People have become the primary attack vector for cyber attackers around the world, so humans rather than technology now represent the greatest risk to organisations. [1] Security awareness programmes, and the professionals who manage them, are key to managing that human risk. The SANS 2022 Security Awareness Report analyses data provided by more than a thousand security awareness professionals from around the world to identify and benchmark how organisations are managing their human risk. The goal of this data-driven report is to provide actionable steps and resources to enable organisations to mature their awareness programmes and benchmark them against others.
This report is divided into two sections. The first section looks at how to grow and mature your security awareness programme. It provides not only the data and what the data means, but also actionable steps you can take to better manage your organisation’s human risk. The second section focuses on how security awareness professionals can develop their skills and grow their career, including information about salaries and career development paths. In addition, the report includes the Security Awareness Maturity Model Indicators Matrix, which enables you to easily identify your security awareness programme’s maturity level and presents steps to improve on that level of maturity and key metrics to measure it.
Please download this report to learn more.
Share