How to increase adoption of IT compliance and cyber awareness

Glorin Sebastian is a Senior Consultant with one of the big four accounting firms in its Technology Consulting practice with over six years of experience in IT risk and cybersecurity compliance. He helps perform IT regulatory and cybersecurity audits as well as helps mitigate a firm’s IT risks by designing and implementing effective controls associated with ERP system implementations. Being a part time student at Georgia Tech, Glorin has always been categorised by his friends as doing a boring compliance job. This motivated Glorin to focus his part time graduate research on increasing the adoption of IT regulatory frameworks as well as promoting cyber awareness culture at the firm by making it more interactive and fun using some of the latest technologies such as gamification, animation and virtual reality.

In his research paper titled ‘A Comparative Study on the Effectiveness of Video Visualizations to Improve Automated Vehicles Privacy Policy Read Rate among Users’ that Glorin presented at the 36th IBIMA conference, in Granada, Spain, Glorin’s research compares the results of a comparative study on users who read a Privacy statement from an autonomous vehicle provider and compared its effectiveness to that of a video visualisation that explained the policy. It was concluded that using technologies such as animation, gamification etc. to make these cyber scenarios more interesting, is more effective in spreading cyber awareness and thus should be the way forward to promote cyber culture in the firm.

Organisations should leverage gamification for cybersecurity training, as well as to improve the awareness on the impacts of non-compliance with cybersecurity and privacy regulations such as GDPR and CCPA. The users should be provided with scenarios in gamification and rewarded for knowing the best approach to the situation. This is not just applicable for spreading cyber awareness, Glorin believes that every aspect of cybersecurity compliance adoption can be improved by better integration with the latest technologies as well as with better adoption of UX/UI (User Experience/User Interface) Design. Another example where this approach was successful, would be the adoption of interactive dashboards built on technologies such as Power BI, that simplifies the monitoring of controls environment at an organisation. Interactive dashboards are easy to understand and do a great job in representing the data in an attractive fashion which also conveys a clear picture on the state of regulatory compliance for the firm. This dashboard could be relating to any compliance be it financial risks, IT risks or even security incident monitoring related risks.

The use of technologies such as virtual reality, animation and gamification are here to stay and hopefully these technologies will be leveraged to make IT compliance fun and interesting.

You can connect with Glorin here