Security Awareness. PHOTO: Cybercrime Magazine.

Security Awareness Training Market To Hit $10 Billion Annually By 2027

SACBT solutions are a major growth driver Download Report

– Steve Morgan, Editor-in-Chief

Sausalito, Calif. – Apr. 17, 2023

As the damage caused by cybercrime continues to escalate, industry leaders are bolstering their efforts to combat the threat. Consequently, the demand for security awareness training will continue rising. Cybersecurity Ventures predicts the global security awareness training market will exceed $10 billion annually by 2027, up from around $5.6 billion in 2023, based on 15 percent year-over-year growth.

We’ve come a long way since 2014 when Gartner pegged the security awareness training market at around $1 billion in annual revenue worldwide, a fraction of where it is today.

Cybersecurity Ventures interviewed CISOs at more than a dozen large enterprises globally. We asked for their thoughts on cybercrime, cybersecurity, and specifically security awareness training. Their attitudes, which can be found in the report, reflect the spending climate around training employees on cyber safety.

“Security awareness and training is the most important thing a CISO is responsible for,” says Kathy Hughes, CISO at Northwell Health, New York’s largest healthcare system with 83,000 employees across nearly 200 sites. “For all the investment in security technologies that any company makes,” she added, “it just takes one person clicking on one link that bypasses all those technologies in order for an organization to really become crippled.”

“It’s a game of Whac-A-Mole,” says Erich Kron, Security Awareness Advocate & Technical Evangelist at KnowBe4, referring to the cat-and-mouse play between the cybercriminals and the cyberfighters. “We get better at defending, they get better at attacking.”

“We’ve just reached a point of maturity on both sides that’s pretty significant and there’s a lot of money involved,” Kron notes. He says that users have also upped their game and they know more about cyber threats than employees did a decade ago.

The tipping point for CISOs and security leaders is culture. Security culture is the ideas, customs, and social behaviors of an organization that influence their security. Download the Report.

Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.

Go here to read all of my blogs and articles covering cybersecurity. Go here to send me story tips, feedback and suggestions.

Sponsored by KnowBe4

KnowBe4 is the provider of the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering. We help you address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Tens of thousands of organizations like yours rely on us to mobilize your end users as your last line of defense.