{"id":43095,"date":"2026-07-01T11:35:17","date_gmt":"2026-07-01T09:35:17","guid":{"rendered":"https:\/\/smartfense.com\/?p=43095"},"modified":"2026-07-01T12:13:09","modified_gmt":"2026-07-01T10:13:09","slug":"iso-27001-2022-control-6-3-awareness","status":"publish","type":"post","link":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/","title":{"rendered":"What ISO 27001:2022 control 6.3 requires on awareness and how to prove it"},"content":{"rendered":"<p>The October 2022 revision of ISO\/IEC 27001 fully reorganized Annex A, and the window for certified organizations to migrate from the 2013 version closed on 31 October 2025. Anyone certifying or renewing today does so on the new version. In that reorganization, the awareness control changed its number, its grouping and, above all, its evidentiary bar.<\/p>\n<p>This piece does not explain what ISO 27001 is or how to get certified. It assumes you already have that covered. It focuses on something narrower, namely what control 6.3 says about staff awareness, what changed compared to 2013, and what an organization has to be able to show once the auditor starts asking for evidence.<\/p>\n<h2>What does control 6.3 of ISO 27001:2022 require on awareness?<\/h2>\n<p>Control 6.3 of Annex A, \u00abInformation security awareness, education and training\u00bb, requires that all of the organization\u2019s personnel (and, where relevant, the third parties involved) receive adequate, up-to-date training on the security policies and on their role within them. It sits inside the People theme, one of the four groupings of the new standard.<\/p>\n<p>The weight is carried by three words in the wording. \u00abAdequate\u00bb means the content has to match each person\u2019s function and the real risks of the role, not a generic syllabus. \u00abUp-to-date\u00bb means the training keeps pace with changes in policies and in the threat landscape. And \u00aball personnel\u00bb closes the door on programs that only reach part of the workforce. The control describes a living process, sustained over time and revisited whenever the context changes.<\/p>\n<p>The 6.3 does not stand alone either. It rests on control 6.2, which governs the terms and conditions of employment, and on the security policies that management approves under control 5.1. Training is the mechanism by which those policies stop being a document and become behavior. An auditor reviewing 6.3 almost always checks, in parallel, that there is a policy the training refers to and that the policy is current.<\/p>\n<h2>Who is covered by control 6.3 training?<\/h2>\n<p>All of the organization\u2019s personnel, regardless of function or seniority, and third parties with access to information or systems where that access warrants it. The control does not allow the logic of training only the technical teams or those who handle sensitive data. Awareness is understood as a layer of protection that covers the entire organization.<\/p>\n<p>Three groups are worth treating separately, because they are the ones the auditor reviews in most detail. General staff need a common baseline on policies, common threats and how to report an incident. Higher-exposure roles, such as systems administration, finance or customer service, require content specific to the risks of their function. And management falls into a category of its own, because it approves the policies and answers for them, so its training has to go beyond the general message. Leaving the leadership layer out of the program is one of the gaps an audit detects fastest.<\/p>\n<h2>What changed between ISO 27001:2013 and the 2022 version on awareness?<\/h2>\n<p>The underlying requirement did not transform, but its placement and its reading did. In 2013, awareness lived in control A.7.2.2, within a domain dedicated to human resources. In 2022 it became control 6.3 of the People theme, a reorganization that brings it closer to other controls on behavior and individual responsibility.<\/p>\n<table>\n<thead>\n<tr>\n<th>Aspect<\/th>\n<th>ISO 27001:2013<\/th>\n<th>ISO 27001:2022<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Awareness control<\/td>\n<td>A.7.2.2<\/td>\n<td>6.3<\/td>\n<\/tr>\n<tr>\n<td>Grouping<\/td>\n<td>Domain 7, human resource security<\/td>\n<td>People theme<\/td>\n<\/tr>\n<tr>\n<td>Total Annex A controls<\/td>\n<td>114<\/td>\n<td>93 (11 of them new)<\/td>\n<\/tr>\n<tr>\n<td>Annex A structure<\/td>\n<td>14 domains<\/td>\n<td>4 themes<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>The change that matters most for an awareness program is not in the text of 6.3, but in the context. The 2022 version added new controls oriented toward conduct and the use of technology, and that raises the auditor\u2019s expectation of what \u00abraising awareness\u00bb means. Showing that people know is no longer enough when the standard, as a whole, turns toward being able to show that people act differently.