SANS 2023 Security Awareness Report

Your Global Guide to Cyber Awareness and Managing Human Risk
Read Report

Powered by the Community, for the Community

People have become the primary attack vector for threat actors around the world and every year, SANS Institute surveys thousands of security awareness practitioners to benchmark and gain a deeper understanding of how organizations are managing human risk. This data-driven report provides actionable steps to build a sustainable security culture that drives behavior change. Here is a preview of the insights revealed in this year’s report.

3
The minimum number of FTEs needed to effectively change behavior.
70%
of respondents reported spending half their time or less on security awareness.
10:1
The recommended ratio of technical security professionals to human-focused security awareness professionals.

2023 Key Findings

The 8th edition of SANS Institute’s Security Awareness Report features data from nearly 2000 security awareness practitioners from over 80 countries spanning the globe. Lance Spitzner, Director, Community and Research, SANS Security Awareness, dives into the key takeaways from the report.

Read Blog >

Become a SANS Security Awareness Insider

Sign up for the OUCH! Newsletter — the world’s leading, free security awareness newsletter designed for everyone.
Subscribe Now

“I needed something that integrated with the innovative approach I was building when it came to security awareness and culture. For me, it was about changing behavior and SANS was the perfect fit for that.”

Mike Melo, VP Technology Shared Services & CISO, LifeLabs