GAME approached Yellow Room Learning in 2015 and asked for assistance with giving their employees the basic knowledge and skills they need to ensure their company data, including customer information, remains safely and securely within the business. GAME were aware of cybercrime and the effects it can have on the business but felt this message, along with good practices, needed to be broadcast across the organisation by means of a security awareness campaign to instil a security first culture across it’s many stores and offices. We were delighted when they asked us to develop a fully customised campaign for them.
Following consultation with the Head of Corporate Security we opted for a multi-year campaign divided into various phases and set about working on a ‘brand’. We wanted to portray the seriousness of the campaign but also to align it to the overall company brand so the tag line ‘SECURITY – IT’S NOT A GAME’ was born.
Phase 1: To launch the campaign we created a 20 page, fully bespoke security awareness booklet which gave an overview of the main cyber threats and how each individual could mitigate the risk of these threats. To launch the booklet in style we developed a launch pack for each employee – the booklet along with a tailored mouse mat, pen, sweets and a drink were bundled together in a branded bag and delivered to employee’s desks overnight in order to greet people the next morning. In addition to this we converted the booklet into a simple e-learning package complete with an end of course test that could be delivered directly through GAME’s own learning management system allowing them to deliver this to everybody, including new starters.
Phase 2: To build upon the success of the basic awareness booklet in phase 1 we created a fully customised, interactive awareness course with exercises, videos, games and quizzes that further enhanced the learner’s comprehension. We also developed a learning environment where the learner can customise their character, earn trophies for completing certain modules and also access the first module. The theme was based around retro gaming consoles starting with an original Game Boy and progressing to newer and better consoles as the learning material became more advanced.
Phase 3: To maintain a security awareness heartbeat throughout the year we developed a series of 12 mini courses designed to touch upon the main cyber security threats and how to protect yourself against attack. We combined this with a monthly HTML newsletter and a 12 part animated mini-series highlighting the ‘career’ of a social engineer.
Phase 4: Phishing is seen as one of the biggest threats to the integrity of business information and to help to educate GAME’s employees to recognise phishing attempts we delivered a simulated phishing campaign that allowed their employees to ‘investigate’ certain clues hidden within realistic phishing emails. After each monthly phish the employee was directed to a landing page where advice and hints were waiting for them. A full monthly report of results was also provided to the management team. Following a few months of delivery we saw encouraging results, not only in terms of fewer link clicks but also of people reporting real phishing attacks and warning others.
Managed Custom Awareness Campaign
Bespoke learning environment
“We commissioned a project,
and they delivered a solution”
Head of IT Security
Producing quality, custom made, learning materials and branded communications are amongst the many reasons why the programme has been embraced across the organisation.
We Want To Discuss Your Awareness Campaign
Simply fill in the form below and we'll be in touch.
Or contact us on 0800 292 2900 or firstname.lastname@example.org