Gaining Stakeholder Support

This presentation template can be used to present to your senior management to explain the value of your proposed security awareness program; giving you the support, budget and resources you need to make your awareness program happen.

Data Breaches

Your organization may be required to protect certain types of data (card holder, PHI, PII, PNI, etc). Here are several sites where you can search records of publicly known data breaches.


Privacy Rights Clearinghouse

Explore Privacy Rights Clearinghouse's Chronology of Data Breaches.


2019 Verizon Data Breach Investigations Report

The 2019 DBIR report reveals what’s really happening in cyber security featuring analysis of over 41,000+ incidents. 


World's Biggest Data Breaches

Search and filter through a visualized interactive map of the latest data breaches from around the world. 

Security Awareness Compliance Requirements

There are a variety of regulations and standards that require security awareness training. Download our Security Awareness Compliance Requirements document that lists the most common legislation or standards that require security awareness training. In addition you will find the specific sections that state the requirement and links for more information.

Making Security Awareness Stick

One of the most common, long-term challenges faced by any awareness program is getting it to stick. In this talk we explain what organizations are effectively doing around the world to emotionally engage and communicate to their employees. Key points you will learn include behavior modeling, defining culture, developing an engagement strategy, communication methods and ambassador programs.


Build your program quickly. Meet with peers, learn from the experts on how to build a high-impact awareness program. Sign up for the two-day class today.

Identify and Prioritize Risk

A key step to managing your human risk is first identifying and then prioritizing those risks and then focusing on the top ones. After working with hundreds of organizations, Lance Spitzner discusses what are the 7 most common human risks he finds in organizations and what you can do to effectively manage and measure those specific risks. Key points you will learn include concepts of cognitive overload, identifying top human risks and the behaviors that mitigate those risks. Download these key resources to mitigate your organizations risk.


Top Human Risks

Use this presentation to map out what risks are critical to your organization.


Mitigating Top Risks Webcast

Watch how you can apply mitigation techniques for your organization. 

Moving Beyond with Program Metrics

Once your security awareness program is established, it's time to measure it's effectiveness. Get started with the SANS Metrics Matrix identifying measurement options for your program. This resource includes metrics for both measuring impact (change in behavior) and for tracking compliance.



Human Metrics: Measuring Behavior

Security awareness is nothing more than another control designed to reduce risk, specifically human risk. This presentation will cover the different ways organizations are effectively measuring human risk, which methods are proving to be the most successful, and steps you can take to have successful metrics for your awareness program.


Measuring Phishing Effectiveness

One of the most effective ways to address phishing attacks is to train and measure employees through phishing assessments. These resources covers step-by-step instructions on how to build, maintain and measure an effective long-term phishing assessment program for your organization.


Secrets to an Effective Phishing Program Presentation


Effective Phishing Measurement Webcast