De ROI van Security Awareness Training: Hoe je de Business Case Maakt
Amir Azagouag
De ROI van Security Awareness Training: Hoe je de Business Case Maakt
"We hebben geen budget voor security awareness training."
Als CISO of security professional heb je deze zin waarschijnlijk vaker gehoord dan je lief is. Het management ziet security awareness vaak als een kostpost zonder meetbaar rendement - een "nice to have" die onderaan de prioriteitenlijst belandt.
Maar de realiteit is precies andersom: Security awareness training is een van de meest kosteneffectieve cybersecurity investeringen die een organisatie kan doen. Met een gemiddelde ROI van 300-500% en bewezen reductie van security incidenten met 60-85%, is de business case kristalhelder.
In deze comprehensive guide leer je hoe je de ROI berekent, welke metrics ertoe doen, en hoe je een overtuigende business case presenteert aan je board of management.
Waarom ROI van Security Awareness Vaak Onderschat Wordt
Het Probleem met Traditionele Security Investeringen
Bij technische security investeringen is de waarde relatief eenvoudig te begrijpen:
Firewall: "Blokkeert X aantal aanvallen per dag" → Duidelijke metrics Antivirus: "Detecteert Y malware samples" → Meetbare output SIEM: "Correleert Z events" → Concrete functionaliteit
Security awareness training:
- Output is gedragsverandering (moeilijker te meten)
- Impact is preventief (vermeden kosten zijn onzichtbaar)
- Resultaten zijn long-term (geen immediate ROI)
Het gevolg: Management ziet het als "soft skill training" in plaats van een critical security control.
De Verschuiving: Van Cost Center naar Profit Center
Traditionele mindset:
- Security awareness = compliance checkbox
- Eenmalige jaarlijkse training
- "Awareness can't be measured"
- Focus op kosten (€X per user)
Moderne mindset:
- Security awareness = risk reduction tool
- Continuous training programma
- Meetbare impact op incidents en costs
- Focus op ROI (€Y vermeden costs per €X investering)
De cijfers ondersteunen de verschuiving:
- Verizon DBIR 2024: 68% van breaches involve het menselijke element
- IBM Cost of Data Breach 2024: €178.000 gemiddelde kosten datalek Nederland
- Proofpoint Study 2024: Organisaties met mature awareness programma's hebben 70% minder succesvolle phishing attacks
- Forrester Research: Elke €1 in security awareness genereert €5+ in vermeden costs
De True Cost of Cyber Incidents
Om ROI te berekenen, moet je eerst begrijpen wat je probeert te voorkomen.
Gemiddelde Kosten van een Datalek (Nederland)
IBM Cost of Data Breach Report 2024 - Nederlandse cijfers:
Totale gemiddelde kosten: €178.000
Breakdown:
-
Detection en escalatie: €42.000 (24%)
- Forensic investigations
- Incident response team
- Security assessments
- Audit en logging analysis
-
Notificatie: €28.000 (16%)
- Legal fees
- Communicatie naar betrokkenen
- Regulatory compliance (AVG meldingen)
- Call center setup
-
Post-breach response: €54.000 (30%)
- Legal expenditures
- PR/crisis management
- Regulatory fines
- Identity protection services voor slachtoffers
-
Lost business: €54.000 (30%)
- Business disruption
- Revenue loss
- Customer acquisition costs (churn)
- Reputatie schade
Maar dit is het gemiddelde. Kosten variëren enorm:
Small breach (< 1.000 records): €50.000-€150.000 Medium breach (1.000-10.000 records): €150.000-€500.000 Large breach (10.000-100.000 records): €500.000-€2.000.000 Mega breach (> 100.000 records): €2.000.000-€50.000.000+
Specifieke Incident Kosten
Succesvolle phishing attack:
- Credential compromise: €15.000-€50.000
- Data exfiltration: €100.000-€500.000
- Ransomware deployment: €500.000-€2.000.000+
Business Email Compromise (BEC/CEO Fraud):
- Gemiddelde frauduleuze betaling: €125.000
- Met legal en recovery: €180.000-€350.000
Ransomware:
- Losgeld: €50.000-€5.000.000 (gemiddeld €350.000)
- Recovery costs: €100.000-€500.000
- Downtime: €50.000 per dag (21 dagen = €1.050.000)
- Total average: €1.500.000-€2.500.000
Insider threat (onbedoeld):
- Data leak via email error: €75.000-€200.000
- Misconfigured cloud storage: €100.000-€400.000
Hidden Costs (Vaak Vergeten)
Reputatie schade:
- Customer churn: 20-30% in first year
- Brand value impact: Moeilijk te kwantificeren, maar significant
- Competitive disadvantage
Operational impact:
- IT team time: Hundreds of hours @ €100-150/uur
- Business continuity disruption
- Lost productivity across organization
Long-term costs:
- Verhoogde cyberverzekering premies (50-200% increase)
- Additional security investments (vaak €200k-€1M post-breach)
- Regulatory scrutiny en future compliance costs
Employee morale:
- Stress en burnout van IT/security teams
- Potential turnover
- Recruitment costs voor vervanging
Example: Nederlandse MKB onderneming (150 medewerkers)
Scenario: Succesvolle phishing → BEC attack → €180.000 frauduleuze betaling
Visible costs:
- Frauduleuze betaling: €180.000 (onrecoverable)
- Legal fees: €25.000
- Forensics: €15.000
- Subtotal: €220.000
Hidden costs:
- IT team time: 200 uur × €125 = €25.000
- Management time: 100 uur × €150 = €15.000
- Lost productivity: €30.000
- Cyberverzekering premium increase: +€8.000/jaar (×3 jaar = €24.000)
- Security improvements post-incident: €50.000
- Customer churn: ~€100.000 revenue impact
- Subtotal: €244.000
Total cost: €464.000
Voor een bedrijf met €15M omzet is dit 3% van jaaromzet - potentieel bedrijfsbedreigend.
ROI Berekening: De Formules
Basic ROI Formula
ROI = (Vermeden Kosten - Investering) / Investering × 100%
Voorbeeld:
- Investering security awareness: €25.000/jaar
- Vermeden incident cost: €150.000 (1 phishing incident voorkomen)
- ROI = (€150.000 - €25.000) / €25.000 × 100% = 500% ROI
Risk-Adjusted ROI
Maar je voorkomt niet 100% van alle incidenten. We moeten kijken naar risicoreductie:
Expected Loss Without Training = Incident Probability × Incident Cost
Expected Loss With Training = Reduced Probability × Incident Cost
Risk Reduction Value = Expected Loss Without - Expected Loss With
ROI = (Risk Reduction Value - Training Cost) / Training Cost × 100%
Realistisch voorbeeld:
Without security awareness training:
- Phishing attack probability: 35% per jaar (industry benchmark)
- Average incident cost: €200.000
- Expected annual loss: 0.35 × €200.000 = €70.000
With security awareness training:
- Reduced attack success: 5% (85% reduction - evidence-based)
- Average incident cost: €200.000 (same if it happens)
- Expected annual loss: 0.05 × €200.000 = €10.000
Training investment: €20.000/jaar
ROI calculation:
- Risk reduction value: €70.000 - €10.000 = €60.000
- ROI = (€60.000 - €20.000) / €20.000 × 100% = 200% ROI
Return per euro invested: €3 value per €1 spent
Multi-Year ROI
Security awareness is een continue investering:
5-Year projection:
| Year | Training Cost | Incidents Prevented | Avoided Costs | Cumulative ROI |
|---|---|---|---|---|
| 1 | €25.000 | 0.8 | €160.000 | 540% |
| 2 | €20.000 | 1.2 | €240.000 | 780% |
| 3 | €20.000 | 1.5 | €300.000 | 923% |
| 4 | €20.000 | 1.8 | €360.000 | 1029% |
| 5 | €20.000 | 2.0 | €400.000 | 1118% |
| Total | €105.000 | 7.3 | €1.460.000 | 1290% |
Aannames:
- Improvement over time (beter trained workforce = meer prevented)
- Constant incident costs (actually likely to increase)
- Consistent training investment
Meetbare Impact: Key Metrics
Om ROI te bewijzen, heb je metrics nodig. Hier zijn de belangrijkste:
Leading Indicators (Predictive)
Deze metrics voorspellen toekomstige security incidenten:
1. Phishing Click Rate
- Definitie: Percentage medewerkers dat klikt op simulated phishing
- Benchmark zonder training: 25-35%
- Target met training: minder dan 5%
- World-class: minder dan 3%
Waarom belangrijk: Directe indicator van kwetsbaarheid voor social engineering
2. Reporting Rate
- Definitie: Percentage verdachte emails dat gemeld wordt
- Benchmark zonder training: 5-10%
- Target met training: meer dan 60%
- World-class: meer dan 70%
Waarom belangrijk: Trained users worden je early warning system
3. Training Completion Rate
- Definitie: Percentage medewerkers dat assigned training afrondt
- Benchmark: 60-70% zonder enforcement
- Target: meer dan 95%
- World-class: 100% binnen deadline
Waarom belangrijk: You can't benefit from training not completed
4. Knowledge Retention
- Definitie: Score op post-training assessments
- Benchmark eerste training: 60-70%
- Target na continuous training: meer dan 80%
- World-class: meer dan 90%
Waarom belangrijk: Knowledge ≠ behavior, maar is foundation
5. Time to Report
- Definitie: Gemiddelde tijd tussen ontvangst en rapportage phishing
- Benchmark: 2-4 uur
- Target: minder dan 30 minuten
- World-class: minder dan 10 minuten
Waarom belangrijk: Snelle rapportage = snelle response = limited damage
Lagging Indicators (Historical)
Deze metrics tonen de daadwerkelijke impact:
6. Real Phishing Incidents
- Definitie: Aantal succesvolle real-world phishing attacks
- Tracking: Baseline vs na implementatie training
- Expected reduction: 60-85% first year
7. Security Incident Rate
- Definitie: Totaal aantal security incidenten involving human error
