“The best way to train employees to defend against hackers is to teach them how to think like one,” says HackerOne CEO Marten Mickos in a recent Harvard Business Review article.

Mickos notes the creativity, persistence and resourcefulness of hackers, as well as their tendency to be constantly on the lookout for computer system vulnerabilities.

Among his tips for companies that want to help their employees think like hackers:

  • Encourage employees to attend hackathons—even if only to observe. These events give people a chance to take a step back from their day-to-day work and think creatively, helping teams avoid tunnel vision and groupthink.
  • Arrange companywide competitions and games that encourage employees to figure out how cybercrime could potentially happen. You can even role play a fictitious cyber incident. Acting out a breach scenario can help employees better relate to organizational risk and be more mindful of cybersecurity.
  • Create a mandate for employees to work across departments and teams. This helps open up the lines of communication across the entire organization and also allows teams to get a fresh perspective. Also consider looking beyond the company, inviting outside security experts to help your team identify vulnerabilities.

See the full HBR article: “Train Your Employees to Think Like Hackers.”