{"id":40783,"date":"2026-04-23T14:26:59","date_gmt":"2026-04-23T12:26:59","guid":{"rendered":"https:\/\/smartfense.com\/?p=40783"},"modified":"2026-04-23T15:33:27","modified_gmt":"2026-04-23T13:33:27","slug":"awareness-program-measuring-what-matters","status":"publish","type":"post","link":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/","title":{"rendered":"Is your awareness program measuring what matters?"},"content":{"rendered":"<p>Nine out of ten awareness reports I see start in the exact same place: <strong>the phishing simulation click rate<\/strong>. Down from last quarter, up, flat. It gets presented on a slide with a big percentage, a green or red color, and an implicit takeaway: \u201cwe\u2019re doing fine\u201d or \u201cwe\u2019re not.\u201d<\/p>\n<p>And with that, the security meeting moves on.<\/p>\n<p>The problem is that this metric, <strong>on its own, says almost nothing about the real state of your awareness program<\/strong>. According to the <a href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/\">Verizon DBIR 2025<\/a>, roughly 60% of confirmed breaches involve a human action: a click, a social engineering call, sending data to the wrong recipient. If human risk still accounts for more than half of incidents, is the click rate alone enough to tell whether your program is working?<\/p>\n<p>It\u2019s like assessing someone\u2019s health by measuring only their temperature. It can be a useful data point, but if it\u2019s the only thing you look at, you\u2019ll draw dangerously incomplete conclusions.<\/p>\n<h2>What does the click rate actually measure?<\/h2>\n<p>The click rate measures how many users clicked a link inside a phishing simulation. Nothing more, nothing less.<\/p>\n<p>It doesn\u2019t measure whether users learned anything. It doesn\u2019t measure whether they changed their behavior outside the simulation. It doesn\u2019t measure whether your organization is safer than it was six months ago. <strong>It measures one specific action, at one specific moment, against one specific scenario.<\/strong><\/p>\n<p>On top of that, this metric is extremely sensitive to factors that have nothing to do with your users\u2019 awareness levels:<\/p>\n<ul>\n<li><strong>Simulation difficulty.<\/strong> A phishing email impersonating the CEO with internal context will get more clicks than a generic \u201cupdate your password\u201d message. If you sent an easy one and the rate dropped, it\u2019s not because users got better. It\u2019s because the phishing was more obvious.<\/li>\n<li><strong><a href=\"https:\/\/smartfense.com\/en\/blog\/false-positives-in-simulations-origin-and-solutions\/\">False positives<\/a>.<\/strong> Security tools, sandboxes, and bots that interact with links before users do. If you don\u2019t filter them out, your metrics are contaminated with noise that doesn\u2019t represent human behavior.<\/li>\n<li><strong>Send timing.<\/strong> A Monday at 9 a.m. doesn\u2019t produce the same results as a Friday at 5 p.m. And that doesn\u2019t reflect differences in awareness, just in available attention.<\/li>\n<\/ul>\n<p>Some organizations <a href=\"https:\/\/smartfense.com\/en\/blog\/best-practices-in-creating-phishing-simulation-campaigns\/\">spend weeks preparing the perfect simulation<\/a> and then put all their attention on that single metric. It\u2019s like training for a marathon and only timing the first kilometer.<\/p>\n<h2>Which metrics reflect real behavior change?<\/h2>\n<p>If what you\u2019re after is evidence that your awareness program is driving sustained behavior change, which is, ultimately, the real goal, you need to look at a broader set of indicators. None is perfect on its own, but <strong>combined they tell a much more complete story<\/strong>.<\/p>\n<p><strong>Phishing report rate.<\/strong> Of all available metrics, this is probably the most underrated. A user who <a href=\"https:\/\/smartfense.com\/blog\/fusion-herramientas-tecnicas-cultura-segura-menor-impacto-del-phishing\/\">reports a suspicious email<\/a> is showing active behavior: they didn\u2019t just spot the threat, they did something about it. That\u2019s secure culture in action.<\/p>\n<p><strong>Time to first report.<\/strong> It\u2019s not enough for users to report; it matters when they do. If the first report arrives within minutes, the organization has a real window to react. If it arrives three days later, the damage from an actual attack would already be done. This metric measures collective response speed.<\/p>\n<p><strong>Repeat-offender rate.<\/strong> Are the same users falling for the same persuasion techniques over and over? Or are they improving over time? The repeat-offender rate shows whether awareness actions are having an effect on the users who need it most. A program that doesn\u2019t move this metric has a design problem, not a user problem.