People tend to remember context more than content. In security training, it's important to present lessons in the same context as the one in which the person is most likely to be attacked.

4. Vary the message

Concepts are best learned when they are encountered in many contexts and expressed in different ways. Security training that presents a concept to a user multiple times and in different phrasing makes the trainee more likely to relate it to past experiences and forge new connections.

5. Involve your students

It's obvious that when we are actively involved in the learning process, we remember things better. If a trainee can practice identifying phishing schemes and , improvement can be dramatic.