I think this is a really common complaint throughout the industry of late, Mark.
KnowBe4 have a very mature offering - so the phishing tool is great, etc but the training… well, the training is also “mature” … and not in a good way.
Most security awareness training has, over the years, purely been aimed at IT Directors, CISOs etc and what they think it should look like. Without wanting this to sound like a plug (honest), that’s why I set up The Defence Works in the first place - to try and deliver something different. We recently were named as the only innovator in our sector in a research report, but I think that’s because we’re one of the few companies actually focusing on the employee as part of the whole process.
This isn’t about what the organisations wants, it isn’t about what the IT Director wants - it’s about the employees. What gets them interested, engaged, etc?
We’re creating brand-new content every single month - and not just content for the sake of it, but properly interactive and engaging content, with our in-house illustrators, sourcing BBC-Comedy writers etc. I won’t lie, it’s a huge commitment and we’re still a small (growing) team, but the response from the marketplace to our different approach has been overwhelming.
Ok, so - maybe this did turn into a bit of a plug, but it wasn’t meant to be. We’ve even offered some of our content out for free, because we’re proper nice n’that: