Free download · PDF · 291 KB
Security Awareness Guide
2026
How to implement security awareness in your organisation? From tone at the top to NIS2 compliance evidence — everything in one practical guide by Alain Rees (Cyber Inc. B.V.).
- ✓ Threat landscape 2026: deepfakes, MFA fatigue, AI attacks
- ✓ NIS2, Cbw, DORA and EU AI Act — how everything connects
- ✓ Step-by-step campaign plan (from baseline to KPI)
- ✓ Phishing simulations, serious games and security ambassadors
- ✓ 8 real-world cases from healthcare, government, finance and more
- ✓ Reporting to management and regulators
Something went wrong. Please try again or email support@2lrn4.com.
security
awareness
What's in the guide
6 chapters, everything you need
Threat landscape 2026
Deepfakes, MFA fatigue, AI attacks and professionalised cybercrime — what your employees need to know now.
Regulations
NIS2, Cbw, DORA and EU AI Act in context: what is mandatory and how awareness fits in.
Implementation plan
From baseline measurement and campaign building to phishing simulations, serious games and security ambassadors.
Measure & report
KPI, KGI and KQI; benchmark with the outside world; quarterly report for management and regulators.
Real-world cases
8 stories from healthcare, government, finance and more — including deepfake CFO and 2:30am MFA storm.
Principles & lessons
11 practical principles from experienced security awareness professionals: begin with the end in mind.
Alain Rees is founder of Cyber Inc. B.V. and security awareness expert. He helps organisations across the Netherlands implement measurable, compliant and effective security awareness programmes via the 2LRN4 platform.