<\/p>\n<p><strong>Correlation between awareness and simulation.<\/strong> This metric crosses two dimensions: what users know (assessed through awareness content) with what users do (measured in simulations). If a user completed every module but still falls for simulations, there\u2019s a gap between knowledge and behavior. If another completed nothing but reports correctly, there\u2019s a survivorship bias. <a href=\"https:\/\/smartfense.com\/blog-partners\/decisiones-basadas-en-datos-reales-con-el-nuevo-reporte-de-correlacion\/\">Correlation reports<\/a> let you spot these patterns and act on them.<\/p>\n<p><strong>Real program coverage.<\/strong> What percentage of users is actually exposed to the awareness program? Not those who received an email, but those who completed the content and participated in simulations. A program with a 95% open rate but 30% completion has an engagement problem the click rate won\u2019t show you.<\/p>\n<h2>The mistake of comparing yourself to others<\/h2>\n<p>There\u2019s a frequent temptation among CISOs: hunt for an external benchmark to decide whether their click rate is \u201cnormal.\u201d If my organization is at 15% and the industry average is 20%, am I doing fine?<\/p>\n<p>Not necessarily. And <a href=\"https:\/\/smartfense.com\/en\/blog\/benchmarking-in-security-awareness\/\">we\u2019ve analyzed this before<\/a>: external benchmarking in awareness is, in most cases, misleading. There are too many variables (organization size, industry, program maturity, simulation difficulty, filtering tools, send frequency) for a direct comparison to carry real meaning.<\/p>\n<p><strong>The only benchmarking that counts is the one you run against yourself, period over period.<\/strong> Did the report rate improve? Did the repeat-offender rate drop? Did time to first report shrink? Those internal trends, measured consistently, are what actually speak to your program\u2019s effectiveness.<\/p>\n<h2>How to build a dashboard that tells the full story<\/h2>\n<p>If I had to recommend a minimum dashboard to present to leadership, I\u2019d include these indicators:<\/p>\n<ul>\n<li><strong>Click rate by scenario type<\/strong>: not a global average, but segmented by persuasion technique (urgency, authority, reward). This shows where the real vulnerabilities are.<\/li>\n<li><strong>Report rate and time to first report<\/strong>: the metric that demonstrates active behavior and response capability.<\/li>\n<li><strong>Repeat-offender rate<\/strong>: users who fall more than once for the same scenario type. This pinpoints where to focus interventions.<\/li>\n<li><strong>Awareness-simulation correlation<\/strong>: to show whether training actions are (or aren\u2019t) impacting observable behavior.<\/li>\n<li><strong>Program coverage<\/strong>: percentage of users who actually participated, not just those reached.<\/li>\n<\/ul>\n<p>What I\u2019d leave out: global averages without context, comparisons with other organizations, and any metric you can\u2019t tie to a concrete improvement action.<\/p>\n<p>Platforms like <a href=\"https:\/\/smartfense.com\/en\/platform\/smartfense-contents\/\">SMARTFENSE<\/a> let you consolidate these metrics in one place, correlating awareness actions with simulation outcomes and reporting behavior. That turns scattered data into an actionable view of human risk.<\/p>\n<h2>Measuring well matters as much as raising awareness well<\/h2>\n<p>The click rate isn\u2019t a bad metric. It\u2019s an incomplete one. The problem shows up when it becomes the only lens through which we evaluate an awareness program.<\/p>\n<p>A mature program measures behaviors, not just point-in-time actions. It measures its own trends, not someone else\u2019s averages. And it measures the impact of its interventions, not just exposure to them.<\/p>\n<p>If your next awareness report is going to start with the click rate, at least make sure it doesn\u2019t end there.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Phishing click rate alone doesn&#8217;t measure an awareness program. Which metrics reflect real behavior change and a secure culture.<\/p>\n","protected":false},"author":2,"featured_media":40560,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3,686],"tags":[435,454,849,448,577,433,534],"class_list":{"0":"post-40783","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","6":"hentry","7":"category-blog","9":"tag-behavioral-change","10":"tag-ciso-en","11":"tag-phishing-en","12":"tag-security-awareness","13":"tag-security-manager","14":"tag-training-and-awareness","15":"tag-user-hardening"},"acf":[],"yoast_head":" \n<title>Security awareness metrics: are you measuring what matters?