Peer-Driven Insights

Awareness & Training

About this topic

Awareness and training initiatives are structured programs designed to educate employees and stakeholders about security policies, regulatory requirements and best practices. Awareness and training projects aim to foster a security-conscious culture, reduce human risk factors and ensure compliance.

Featured One-Minute Insights

Sept 2024

How are U.S. CISOs Addressing Liability Risk?

New regulations taking effect in the U.S. mean that cybersecurity leaders could face legal liability in the event of an incident. What strategies are they using to protect themselves?
How are U.S. CISOs Addressing Liability Risk?

Community Posts

What cybersecurity awareness techniques have you found most effective?

Read More Comments

What’s your personal opinion on phishing tests — should cyber professionals rethink this as a method for security awareness training, or is it a necessary practice?

Read More Comments

Do you think rewarding or recognizing individuals for secure behavior is an effective strategy? How is this tactic applied at your organization?

Read More Comments

I’m doing a career change from software development to AI or cybersecurity: Is there a cybersecurity boot camp-type course you know of where I could learn everything required to find a job at the management level?

What are some actual tactics that can help impart a security-starts-with-you mindset throughout the company? How do you start to spread that messaging internally?

What are some examples of security awareness and training activities that your employees have enjoyed?

What sort of rewards do employees get for successfully reporting suspicious emails or other kinds of phishing?

Read More Comments

What sorts of resources/guides do you provide for remote employees to strengthen their home network security?

Read More Comments

Do your IT helpdesk staff receive more frequent training on social engineering attacks compared to other employees?

Yes77%

No22%

What's the best piece of advice a tech leader can give when identifying software testing resources for their team?

Read More Comments

What do you use for your annual employee security training?

A training purchased from a vendor41%

Freely available open-source training material42%

A training created by your company16%

View Results

Does your org have any activities or events to recognize Safer Internet Day?

Yes (comment and tell us what they are!)63%

No37%

What do you think about a 3-strikes rule for clicking malicious links? Is that taking risk reduction too far?

Read More Comments

Any recommendations for educating employees about insider risks? What are some best practices you've found effective / what resonates most?

Read More Comments

Have you ever personally conducted workshops/activities for security awareness training with your own board members? What was most effective? What would you do differently today?

Read More Comments

How are you approaching phishing tests to make sure they really educate folks and aren't just about "tricking" employees?

Read More Comments