Snowball Learning: Getting Real About Cybersecurity Training

Show Notes

Hello to all our Cyber Pals! Host Selena Larson and co-host, Sarah Sabotka, chat with Dr. Bob Hausmann, Lead Cognitive Scientist of Human Risk Management at Proofpoint. They have a timely conversation on whether cybersecurity training actually works and what it takes to make it effective.

They unpack why traditional annual training and phishing simulations often fall short, and how insights from cognitive psychology can help organizations design awareness programs that truly change behavior. Drawing on Dr. Bob’s recent research, the conversation explores just-in-time nudges, microlearning, and how understanding attention, memory, and emotion can make security guidance more actionable in the moments that matter most.

In this episode, they cover:

• Why once-a-year security training shows little impact on real-world behavior
  
  
  
• How just-in-time nudges work and where they fit into security awareness programs
  
  
  
• The role of cognitive load, attention, and repetition in learning and memory
  
  
  
• How amygdala hijack and emotional manipulation factor into phishing success
  
  
  
• Why foundational knowledge is critical for nudges to be effective
  
  
  
• The difference between education-driven nudges and punitive approaches to training
  
  
  
• Practical ways organizations can design training that fits into everyday workflows

This episode offers a research-backed, human-centered look at security awareness—showing why better outcomes depend less on blaming users and more on designing training that works with the brain, not against it.

Resources Mentioned:

https://www.proofpoint.com/us/blog/security-awareness-training/cybersecurity-nudges-cautionary-tale

For more information about Proofpoint, check out our website.

 

Subscribe & Follow:

Stay ahead of emerging threats, and subscribe! Happy hunting!