<\/title>\n<meta name=\"description\" content=\"Phishing click rate alone doesn&#039;t measure an awareness program. Which metrics reflect real behavior change and a secure culture.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security awareness metrics: are you measuring what matters?\" \/>\n<meta property=\"og:description\" content=\"Phishing click rate alone doesn&#039;t measure an awareness program. Which metrics reflect real behavior change and a secure culture.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/\" \/>\n<meta property=\"og:site_name\" content=\"SMARTFENSE\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-23T12:26:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-23T13:33:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/smartfense.com\/file\/2026\/04\/hero.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1376\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Nicol\u00e1s Bruna\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Nicol\u00e1s Bruna\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/\"},\"author\":{\"name\":\"Nicol\u00e1s Bruna\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/person\\\/5494c12e79213c554fa449135589c24c\"},\"headline\":\"Is your awareness program measuring what matters?\",\"datePublished\":\"2026-04-23T12:26:59+00:00\",\"dateModified\":\"2026-04-23T13:33:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/\"},\"wordCount\":1114,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/hero.jpg\",\"keywords\":[\"behavioral change\",\"ciso\",\"phishing\",\"security awareness\",\"security manager\",\"training and awareness\",\"user hardening\"],\"articleSection\":[\"Blog\",\"Blog\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/\",\"name\":\"Security awareness metrics: are you measuring what matters?\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/hero.jpg\",\"datePublished\":\"2026-04-23T12:26:59+00:00\",\"dateModified\":\"2026-04-23T13:33:27+00:00\",\"description\":\"Phishing click rate alone doesn't measure an awareness program. Which metrics reflect real behavior change and a secure culture.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/#primaryimage\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/hero.jpg\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/hero.jpg\",\"width\":1376,\"height\":768,\"caption\":\"Una mano sosteniendo una pieza de rompecabezas frente a cientos de piezas dispersas sobre una mesa de reuniones, representando la insuficiencia de medir con un solo indicador\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/awareness-program-measuring-what-matters\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Is your awareness program measuring what matters?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\",\"name\":\"SMARTFENSE - Concienciaci\u00f3n en Ciberseguridad\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/smartfense.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\",\"name\":\"SMARTFENSE\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-smartfense-240x40-1.png\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-smartfense-240x40-1.png\",\"width\":241,\"height\":40,\"caption\":\"SMARTFENSE\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/person\\\/5494c12e79213c554fa449135589c24c\",\"name\":\"Nicol\u00e1s Bruna\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g\",\"caption\":\"Nicol\u00e1s Bruna\"},\"description\":\"Product Manager de SMARTFENSE. Su misi\u00f3n en la empresa es mejorar la plataforma d\u00eda a d\u00eda y evangelizar sobre la importancia de la concientizaci\u00f3n. Ha escrito dos whitepapers y m\u00e1s de 150 art\u00edculos sobre gesti\u00f3n del riesgo de la ingenier\u00eda social, creaci\u00f3n de culturas seguras y cumplimiento de normativas. Tambi\u00e9n es uno de los autores de la Gu\u00eda de Ransomware de OWASP y el Calculador de costos de Ransomware, entre otros recursos gratuitos.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/nicolasbruna\\\/\"],\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/author\\\/nicolas\\\/\"}]}<\/script>\n ","yoast_head_json":{"title":"Security awareness metrics: are you measuring what matters?","description":"Phishing click rate alone doesn't measure an awareness program. Which metrics reflect real behavior change and a secure culture.