Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training, Courses, and Resources
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

SANS 2025 Security Awareness Report

Embedding a Strong Security Culture

Read the Report
Security Awareness Report 2025

Now in its 10th year, the SANS Security Awareness Report remains the definitive, practitioner-built resource for understanding and managing the human side of cybersecurity. Drawing insights from over 2,700 professionals across 70+ countries, this report reflects where security awareness programs stand today, and where they need to go next. 

This year’s edition delivers more than benchmarking data. It’s a roadmap for growth: whether you’re building your team, advocating for leadership support, preparing for AI-related threats, or mapping your next career step, the 2025 report gives you the tools to make informed, strategic decisions 

What You’ll Discover in this Year’s Report

3.9

Full-Time Employees (FTE’s) are needed to embed security into culture. Get proven strategies to gain executive buy-in and secure long-term investment

#1

Social engineering remains the #1 threat, amplified by deepfakes and AI voice cloning. Technology alone isn’t enough; training remains essential.

10 Years

It takes 3–5 years to influence behavior. 5–10 years to shape culture. Understand how team size, program longevity, and leadership support correlate with success.

Why This Report Matters

Security is no longer just a technical challenge: it’s a human one. As cyber attackers increasingly target people, not systems, organizations must adapt by building strong, sustained security cultures.

Whether you're running a one-person program or leading an enterprise-wide initiative, this report delivers the insights and evidence to drive meaningful change.

It's built by practitioners, for practitioners, because no one understands the human side of cyber risk better than you.

Navigate the SANS Security Awareness Report Archive

2024 Security Awareness Report

Download

2023 Security Awareness Report

Download

2022 Security Awareness Report

Download

Transform Your Security Culture with SANS

Discover how SANS can help you create lasting, behavior-driven changes across your workforce.

Contact Us Today