Training
Featured CourseView All Courses

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

SEC595Cyber Defense, Artificial Intelligence
SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
View course detailsRegister
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
NEW - AI Security Training
Can't find what you are looking for?

Let us help.

Contact us
Free Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

Customer Case Studies

Discover how organizations and individual cyber practitioners use SANS training and GIAC certifications

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Contact Sales
Contact Sales

SANS Security Awareness & Culture Maturity Model™ eBook

Login to download
SANS Security Awareness & Culture Maturity Model™ eBook (PDF, 5.99MB)Published: 28 Jan, 2026
Created by:
SANS Institute
SANS Institute

A practical roadmap for maturing security awareness programs.

Security awareness programs evolve over time. As programs mature, teams need a shared way to understand progress, define what good looks like at each stage, and prioritize where to focus next.

Updated for 2026, The SANS SecurityAwareness & Culture Maturity Model™ eBook provides a structured framework for assessing, planning, and evolving a security awareness program over time. It breaks maturity into five clear stages and explains what changes as programs move from foundational efforts to sustained, organization-wide security culture.

This eBook is designed to help security and risk leaders turn security awareness into a measurable, strategic program—not just a training requirement.

Discover

  • How the five stages of the maturity model are defined, from non-existent programs to optimized, resilient ones
  • The program and people indicators that signal what stage your organization is really operating in
  • Why many organizations get stuck in compliance-focused programs, and what’s required to move forward
  • How to think about metrics, behaviors, and leadership alignment at each stage

Meet Your Author

SANS Institute
SANS Institute

SANS Institute

Launched in 1989 as a cooperative for information security thought leadership, it is SANS’ ongoing mission to empower cybersecurity professionals with the practical skills and knowledge they need to make our world a safer place.

Read more about SANS Institute

Additional Resources

Structural Vulnerability: Autodesk Revit Server WAN Exposure Versus Cost of Autodesk Construction Cloud

WhitepaperSecurity Awareness, Cybersecurity Leadership
  • 7 Nov 2025

Privacy Protections: Are Stronger Laws Changing What We Reveal?

WhitepaperSecurity Awareness, Cybersecurity Leadership
  • 26 Sep 2025

Forensic Investigation of Bluetooth-Based Credit Card Skimmers

WhitepaperDigital Forensics and Incident Response, Security Awareness
  • 3 Sep 2025

SANS 2025 Security Awareness Report

WhitepaperSecurity Awareness, Cybersecurity Leadership
  • 12 Aug 2025
  • Lance Spitzner

Be a DLP Hero: How to Quickly Deliver Value from Your DLP Program and Set It Up for Future Success

WhitepaperSecurity Awareness
  • 3 Jun 2025
  • Kevin Garvey

Resiliency and Business Continuity in the Cloud Era

WhitepaperCloud Security, Security Awareness
  • 21 May 2025
  • Dave Shackleford