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/","og_locale":"en_US","og_type":"article","og_title":"Security awareness metrics: are you measuring what matters?","og_description":"Phishing click rate alone doesn't measure an awareness program. Which metrics reflect real behavior change and a secure culture.","og_url":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/","og_site_name":"SMARTFENSE","article_published_time":"2026-04-23T12:26:59+00:00","article_modified_time":"2026-04-23T13:33:27+00:00","og_image":[{"width":1376,"height":768,"url":"https:\/\/smartfense.com\/file\/2026\/04\/hero.jpg","type":"image\/jpeg"}],"author":"Nicol\u00e1s Bruna","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Nicol\u00e1s Bruna","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/#article","isPartOf":{"@id":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/"},"author":{"name":"Nicol\u00e1s Bruna","@id":"https:\/\/smartfense.com\/en\/#\/schema\/person\/5494c12e79213c554fa449135589c24c"},"headline":"Is your awareness program measuring what matters?","datePublished":"2026-04-23T12:26:59+00:00","dateModified":"2026-04-23T13:33:27+00:00","mainEntityOfPage":{"@id":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/"},"wordCount":1114,"commentCount":0,"publisher":{"@id":"https:\/\/smartfense.com\/en\/#organization"},"image":{"@id":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/#primaryimage"},"thumbnailUrl":"https:\/\/smartfense.com\/file\/2026\/04\/hero.jpg","keywords":["behavioral change","ciso","phishing","security awareness","security manager","training and awareness","user hardening"],"articleSection":["Blog","Blog"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/","url":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/","name":"Security awareness metrics: are you measuring what matters?","isPartOf":{"@id":"https:\/\/smartfense.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/#primaryimage"},"image":{"@id":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/#primaryimage"},"thumbnailUrl":"https:\/\/smartfense.com\/file\/2026\/04\/hero.jpg","datePublished":"2026-04-23T12:26:59+00:00","dateModified":"2026-04-23T13:33:27+00:00","description":"Phishing click rate alone doesn't measure an awareness program. Which metrics reflect real behavior change and a secure culture.","breadcrumb":{"@id":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/#primaryimage","url":"https:\/\/smartfense.com\/file\/2026\/04\/hero.jpg","contentUrl":"https:\/\/smartfense.com\/file\/2026\/04\/hero.jpg","width":1376,"height":768,"caption":"Una mano sosteniendo una pieza de rompecabezas frente a cientos de piezas dispersas sobre una mesa de reuniones, representando la insuficiencia de medir con un solo indicador"},{"@type":"BreadcrumbList","@id":"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/smartfense.com\/en\/"},{"@type":"ListItem","position":2,"name":"Is your awareness program measuring what matters?"}]},{"@type":"WebSite","@id":"https:\/\/smartfense.com\/en\/#website","url":"https:\/\/smartfense.com\/en\/","name":"SMARTFENSE - Concienciaci\u00f3n en Ciberseguridad","description":"","publisher":{"@id":"https:\/\/smartfense.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/smartfense.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/smartfense.com\/en\/#organization","name":"SMARTFENSE","url":"https:\/\/smartfense.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/smartfense.com\/file\/2023\/08\/logo-smartfense-240x40-1.png","contentUrl":"https:\/\/smartfense.com\/file\/2023\/08\/logo-smartfense-240x40-1.png","width":241,"height":40,"caption":"SMARTFENSE"},"image":{"@id":"https:\/\/smartfense.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/smartfense.com\/en\/#\/schema\/person\/5494c12e79213c554fa449135589c24c","name":"Nicol\u00e1s Bruna","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g","caption":"Nicol\u00e1s Bruna"},"description":"Product Manager de SMARTFENSE. Su misi\u00f3n en la empresa es mejorar la plataforma d\u00eda a d\u00eda y evangelizar sobre la importancia de la concientizaci\u00f3n. Ha escrito dos whitepapers y m\u00e1s de 150 art\u00edculos sobre gesti\u00f3n del riesgo de la ingenier\u00eda social, creaci\u00f3n de culturas seguras y cumplimiento de normativas. Tambi\u00e9n es uno de los autores de la Gu\u00eda de Ransomware de OWASP y el Calculador de costos de Ransomware, entre otros recursos gratuitos.","sameAs":["https:\/\/www.linkedin.com\/in\/nicolasbruna\/"],"url":"https:\/\/smartfense.com\/en\/author\/nicolas\/"}]}},"_links":{"self":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/40783","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/comments?post=40783"}],"version-history":[{"count":3,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/40783\/revisions"}],"predecessor-version":[{"id":40800,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/40783\/revisions\/40800"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/media\/40560"}],"wp:attachment":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/media?parent=40783"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/categories?post=40783"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/tags?post=40783"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}