SecuritySense Blog

Help for Anyone Tasked with Employee Cyber & Info Security Awareness

Security Awareness Email Is Not Spam

It’s a good question we hear a lot. What’s the ideal frequency to email security awareness messages to employees? But there’s an even better question to answer first.

Is cybersecurity important to the well-being of your company and its customers? That’s really the question you should be asking before you start putting limits on the frequency of your awareness communications. 

Too often we default to the most conservative edge of the spectrum. 

“We don’t want to spam our employees!” is a sentiment often expressed. Maybe that’s you. Hear me out: It’s not spam. The employees at your company are not consumers. You should not be overly concerned with the amount of email they get from you. They aren’t going to get mad. They aren’t going to complain. There’s a reason internal company email doesn’t come with an “opt-in/opt-out” option. 

How do most people handle email? They look, see, scan and either look deeper or move on to the next thing. The good news is that people have learned how to process all the electronic communication they receive. You don’t have to protect them from your important messages. The bad news is many who wear the security awareness hat hold back needlessly. If your message is important you have an obligation to compete for the attention of everyone in your company, not apologize for it. 

Your company’s reputation, productivity and financial well-being is connected to whether or not the workforce is becoming less likely to fall for cyber-tricks and social engineering schemes that let criminals into the network. 

Your message is important. Don’t apologize for sending security awareness emails.