M+E Daily

Xcapism Learning CEO: Gamification Can Significantly Help Company Training

Xcapism Learning’s immersive and gamified approach to training can help people retain up to 90% of what they are taught and can also influence positive behavioural change and culture in the workplace, according to Meera Mehta, its CEO.

“What makes people enjoy cybersecurity and privacy training? Being honest, probably not very much,” she said during the Dec. 8 virtual Content Protection Summit.

Therefore, what Xcapism Learning has done is “made it into a game and, just as crucially, it’s had a positive impact on changing and reinforcing behaviour against online threats,” she pointed out during the Rights, Data & Education breakout session “Learn More with Xcapism Learning.”

After all, “no one said training had to be boring,” she said.

Turning to mainstream training today, she conceded: “There are certainly good pockets of innovation happening around the world in this space.”

But what many people are familiar with when it comes to cybersecurity training are written material, video content “or using our old friend, the guy in the hoodie, to stoke fear,” she noted. Some companies prefer town halls or live demos including slide presentations and expert speakers or live hacking demonstrations.

However, very few people pay attention during mandatory training sessions like those, according to Mehta. “Many people in companies have told us that what they do is they click ‘next’ until they get right to the end” of a video learning session, she noted.

“There is nothing wrong with the content within these methods of training but it’s the delivery that is key,” she stressed.

How much of the training will viewers remember? That is significant because if they retain the info, they are more likely to act on it, Mehta pointed out. Training is supposed to influence behaviour, and that is “super important because our colleagues should be considered the first line of defence” when it comes to cybersecurity, she said.

“Using the traditional methods of training, like lectures and town halls or reading Internet articles, you’re actually only likely to retain up to 30 percent of that information,” she told viewers, citing the findings of a study. The reason why is “you’re not fully engaged, so you don’t remember as much, which means you’re unlikely to actually change your behaviour as a result of it,” she said.

On the other hand, “by practicing a subject, you’ll actually retain up to 75 percent of that information because you’re going to be so engaged and, if it’s done well, you’ll be even more engaged and you’ll retain up to 90 percent and start to pass your newfound knowledge on to others” and help train them, she pointed out.

“So to truly have a positive impact on behavioural change, you need to be aiming for at least 75 percent,” she said.

To fully engage people, she suggested making it immersive with a compelling story that has a beginning, middle and end, with a goal at the conclusion.

“The last thing we need to consider is the actual tone,” she said. “Cybersecurity awareness and communications companies have become generally associated with a faceless hacker in a hoodie, hunched over a computer and being showered with noughts and ones when, in reality, a hacker could be someone on the bus, someone sitting next to you at work – literally anyone,” she pointed out.

The tone must be widened to make the informational story as “simple and relatable as possible,” she told viewers, suggesting the game be placed within everyday settings and that the guy in the hoodie be replaced with a cartoon character.

“At Xcapism Learning, we’ve taken all of these elements to produce a range of experiences using different formats and aimed at positively impacting as many people and organisations as possible,” she went on to say.

Breakout Cyber Escape Room, for example, is an online immersive game that teaches about access management, encryption, data loss prevention, data privacy, phishing and safe social media. It can be played anywhere – at home or on the road, Mehta noted.

“Since launching, we’ve been lucky enough to see Breakout having the impact we’re aiming for, with people who have played” providing feedback that “they’re now telling their friends to change their behaviour, such as moving from passwords to passphrases and [amending] their privacy settings on their social media accounts because they didn’t realise how exposed they were,” she said, adding: “Some have actually started encrypting their documents when they weren’t actually doing that before.”

Xcapism Learning’s Comic Comms, meanwhile, is a line of short comics using colourful images and simple language that covers information including all major threats to online safety.

The company was recently asked by clients to expand the range of comic products with new editions including wellbeing, which “in the current climate is definitely needed,” she said, adding: “Any message and any subject can be converted to this comic range” that is designed to be used at any kind of organisation in any industry.

”So training definitely doesn’t have to be boring to have an impact,” she said in concluding the session.

Presented by Microsoft Azure, the Content Protection Summit was sponsored by SHIFT, Genpact, Akamai, Convergent Risks, Friend MTS, GeoGuard, PacketFabric, Palo Alto Networks, Richey May Technology Solutions, Splunk, Zixi, EIDR, Cyberhaven and Xcapism Learning.

The event was produced by MESA, CDSA, the Hollywood IT Society (HITS) and Women in Technology Hollywood (WiTH), under the direction of the CDSA Board of Directors and content advisors representing Amazon Studios, Adobe, Paramount, BBC Studios, NBCUniversal, Lionsgate, WarnerMedia, Amblin Entertainment, Legendary Pictures, and Lego Group.