TikTok. Picture: TikTok
Social media isn’t just changing what we pay attention to — it’s reshaping how we think.
Years of scrolling, swiping and consuming bite‑sized content have conditioned the brain to seek speed, novelty and instant rewards.
TikTok brain
The result, often called “TikTok Brain,” is shorter attention spans, faster decision‑making and less patience for information that doesn’t immediately grab us.
These effects are increasingly visible in the workplace, where many organisations still rely on long, annual compliance sessions that employees quickly forget.
“This is a cognitive war, and the threat actors are winning,” says Anna Collard, CISO advisor and SVP content strategist at KnowBe4.
Hackers
Hackers exploit this fractured attention. They no longer send clumsy phishing emails but deliver “snackable” threats — a 15‑word urgent message from the “CEO,” a fake Teams ping, or a barrage of multi‑factor authentication prompts.
“When employees are conditioned to react instantly, the critical‑thinking pause vanishes,” Collard explains.
Legacy training, often treated as a checkbox exercise, is mismatched against these tactics.
“Completion does not equal competence. And competence does not automatically equal correct behaviour,” she warns.
NOW READ: Dell: Speed and customer trust are the new differentiators in AI era
Pillars
Collard argues that security leaders must stop feeding “TikTok Brain” and start counteracting it. A modernised security culture rests on three pillars:
- Mindful pauses: Short, focused learning blocks that teach staff to stop, breathe and dedicate a minute to a specific threat.
- Gamified friction: Real‑time micro‑challenges and contextual phishing simulations that reward correct decisions and snap employees out of impulsive behaviour.
- Clear insights: Calm, actionable updates that cut through noise when new vulnerabilities or scams emerge.
Protection
Collard says for CISOs, this shift means measuring success differently.
“Legacy programmes track completion rates, while microlearning measures behavioural change and risk reduction.
“You cannot protect your organisation’s security posture with a training model your employees actively tune out,” Collard says.
Collard says it is time to retire the hour‑long slide deck, adding that to outsmart hackers winning the battle for attention, security awareness must become fast, engaging and habit‑creating.
ALSO READ: TikTok removes over 1 million videos in South Africa as global safety push intensifies
