HomeCybersecurity Month at PowerPlan: Making Security Awareness Fun and Effective
October is Cybersecurity Awareness Month, and at PowerPlan, we've transformed this annual observance into something truly special—a month-long celebration that combines learning with engagement, competition, and yes, some seriously fun prizes.
Beyond Checkbox Compliance
For years, cybersecurity training has been viewed as a necessary evil—that once-a-year compliance requirement we all have to check off for audit purposes. But here's the reality: 90% of security breaches start with some kind of social engineering attack*. A single annual training session simply isn't enough to shift the needle on awareness.
That's why we've moved to a monthly training model and reimagined our Cybersecurity Month as an opportunity to truly engage our employees. Because when tools fail us, our people make the difference. They're not the weakest link—they're our last line of defense and the ones who can tell when something's off.
Five Critical Themes
This year's activities centered on five essential themes, each chosen based on our security posture and culture assessments:
Password Hygiene: With the average user managing hundreds of passwords, understanding how to create and maintain secure credentials is fundamental to protecting our organization and customers.
AI Security Practices: As AI becomes central to PowerPlan's business initiatives, our teams need to know how to leverage these powerful tools securely and in compliance with company policies.
Incident Reporting: When a security event occurs, time is critical. We examine the multiple ways employees can quickly report potential threats to help us contain incidents efficiently.
Social Engineering: Given the success rates of social engineering attacks, we dedicated significant focus to helping employees recognize and prevent these attacks.
The Human Firewall: This theme reinforces that information security isn't just a cybersecurity team responsibility—it's everyone's responsibility at PowerPlan.
Making Cybersecurity Learning Engaging
We packed the month with interactive activities: virtual and in-person Cyber Escape Rooms where teams collaborated to solve security challenges, daily fun facts with weekly quizzes on each theme, a special keynote from ethical hacker Rachel Tobac on social engineering, and creative contests including Halloween-themed selfies and cybersecurity memes.
Every activity earned raffle tickets toward prizes including our personal favorite—the "I Don't Click on S**t" mug.
The PowerPlan Difference
Our shift in mindset made this year special, as we’re moving away from box-checking, compliance-centric training and instead toward genuine awareness building. Our employees are actively learning and engaging, empowered with the knowledge that cybersecurity isn’t about fear or restrictions. That security-consciousness is what sets PowerPlan apart.
*Grimes, Roger A., and Martin Kraemer. Effective Security Awareness Training Really Does Reduce Breaches. KnowBe4, 2025. KnowBe4, https://www.knowbe4.com/hubfs/Effective-SAT-Reduces-Breaches.pdf?hsLang=en-us.
