The behave hub > BLOG
29 September 2022
A lesson on security behaviors

It’s time you learnt your lesson about security behaviors

Assign all the traditional security awareness training you want. Your people will probably attend every session and tick all the right boxes, but their security behaviors won’t change.

But that doesn’t mean there’s anything wrong with the people. It just means traditional awareness training is ineffective.

In other words, your people aren’t the weakest link, your security solution is.

Keep reading, we’ll explain.

Oh, and if you don’t want to listen to us, maybe you’ll listen to your peers. Find out how they are reducing their human cyber risk at our free webinar, ‘Influencing specific security behaviors: Real-word examples’.

Join the conversation

Here’s an analogy

It’s the end of the school year. You’re a School Head. And all your students struggled with the practical. For the third year in a row.

“Well, see you all again next year.” You sigh, as you watch them spill out of the building.

They attend every class and pass every test, but they just can’t nail the practicals. You’ve tried everything: longer classes, assigning more homework, threatening them with detention, and even handing out copies of the latest edition textbook. Yet nothing changes.

It’s baffling.

You’ve tried everything.

Except changing the syllabus.

Now, an exercise

Raising security awareness is, undoubtedly, a good thing. But then what? What’s the point of raising awareness if you’re not reducing risk?

That’s what we at CybSafe have been asking for years. But we still haven’t gotten a good answer.

Probably because there isn’t one.

The truth is that traditional security awareness training is ineffective. And it doesn’t take much to figure that out. Doubtful? Evaluate your human layer security solution and try to answer these questions:

  1. Are you influencing security behaviors? How, and how many?
  2. Are you measuring your risk? How, how often, and how reliably?
  3. Are you reducing your human cyber risk? How do you know?

Finally, a case study

What’s a lesson without a case study?

If you’re wondering what a behavior-centered solution to human risk looks like, here it is:

CybSafe platform features include:

  • Behavior-focused reporting
  • Behavior goals
  • Behavior data integrations
  • Nudges and alerts
  • Behavior-focused learning
  • On demand help

We’ll look at how other organizations use CybSafe to help reduce human risk, during our free webinar, ‘Influencing specific security behaviors: Real-word examples’.

Get your copy here.

You may also like

September 15, 2025
Why “we already have that data” is bullsh*t

CybSafe’s CEO and founder Oz Alashe unpacks why your colleagues keep missing the point on behavioral risk – and what to do about it

September 15, 2025
What is Human Risk Management?

Human risk management (HRM) is a modern approach to solving workforce-related cyber challenges. It uses data to identify risky behaviors in real time and applies automated, personalized interventions to reduce the likelihood and impact of cyber incidents caused by people.

September 1, 2025
Security awareness/security culture/human risk management specific job titles

Behavioral security,
AI-powered

CybSafe is the adaptive Human Risk Management platform that helps security teams reduce risky behaviors at scale.

About
About usLatest releasesAbout Science & ResearchContact us
Other
Partner portalLegalCareersSupportCybStore
Copyright © 2025 CybSafe Ltd. All rights reserved.