<\/p>\n<h2>How is compliance with control 6.3 evidenced in an audit?<\/h2>\n<p>An auditor is not satisfied with seeing that a course exists. It asks for a trail. The evidence that supports control 6.3 usually rests on these elements:<\/p>\n<ul>\n<li>A record of who received training, when and on what, covering the whole workforce and not a sample.<\/li>\n<li>Content explicitly tied to the organization\u2019s policies and to the risks of each function.<\/li>\n<li>A defined cadence sustained over time, not a single course at the moment of onboarding.<\/li>\n<li>Proof of comprehension, such as assessments or simulation results, that goes beyond mere attendance.<\/li>\n<li>Evidence that management and the highest-exposure profiles received training matched to their responsibility.<\/li>\n<\/ul>\n<p>The weakest point is almost always the same: the organization has the activity, but it does not have the traceability. That is why it pays to design the program from the start around what data will be recorded, an idea we develop in <a href=\"https:\/\/smartfense.com\/en\/blog\/awareness-program-measuring-what-matters\/\">whether your awareness program is measuring what matters<\/a>. The same evidence principle appears in other European regulations, such as the training obligations set out in the <a href=\"https:\/\/smartfense.com\/en\/blog\/nis2-security-awareness-compliance-deep-dive\/\">NIS2 Directive<\/a>.<\/p>\n<h2>How does a modern awareness program meet control 6.3?<\/h2>\n<p>Meeting 6.3 with an annual talk and a sign-in sheet is possible on paper, but it leaves the organization exposed the day the auditor pulls on the traceability thread. A program that complies without trouble shares a few traits: it is continuous rather than one-off, it segments content by role and by risk, it combines formats to hold attention, and it automatically records every interaction to turn it into evidence.<\/p>\n<p>Phishing simulations play a double role here. On one hand they train the workforce\u2019s reflex against a realistic attack; on the other, they generate the behavioral data an auditor values more than any sign-in sheet, because it shows how people react and not just what they were told. That progression measured over time is the most solid answer to whether the program changes anything.<\/p>\n<p>That automation is what separates complying from being able to prove it. SMARTFENSE, as an awareness platform present across LATAM and Spain, is built around that idea: every simulation, every piece of content delivered and every assessment is recorded and available as auditable proof, without the security team having to rebuild the trail by hand before each audit. Control 6.3 stops being a race against the clock and becomes a report that already exists. You can see how it works in the <a href=\"https:\/\/smartfense.com\/en\/platform\/\">SMARTFENSE awareness platform<\/a>.<\/p>\n<p>Awareness stopped being internal communication the day the standard turned it into an auditable control. The 2022 revision reinforced that premise by surrounding 6.3 with controls on conduct. In front of an audit, what counts is the evidence the program can put on the table, and there traceability weighs more than the number of hours delivered.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Control 6.3 of ISO 27001:2022 turns awareness into an auditable control. What it requires, what changed since 2013, and how you prove it in an audit.<\/p>\n","protected":false},"author":31,"featured_media":43111,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3,686],"tags":[1362,456,2063,448],"class_list":["post-43095","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-cumplimiento-normativo-en","tag-cyber-security","tag-riesgo-humano","tag-security-awareness"],"acf":[],"yoast_head":" \n<title>ISO 27001:2022 control 6.3: awareness and evidence<\/title>\n<meta name=\"description\" content=\"Control 6.3 of ISO 27001:2022 turns awareness into an auditable control. What it requires, what changed since 2013, and how you prove it in an audit.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ISO 27001:2022 control 6.3: awareness and evidence\" \/>\n<meta property=\"og:description\" content=\"Control 6.3 of ISO 27001:2022 turns awareness into an auditable control. What it requires, what changed since 2013, and how you prove it in an audit.