Security awareness training is an important part of an organisation’s culture. The WannaCry attack is the latest example in a long line of cyber attacks that are making boards nervous. Even the benefits of a best-of-breed approach to security can be undone by one employee who falls for a social engineering attack. Security isnt just a business concern; most users are concerned with protecting their personal identity and assets, as well as the safety of their employees. Its not uncommon that after the training they ask how they can share the information they have learned about with their family and friends.”]
Source: https://informationsecuritybuzz.com/articles/hr-needs-care-security-training/