SANS Security Awareness, the global leader in providing security awareness training, announced today the release of the 2021 Security Awareness Report: Managing Your Human Cyber Risk. This annual report analyzes the data of over 1,500 security awareness professionals from around the world to benchmark how organizations are managing human risk and provides data-driven action items to mature awareness programs.
2021 marks the sixth release of the SANS Security Awareness Report, and through 2020-2021 the industry witnessed deep and rapid changes in how and where employees work. These changes have caused unprecedented evolution in not only in technology we use, but how we use it, especially with so many working from home. Simply stated, it has never been more important to effectively create and maintain a cyber secure workforce and a vibrant security culture.
“Cybersecurity is no longer just about technology but people; managing human risk. Awareness programs enable security teams to do just that by not only guiding how people think about security but how they act, from the Board of Directors on down,” said Lance Spitzner, SANS Security Awareness Director and co-author of the report. “This report enables security professionals to make data-driven decisions on how they can most effectively engage the workforce and manage human risk.”
Key Findings:
“Security awareness programs have evolved from a limited compliance focus to becoming a key part of an organization’s ability to manage human cyber risk,” said Dan deBeaubien, SANS Security Awareness Director and co-author of the report. “While security awareness programs are gaining executive support, there is still a long way to go before enough personnel, resources and tools are allocated to this effort.”
For more detailed analysis and recommended action on improving an awareness strategy, the 2021 SANS Security Awareness Report is available for download here.