Security awareness training has been widely adopted by companies but has not significantly reduced breaches, largely because it fails to keep pace with sophisticated, AI-driven, personalized phishing attacks. Experts argue that technology must do more to block threats before reaching employees, and training should be targeted, relevant, and supported by a positive security culture that encourages reporting mistakes rather than punishing them.
https://www.itweb.co.za/article/why-its-time-to-stop-blaming-staff-for-breaches/wbrpOqg2lYnMDLZn