Peer-Driven Insights

Awareness & Training

About this topic

Awareness and training initiatives are structured programs designed to educate employees and stakeholders about security policies, regulatory requirements and best practices. Awareness and training projects aim to foster a security-conscious culture, reduce human risk factors and ensure compliance.

Featured One-Minute Insights

How are U.S. CISOs Addressing Liability Risk?

New regulations taking effect in the U.S. mean that cybersecurity leaders could face legal liability in the event of an incident. What strategies are they using to protect themselves?

How are U.S. CISOs Addressing Liability Risk?

Community Posts

What percentage of your team’s time is allocated annually for upskilling and training initiatives?

Read More Comments

What cybersecurity awareness techniques have you found most effective?

Read More Comments

What’s your personal opinion on phishing tests — should cyber professionals rethink this as a method for security awareness training, or is it a necessary practice?

Read More Comments

What sort of rewards do employees get for successfully reporting suspicious emails or other kinds of phishing?

Read More Comments

Do you reward employees in any way for reporting suspicious emails or other social engineering attempts?

Yes59%

Only in some cases29%

No11%

View Results

What's the best piece of advice a tech leader can give when identifying software testing resources for their team?

Read More Comments

There are so many types of social engineering attacks – how should we determine which ones to focus on for employee security awareness training?

Read More Comments

Do you think your org’s likely to increase funding for security awareness and training next year?

Very likely20%

Likely52%

Unlikely17%

Very unlikely9%

Unsure

View Results

What initiatives has your org planned for cybersecurity awareness month?

What do you think about a 3-strikes rule for clicking malicious links? Is that taking risk reduction too far?

Read More Comments

What are your opinions on the most engaging, relevant, and effective computer based security awareness training platforms?

How can you design your org’s security policies to more effectively drive awareness?

Read More Comments

If your org assigns additional security awareness training for repeat offenders, have you found it important to communicate to them why they’re getting that additional training?

Does your security awareness training address files shared over communications platforms like Microsoft Teams?

Yes80%

No18%

Other (comment below)1%

View Results

What are some actual tactics that can help impart a security-starts-with-you mindset throughout the company? How do you start to spread that messaging internally?

When it comes to driving secure behavior and culture, what is the best way to ensure messaging permeates all levels of the enterprise? Do you think it’s more effective to use a top-down approach that starts with leadership, or should you tackle it from the bottom-up (for example, by establishing security champions in each business unit)?