Security Learning & Cybersecurity Awareness Strategy

Empowering a culture of vigilance through education, engagement, and trust

🎓 Annual training completed | 💬 5-week awareness campaign | 📈 Increased reporting & engagement | 🔐 Data protection = people protection

🔍 The Challenge: From Compliance to Culture

Cybersecurity is a shared responsibility — but not everyone saw it that way.

Employees lacked consistent understanding of everyday threats or how their actions could mitigate risk. Annual training alone wasn’t driving the kind of lasting behavior change needed to protect sensitive data, client trust, and internal systems.

Security was often viewed as “IT’s job,” rather than something each person owned.

We needed to shift from reactive behaviors to proactive awareness and build a culture of security that felt empowering, not technical.

📌 Background: Making Security a People-First Priority

As Reward Gateway | Edenred grew globally, so did our responsibility to protect the data of thousands of clients and millions of employees.

I led the communications and engagement strategy for our Security Learning program and Cybersecurity Awareness Month — designing a multi-touch, people-centered campaign to help every employee feel equipped, confident, and accountable.

The goal was simple: Make cybersecurity real, relevant, and part of our everyday mindset.

🛠️ My Role: Campaign Strategy, Messaging & Engagement Execution

Partnering closely with our Security and IT teams, I delivered a layered, multi-week learning experience that blended education with storytelling and real-world application.

Key initiatives included:

Campaign Design & Messaging

• Positioned cybersecurity as a shared responsibility and a core part of our company values

• Connected secure behavior to trust — with clients, colleagues, and our broader community

• Framed the campaign around awareness + action + advocacy

Content & Communications Strategy

• Rolled out a 5-week communications plan across boom!, SmartHub, and virtual platforms

• Created content around weekly themes, including:

  • 🔐 Blog posts and learning spotlights

  • 🎥 Campaign video and teaser featured during Town Hall

  • 💬 Final “Thank You” wrap-up post celebrating participation and impact

• Promoted content through KnowBe4 nudges, regional screens, digital signage, and email

Live Events & Employee Touchpoints

• Hosted Lunch & Learn sessions on incident response, phishing detection, and secure workflows

• Facilitated manager enablement sessions for message cascading and frontline reinforcement

• Created a centralized Information Security Tag on SmartHub and boom! for FAQs, tools, and key resources

Reinforcement & Recognition

• Delivered weekly nudges via blogs, screens, and newsletters

• Highlighted cybersecurity wins and team shoutouts in company updates

• Encouraged leaders to publicly recognize secure behaviors in everyday work

💥 The Results: Awareness in Action

This wasn’t just another training. It was a culture shift.

• ✅ Annual InfoSec training launched and completed across all regions

• 💬 4-part weekly blog series achieved 80% global visibility

• 🎓 Live Lunch & Learn sessions delivered across teams with strong engagement

• 📈 Employee reporting increased in the final two weeks of the campaign

• 🧠 Trust and understanding grew, with improved awareness of internal policies and best practices

❤️ Why It Matters

Security isn’t just a system — it’s a mindset.

This campaign reframed cybersecurity from a box-checking task to a shared responsibility that protects people, not just data. By making learning practical, relatable, and visible, we helped foster a culture of confidence and collective care — one click, one behavior, and one conversation at a time.