Cybercrime and information leaks are red-hot risks in financial institutions, causing billions of dollars of loss every year. But spotting these threats takes practice, and even the savviest digital natives can be fooled. How should a global bank that employs tens of thousands of people cope with the challenge?
Information and cyber security is a dry and technical subject, and with the Bank’s employees inundated with radical industry shifts and challenges in the operating landscape, how do we get them to sit up and take note of cyber secure messages without boring them? The goal was to get employees to mature from security compliance to become active security breach detectors.
We worked closely with the Bank to build a campaign strategy using its four message pillars of Speak, Send, Share and Save securely. Working in synergy with their cybersecurity team, we transformed strategic insights into a winning concept “I Am Cybersafe” which ran for all their quarterly campaigns. Supporting this was clear messaging that empowered bank employees to take ownership of their own cybersafe practices.
Pivotal to the campaign was a specially produced webisode series that reinforced this sense of personal responsibility. In each webisode, major cyber threats are personified as larger-than-life “super-villains”, and each cliffhanger ending challenges viewers to make the right decision to win prizes. As part of the campaign rollout, cyber awareness-related materials in the offices and on digital channels and a handy survival manual packed with bite-sized practical tips helped ensure top of mind awareness among bank employees.
The campaign saw a significant jump in the number of views and shares of the webisodes. Focus groups and internal surveys post campaign also show significant percentage improvements in employee awareness of information and security risks with improvements in retention of cybersecurity messages, that translates to better decision-making, and actions that influence others to follow cyber safe practices.