“People are the primary attack vector for cyber-attackers around the world. We humans, not technology, pose the greatest risk to organizations,” says Lance Spitzner, Security Awareness Director at SANS and co-author of Managing Human Risk. “The key to effectively managing that risk therefore lies in the professionals who are responsible for the safety awareness programs.”
In his annual report, which is in its seventh edition this year, Spitzner sets updated global benchmarks for how organizations manage the human risk factor. In addition, he discusses actionable steps for improvement, with essential criteria to measure progress in the Security Awareness Maturity Model Indicators Matrix.
The new edition of the report is the result of an analysis of data from more than 1,000 security awareness professionals worldwide. SANS Security Awareness is active worldwide in security awareness training.