Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    SANS: Security Awareness Training is On the Rise

    Providing users with Security Awareness Training is a critical part of a security strategy. According to the latest data from SANS, more organizations are using awareness training in 2019.

    8-8-19 Image

    Every year SANS puts out their annual Security Awareness report. This year’s report, entitled the 2019 Security Awareness Report: The Rising Era of Awareness Training, highlights both SANS’ Security Awareness Maturity Model, as well as where organizations fit within the model.

    The maturity model is broken out into 5 stages:

    • Non-Existent: No awareness program of any capacity exists.
    • Compliance Focused: A program exists primarily to meet specific compliance or audit requirements with infrequent annual or ad-hoc training.
    • Promoting Awareness & Behavior Change: The program uses continual training throughout the year, with content encouraging behavior change at work and at home.
    • Long-Term Sustainment & Culture Change: The program has the processes, resources, and leadership support in place for a long-term lifecycle and establishing awareness as part of the organization’s culture.
    • Robust Metrics Framework: The program has an ability to track progress and measure impact using specific metrics for continual improvement.

    According to the report, the majority of organizations sit in the Promoting Awareness & Behavior Change stage, where a culture of security has not yet been established, but users are being continually educated on both the need for security-mindedness and specific attack methods and tactics used – all in an effort to elevate the user’s ability to play a part in stopping a cyberattack.

    A slow-but-steady shift towards more mature stages of the maturity model is evident when comparing the last 3 years of data. According to the report, the bottom two stages have reduced by 2-6% over the last three years, with the top two stages increasing by about 5% each. This demonstrates a growth in interest by organizations towards adopting and supporting continual security awareness training, and more mature implementations of security awareness programs.

    Find out how affordable new-school security awareness training is for your organization. Get a quote now.

     
    Get A Quote
    Request A Demo
     

     

    Return To KnowBe4 Security Blog

    Topics: Security Awareness Training

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews