The human factor is often considered the greatest vulnerability in an organization’s cybersecurity strategy.

According to various studies, a large majority of cybersecurity incidents are attributable to human errors. One study indicates that 46% of hacking incidents and cybersecurity breaches result from negligence or lack of employee training. Furthermore, a report reveals that 82% of IT security breaches stem from stolen user credentials, phishing, misuse, or simply errors.

To mitigate risks associated with the human factor, it is essential to raise awareness and train employees in cybersecurity best practices. Awareness programs can help employees recognize phishing attempts and adopt secure behaviors. For example, targeted security awareness training can reduce human factors leading to security failures.

It is imperative that learners have the ability to apply and maintain over time the knowledge, skills, or strategies acquired in a specific context to other similar or different contexts or situations. This implies that learners do not merely memorize information but are capable of using it flexibly and adaptively in new situations. A matrix of transfer characterization indicators in the form of an illustrated fact sheet, disseminated on platforms like PEAC²H, can be used to assess this learning transfer.