Meaning, employees who are unaware of (or intentionally) committing these seven security blunders are significantly more likely to assist or accelerate cyber attack against your company:
The cost of ignoring these ‘sins’ is steep. A successful cyber attack in 2019 is over $5 million USD on average, or around $301 per employee (ponemon). Coupled with the fact that people are now 20x more likely to be robbed at their computers by a cyber criminal than to be held up in the street, the urgency becomes all the more real for people to become situationally aware of current and emerging threats before it's too late.
Traditionally, the reaction by security awareness program owners has been some form of blame-and-train. But better program design means taking responsibility for any resistance and instead choosing to influence culture change through non-punitive action steps. Sustaining culture change requires understanding not just behavior, but also the identity and motivation behind each decision made.