SANS 2022 Security Awareness Report

People have become the primary attack vector for cyber attackers around the world. Humans rather than technology now represent the greatest risk to organizations. Security awareness programs, and the professionals who manage them, are key to managing this human risk. 

The SANS 2022 Security Awareness Report analyzes data provided by more than a thousand security awareness professionals from around the world to identify and benchmark how organizations are managing their human risk. The goal of this data-driven report is to provide actionable steps and resources to enable you to mature your awareness program and benchmark it against others. There are several reasons why I’m so excited about this year’s report.

1. It is full of actionable steps you can take to mature your program — steps you can take starting today that will have a direct impact to your program’s longterm success.
2. New this year, we have also dedicated an entire section to developing and growing you and your career. Once again, we provide actionable steps you can take now that will not only develop your credibility and reputation with leadership but ultimately help increase your compensation.

In addition, the report includes and leverages the Security Awareness Maturity Model Indicators Matrix, which enables you to easily identify your security awareness program’s maturity level and presents steps to improve on that level of maturity as well as key metrics to measure it.

Finally, for this year we included a section with key geographic breakdowns, including North and Latin America (NALA), Europe, Middle East and Africa (EMEA) and Asia Pacific (APAC) regions. 

I truly believe this is our best report yet as we have worked extra hard at making it both easy to digest and highly actionable. If you have any questions about this year’s report, or even better, suggestions for next year’s report, I would love to hear from you. Just reach out to me at lspitzner@sans.org.

Download your copy of the report for free here.