digital man and woman

At SANS Securing The Human we currently have over 40 topics in our security awareness training library.  By breaking up our training into short modules organizations can select and use only the topics that directly apply to them.  This enables organizations to create short, yet highly effective training.  You can find descriptions and short video clips of all the training topics at our STH.EndUser Demo page.  With over 800 customers now using this training library, we can begin to extract some very interesting statistics.  One of the metrics we ran for 2013 is what topics, what human risks, are organizations most concerned about.  As such, we identified the five most common topics used.  In other words, over 90% of all the organizations we work with are training on these topics.  These are the human risks organizations are most concerned about.

  1. Email and Messaging
  2. Social Engineering
  3. Passwords
  4. You Are A Target
  5. Data Security

When you read about the latest incidents happening across the world today, these findings make sense, with phishing at the top of the list.  What I found interesting is that Mobile Device security did not make the top 5 (but it is in the top 10).