Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    SANS: Security Awareness Training is On the Rise

    Stu Sjouwerman | Aug 26, 2019

    Providing users with Security Awareness Training is a critical part of a security strategy. According to the latest data from SANS, more organizations are using awareness training in 2019.

    8-8-19 Image

    Every year SANS puts out their annual Security Awareness report. This year’s report, entitled the 2019 Security Awareness Report: The Rising Era of Awareness Training, highlights both SANS’ Security Awareness Maturity Model, as well as where organizations fit within the model.

    The maturity model is broken out into 5 stages:

    • Non-Existent: No awareness program of any capacity exists.
    • Compliance Focused: A program exists primarily to meet specific compliance or audit requirements with infrequent annual or ad-hoc training.
    • Promoting Awareness & Behavior Change: The program uses continual training throughout the year, with content encouraging behavior change at work and at home.
    • Long-Term Sustainment & Culture Change: The program has the processes, resources, and leadership support in place for a long-term lifecycle and establishing awareness as part of the organization’s culture.
    • Robust Metrics Framework: The program has an ability to track progress and measure impact using specific metrics for continual improvement.

    According to the report, the majority of organizations sit in the Promoting Awareness & Behavior Change stage, where a culture of security has not yet been established, but users are being continually educated on both the need for security-mindedness and specific attack methods and tactics used – all in an effort to elevate the user’s ability to play a part in stopping a cyberattack.

    A slow-but-steady shift towards more mature stages of the maturity model is evident when comparing the last 3 years of data. According to the report, the bottom two stages have reduced by 2-6% over the last three years, with the top two stages increasing by about 5% each. This demonstrates a growth in interest by organizations towards adopting and supporting continual security awareness training, and more mature implementations of security awareness programs.

    Find out how affordable new-school security awareness training is for your organization. Get a quote now.

     
    Get A Quote
    Request A Demo
     

    Topics: Security Awareness Training

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the human and AI workforce to make safer security decisions every day. Trusted by over 70,000 organizations worldwide, we help strengthen security culture and manage risk. Our comprehensive AI-driven platform includes awareness and compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, agent security and more. As the only global security platform of its kind, KnowBe4 provides personalized content, tools, and techniques to keep the modern workforce safe from phishing, vishing, deepfakes, and emerging threats.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    We Train Humans and AI Agents. Socially engineered or prompt engineered? It's all human risk. Learn more

    Posts By Topic

    View All

    Get the latest insights, trends and security news. Subscribe to CyberheistNews.