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/\" \/>\n<meta property=\"og:site_name\" content=\"SMARTFENSE\" \/>\n<meta property=\"article:published_time\" content=\"2026-07-01T09:35:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-07-01T10:13:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/smartfense.com\/file\/2026\/06\/hero-25.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1376\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Andrea Sona\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Andrea Sona\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/\"},\"author\":{\"name\":\"Andrea Sona\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/person\\\/3d5d7dc2e569f5c1af2daef92f35de00\"},\"headline\":\"What ISO 27001:2022 control 6.3 requires on awareness and how to prove it\",\"datePublished\":\"2026-07-01T09:35:17+00:00\",\"dateModified\":\"2026-07-01T10:13:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/\"},\"wordCount\":1092,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/hero-25.jpg\",\"keywords\":[\"Cumplimiento Normativo\",\"cyber security\",\"riesgo humano\",\"security awareness\"],\"articleSection\":[\"Blog\",\"Blog\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/\",\"name\":\"ISO 27001:2022 control 6.3: awareness and evidence\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/hero-25.jpg\",\"datePublished\":\"2026-07-01T09:35:17+00:00\",\"dateModified\":\"2026-07-01T10:13:09+00:00\",\"description\":\"Control 6.3 of ISO 27001:2022 turns awareness into an auditable control. What it requires, what changed since 2013, and how you prove it in an audit.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/#primaryimage\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/hero-25.jpg\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/hero-25.jpg\",\"width\":1376,\"height\":768,\"caption\":\"Pasillo de un archivo moderno ba\u00f1ado por luz c\u00e1lida de media tarde, con largas filas de carpetas y cajones etiquetados perfectamente ordenados, que transmite trazabilidad y registro completo\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/iso-27001-2022-control-6-3-awareness\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What ISO 27001:2022 control 6.3 requires on awareness and how to prove it\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\",\"name\":\"SMARTFENSE - Concienciaci\u00f3n en Ciberseguridad\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/smartfense.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\",\"name\":\"SMARTFENSE\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-smartfense-240x40-1.png\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-smartfense-240x40-1.png\",\"width\":241,\"height\":40,\"caption\":\"SMARTFENSE\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/person\\\/3d5d7dc2e569f5c1af2daef92f35de00\",\"name\":\"Andrea Sona\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/andrea-sona-avatar-150x150.png\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/andrea-sona-avatar-150x150.png\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/andrea-sona-avatar-150x150.png\",\"caption\":\"Andrea Sona\"},\"description\":\"Da anni nel settore informatico, Analista Informatica di professione, negli ultimi anni specializzata in cybersecurity awareness e formazione digitale, attualmente collaborando in SMARTFENSE. Con esperienza nel supportare aziende e organizzazioni nella diffusione della cultura della sicurezza informatica. Appassionata di innovazione e comunicazione tecnologica, contribuisce attivamente al dibattito sulla sicurezza digitale attraverso contenuti divulgativi.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/andrea-sona-58238b83\\\/\"],\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/author\\\/andrea-sona\\\/\"}]}<\/script>\n ","yoast_head_json":{"title":"ISO 27001:2022 control 6.3: awareness and evidence","description":"Control 6.3 of ISO 27001:2022 turns awareness into an auditable control. What it requires, what changed since 2013, and how you prove it in an audit.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/","og_locale":"en_US","og_type":"article","og_title":"ISO 27001:2022 control 6.3: awareness and evidence","og_description":"Control 6.3 of ISO 27001:2022 turns awareness into an auditable control. What it requires, what changed since 2013, and how you prove it in an audit.","og_url":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/","og_site_name":"SMARTFENSE","article_published_time":"2026-07-01T09:35:17+00:00","article_modified_time":"2026-07-01T10:13:09+00:00","og_image":[{"width":1376,"height":768,"url":"https:\/\/smartfense.com\/file\/2026\/06\/hero-25.jpg","type":"image\/jpeg"}],"author":"Andrea Sona","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Andrea