New data could help CISOs quantify the value of a strong security culture
Phishing warning seen on Google Chrome when visiting a website that has been recognized as phishing website. (Christiaan Colen/CC BY-SA 2.0)
Building a security awareness training program to develop a strong infosec culture requires time and money, and chief information security officers frequently try to make a case for such an investment by citing return on investment and other metrics of success.
Such demonstrable proof can be elusive, but this week, KnowBe4 researchers released the results of a comprehensive study examining the behavior and security culture of more than 97,000 employees across 1,115 organizations worldwide.