2025
2024
Do one more thing right today. Subscribe to the Behave newsletter:
Tool or infrastructure? Why it matters for HRM Let’s be clear: Not all HRM software is the same. It sounds obvious, right? Yet many people miss the difference between HRM tools, and HRM infrastructure. And when it comes to compounding security gains and designing for outsized impact, the...
So, you've probably heard whispers (or maybe full-blown announcements!) about this thing called NIS2. But what exactly is the NIS2 Directive, and why should you care? Well, in a nutshell, it's a new set of rules from the EU designed to seriously beef up critical security infrastructure across...
The human side of cybersecurity is evolving. Fast.But there’s a good chance you might be stuck in the past. You probably have well-established views on security awareness, culture, and human risk.You genuinely believe they matter. But if we’re being honest - you mostly pay lip service to them. And...
Let’s start with a painful truth:Security awareness, culture, and human risk professionals are often undervalued. Despite the rising threat of human-enabled cyber attacks, many organizations still treat addressing the human aspect as a checkbox. A communications initiative. A nice-to-have....
Unfortunately, most security awareness professionals don’t really understand the difference between: ✅ Inputs✅ Outputs✅ Outcomes But they don’t want to admit it. And honestly? We get it. It’s like pretending to know the plot of Inception when deep down, you’re just as confused as everyone else. No...
“Humans are the weakest link.”“Security Awareness training = better behaviour”"If we can nail engagement, we’ll nail risk reduction.""Security Awareness is *actually* about so much more than awareness.”“Security culture is the golden ticket to risk reduction.”“Good communication, messaging,...