Testing your security culture

OKR Framework - Security Culture

Repeat Offender Framework

Respect voluntary disclosures

Remedial Training Accountability Schedule

Bug Bounty Program

You’re teaching too many red flags in email-based phishing awareness training

Repeat offenders - security policy violations and phishing test failures

Common causes of phishing timestamp discrepancies

Handling users which claim they didn’t actually “click”

Threat intelligence for awareness content

Employee vs. employee phishing competition gamification

CISO Not Supportive of Awareness Program

Email subject line tags

Resistant to change employees

Human Resources (HR) Expectations

Naming your Slack or Viva Security Awareness Community

Asked to make presentations on pointless topics like network segmentation

LMS Choice (Content Hosting tool)

Town Hall or Webinar Topic