Ongoing training is fun and addresses the evolving nature of cyberattacks
By prioritizing cybersecurity upfront, Cohere Health provides the framework for a culture where everyone is responsible for protecting the company from attacks.
Staff engage with innovative training that centers on a young hacker prodigy named DeeDee.
Like most five-year-olds, DeeDee has her demands—and she’s not afraid to cause a little trouble to have them met. The training follows her misadventures, mirroring real-world threats like phishing attacks.
“I get feedback monthly from our employees that ‘This is so great,’ and ‘We want to see what happens with DeeDee next.’ It’s definitely engaging,” shares Couillard. That level of engagement helps Cohere Health staff retain what they’ve learned so they can apply it when they need it most.
“Most of the training in HIPAA is very dry with a ‘check-the-box’ kind of mentality . . . I was looking for something different and was introduced to ĢTV Managed SAT. I loved this new idea with how to present this information... Nothing compared to the inventiveness that ĢTV offered with their training episodes.”
The company knew an increasing number of cyberattacks around the world presented a risk to their operations. A programmatic approach lets Cohere administer security awareness training on an ongoing basis.
In addition to semi-monthly onboarding training, Cohere runs phishing simulations and administers customizable ĢTV Managed SAT episodes based on results. Couillard pairs these efforts with one-to-one conversations as needed for a complete cybersecurity program he and his team can quickly scale across a multiplying workforce.
Training episodes cover topics in ways that reflect evolving cybersecurity threats, such as:
- Phishing
- Social engineering
- Ransomware
- Removable media
- Network security
- Incident Response
Continuous training like this helps Cohere Health connect around the storylines. Couillard sees qualitative proof of engagement over time in company communication channels.
“We have a security HIPAA channel on Slack. After an episode has been open for a bit, I’ll post in there something you can only know from watching the content,” Couillard explains, "Everyone is doing the training and partaking, from leadership on down.”
Most of the training in HIPAA is very dry with a ‘check-thebox’ kind of mentality . . . I was looking for something different and was introduced to ĢTV Managed SAT. I loved this new idea with how to present this information... Nothing compared to the inventiveness that ĢTV offered with their training episodes.
Jared Couillard | CISSP SENIOR DIRECTOR, IT & SECURITY OFFICER, COHERE