All of our behaviour is recorded in the systems and applications we use every day. Even though this data is valuable for security awareness programs, today it remains unused for that purpose. Humans are the easiest, cheapest and fastest route to success for hackers. This article discusses the power of (log)data from existing IT sources and how that data can be converted into use cases that contribute to security awareness and cybersafe behaviour.
An integrated approach, where security awareness training platforms (SATs) are linked to the existing IT environment, is essential. A SAT should support automated onboarding, role-based training and reporting. Through such an integrated approach, secure behaviour can be embedded in the organization. This results in positive impact on both compliance and risk reduction.