SANS 2024 Security Awareness Report

Embedding a Strong Security Culture
Read the report

Critical Takeaways

People have become the primary attack vector for threat actors around the world and every year, SANS Institute surveys thousands of security awareness practitioners to benchmark and gain a deeper understanding of how organizations are managing human risk. This data-driven report provides actionable steps to build a sustainable security culture that drives behavior change. Here is a snapshot of the insights revealed in this year’s report.

4.18
The most mature security awareness programs on average have at least 4.18 Full Time Employees (FTEs) dedicated to or helping manage the program.
41%
of respondents identify a lack of time and staff as the primary challenge in building and managing an effective security awareness program.
89%
of respondents highlight social engineering attacks as their primary, human-related concern.

Webcast: SANS 2024 Security Awareness Report Key Findings

The 9th edition of SANS Institute’s Security Awareness Report features data from 1000 security awareness practitioners from over 70 countries. Join Lance Spitzner, report author and Director of Community and Research, SANS Security Awareness, as he dives into the key takeaways from the report.

SAR-Resources-MLP_470x382.jpg

Help Shape the Future

Your insights matter in driving meaningful change across our industry. Sign up to be notified when next year's survey is open!

Sign Up

Become a SANS Security Awareness Insider

Sign up for the OUCH! Newsletter — the world’s leading, free security awareness newsletter designed for everyone.
Subscribe Now