Security awareness training exemplifies the way information security is seen and tackled by senior management. 21 percent of CISOs had never given security training, with a further 21 percent indicating that they only did so when new staff joined the company. Security training programs have to change, top-down, says Pete Wood, CEO of infosec consultancy First Base Technologies. Getting board support is crucial for funding resources and the right culture in the right place, he says. Red-teaming, gamification and more.”]
Source: https://www.csoonline.com/article/3025315/cisos-should-take-security-training-seriously.html