Sona","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/#article","isPartOf":{"@id":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/"},"author":{"name":"Andrea Sona","@id":"https:\/\/smartfense.com\/en\/#\/schema\/person\/3d5d7dc2e569f5c1af2daef92f35de00"},"headline":"What ISO 27001:2022 control 6.3 requires on awareness and how to prove it","datePublished":"2026-07-01T09:35:17+00:00","dateModified":"2026-07-01T10:13:09+00:00","mainEntityOfPage":{"@id":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/"},"wordCount":1092,"commentCount":0,"publisher":{"@id":"https:\/\/smartfense.com\/en\/#organization"},"image":{"@id":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/#primaryimage"},"thumbnailUrl":"https:\/\/smartfense.com\/file\/2026\/06\/hero-25.jpg","keywords":["Cumplimiento Normativo","cyber security","riesgo humano","security awareness"],"articleSection":["Blog","Blog"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/","url":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/","name":"ISO 27001:2022 control 6.3: awareness and evidence","isPartOf":{"@id":"https:\/\/smartfense.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/#primaryimage"},"image":{"@id":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/#primaryimage"},"thumbnailUrl":"https:\/\/smartfense.com\/file\/2026\/06\/hero-25.jpg","datePublished":"2026-07-01T09:35:17+00:00","dateModified":"2026-07-01T10:13:09+00:00","description":"Control 6.3 of ISO 27001:2022 turns awareness into an auditable control. What it requires, what changed since 2013, and how you prove it in an audit.","breadcrumb":{"@id":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/#primaryimage","url":"https:\/\/smartfense.com\/file\/2026\/06\/hero-25.jpg","contentUrl":"https:\/\/smartfense.com\/file\/2026\/06\/hero-25.jpg","width":1376,"height":768,"caption":"Pasillo de un archivo moderno ba\u00f1ado por luz c\u00e1lida de media tarde, con largas filas de carpetas y cajones etiquetados perfectamente ordenados, que transmite trazabilidad y registro completo"},{"@type":"BreadcrumbList","@id":"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/smartfense.com\/en\/"},{"@type":"ListItem","position":2,"name":"What ISO 27001:2022 control 6.3 requires on awareness and how to prove it"}]},{"@type":"WebSite","@id":"https:\/\/smartfense.com\/en\/#website","url":"https:\/\/smartfense.com\/en\/","name":"SMARTFENSE - Concienciaci\u00f3n en Ciberseguridad","description":"","publisher":{"@id":"https:\/\/smartfense.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/smartfense.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/smartfense.com\/en\/#organization","name":"SMARTFENSE","url":"https:\/\/smartfense.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/smartfense.com\/file\/2023\/08\/logo-smartfense-240x40-1.png","contentUrl":"https:\/\/smartfense.com\/file\/2023\/08\/logo-smartfense-240x40-1.png","width":241,"height":40,"caption":"SMARTFENSE"},"image":{"@id":"https:\/\/smartfense.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/smartfense.com\/en\/#\/schema\/person\/3d5d7dc2e569f5c1af2daef92f35de00","name":"Andrea Sona","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/file\/2026\/05\/andrea-sona-avatar-150x150.png","url":"https:\/\/smartfense.com\/file\/2026\/05\/andrea-sona-avatar-150x150.png","contentUrl":"https:\/\/smartfense.com\/file\/2026\/05\/andrea-sona-avatar-150x150.png","caption":"Andrea Sona"},"description":"Da anni nel settore informatico, Analista Informatica di professione, negli ultimi anni specializzata in cybersecurity awareness e formazione digitale, attualmente collaborando in SMARTFENSE. Con esperienza nel supportare aziende e organizzazioni nella diffusione della cultura della sicurezza informatica. Appassionata di innovazione e comunicazione tecnologica, contribuisce attivamente al dibattito sulla sicurezza digitale attraverso contenuti divulgativi.","sameAs":["https:\/\/www.linkedin.com\/in\/andrea-sona-58238b83\/"],"url":"https:\/\/smartfense.com\/en\/author\/andrea-sona\/"}]}},"_links":{"self":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/43095","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/comments?post=43095"}],"version-history":[{"count":9,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/43095\/revisions"}],"predecessor-version":[{"id":43175,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/43095\/revisions\/43175"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/media\/43111"}],"wp:attachment":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/media?parent=43095"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/categories?post=43095"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/tags?post=43095"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}