I just got my hands on the newest CrowdStrike first half year report 2020. I always read these reports carefully, since they describe what their incident response team (Overwatch) finds and catalogues. The team uses 3 different terms when cataloging:

Awareness training in cybersecurity is often the equivalent of telling road users to be careful. It is a good idea, but it will have limited impact. On the road, we have rules such as please keep driving on the right, give space to people coming from the right and do not go faster than 50 km/h. Next to that, we have infrastructure to support the safe usage, like traffic lights, pedestrian crossings, and guardrails. And finally, we have legislation and enforcement by the police. Our society is aware off the fact these measures are all necessities to support safe road usage. In cybersecurity we need this as well. I call it Top Management Awareness.

As companies have moved to remote work during the pandemic and society increasingly relies on digital channels and online services, the importance of cybersecurity continues to grow. We have recently read news about a number of cyber attacks on organizations. Ransomware, in particular, has been a nuisance for companies both large and small. Not even critical infrastructure organizations, such as hospitals, have been safe.