers to educators. By sharing their knowledge and experiences with their colleagues, these individuals can help foster a culture of shared responsibility for cybersecurity within the organization. This collaborative approach reduces the reliance on technical tools and embeds good security practices into daily workflows.
The final stage, “do one,” focuses on real-world implementation and practice. Organizations must continuously monitor and update security measures to stay ahead of evolving threats. By integrating data from multiple security tools and leveraging continuous monitoring solutions, teams can track shifts in the threat landscape and ensure that high-risk users are under constant surveillance. A holistic security strategy that accounts for user and device awareness will enhance the effectiveness of protective measures.
In summary, managing human-based cybersecurity risks necessitates a targeted approach that focuses on the organization’s riskiest users. By adopting the “see one, teach one, do one” model, organizations can strengthen their cybersecurity posture, reduce vulnerabilities, and empower high-risk individuals to become advocates for security within the organization. This shift towards a more focused strategy can yield significant benefits in mitigating cybersecurity threats where they matter most.