With an unprecedented number of employees now working in hybrid or fully remote environments, compounded by an increase in cyber threats and a more overwhelmed, COVID-19 information fatigued workforce, there has never been a more critical time to effectively create and maintain a cyber-secure workforce and an engaged security culture.
“People have become the primary attack vector for cyber-attackers around the world,” said Lance Spitzner, SANS Security Awareness Director. “Humans rather than technology represent the greatest risk to organizations and the professionals who oversee security awareness programs are the key to effectively managing that risk.”
“Awareness programs enable security teams to effectively manage their human risk by changing how people think about cybersecurity and help them exhibit secure behaviors, from the Board of Directors on down,” said Spitzner.
Key findings
- Workforce: More than 69% of security awareness professionals are spending less than half their time on security awareness. The data shows that security awareness responsibilities are very commonly assigned to staff with highly technical backgrounds who may lack the skills…