- Categories: Phishing, data leaks, policy violations, lost devices
- Expected reduction: 40-60% year-over-year
8. Credential Compromises
- Definitie: Aantal accounts compromised via phishing/social engineering
- Impact: Direct cost + potential breach
- Expected reduction: 70-90% with training + MFA
9. Help Desk Security Tickets
- Definitie: User-reported security concerns
- Expected: Increase initially (meer awareness = meer rapportage)
- Then: Decrease in actual incidents (but increase in reporting)
10. Cost per Incident
- Definitie: Total cost when incidents do occur
- Impact: Trained users report faster = lower impact
- Expected reduction: 30-50% average cost
ROI Dashboard: Bringing It Together
Quarter 1 Results Example:
Leading Indicators:
- Phishing click rate: 28% → 12% (57% improvement)
- Reporting rate: 8% → 45% (463% improvement)
- Training completion: 68% → 94%
Lagging Indicators:
- Real phishing incidents: 3 → 0 (100% reduction)
- Security incidents (human error): 12 → 5 (58% reduction)
- Credential compromises: 2 → 0
Financial Impact:
- Training investment: €8.000
- Avoided incidents: 3 × €75.000 (avg cost) = €225.000
- ROI: 2.713%
Narrative for board: "Our €8K investment in security awareness prevented an estimated €225K in incident costs this quarter, delivering 27x return on investment while significantly improving our security posture."
De Business Case: Presentatie aan Board/Management
Structuur van een Overtuigende Business Case
1. Executive Summary (1 slide/pagina)
Format:
SECURITY AWARENESS TRAINING BUSINESS CASE
THE ASK: €25.000 annual investment
THE RETURN:
- Reduce security incidents 60-85%
- Avoid €200.000+ in expected breach costs
- ROI: 300-500% (€3-5 return per €1 invested)
THE RISK OF NOT ACTING:
- 35% probability of successful phishing attack
- Average incident cost: €200.000
- Reputation damage: Incalculable
RECOMMENDATION: Approve €25K for comprehensive security awareness program
2. The Problem (2-3 slides)
Slide 1: We Are a Target
- Our industry sees X attacks per year
- Y% of companies our size experienced breach last year
- Human error causes 68% of breaches (Verizon)
Slide 2: Current State Assessment
- Conducted baseline phishing test: 32% click rate
- Identified vulnerabilities in Finance, HR, Executive teams
- 0 formal security awareness training currently
Slide 3: The Cost of Doing Nothing
- Expected loss: €70.000/jaar (35% incident probability × €200K cost)
- 5-year expected loss: €350.000
- Plus: Reputational damage, regulatory fines, customer churn
3. The Solution (2 slides)
Slide 1: Security Awareness Training Program
- Continuous microlearning (monthly)
- Realistic phishing simulations
- Role-based training
- Measurable metrics and reporting
Slide 2: Proven Results
- Industry studies: 60-85% incident reduction
- Benchmark organizations: minder dan 5% click rate achieved
- Case studies from similar companies
4. The Investment (1 slide)
Costs:
- Year 1: €25.000 (platform + setup)
- Year 2-5: €20.000/year (subscription)
- 5-year total: €105.000
Resources:
- 0.2 FTE internal management (security team)
- Minimal end-user time (5-10 min/month)
5. The Return (2 slides)
Slide 1: Risk Reduction
- Reduce incident probability: 35% → 5%
- Expected annual loss: €70K → €10K
- Annual risk reduction value: €60.000
Slide 2: ROI Calculation
- Investment: €25K year 1, €20K recurring
- Risk reduction: €60K/year
- Year 1 ROI: 140%
- 5-year ROI: 1.290%
6. Success Metrics (1 slide)
We will track and report quarterly:
- Phishing click rate (target: minder dan 5%)
- Reporting rate (target: meer dan 60%)
- Training completion (target: meer dan 95%)
- Real incidents (target: 60% reduction)
7. Implementation Timeline (1 slide)
| Quarter | Activities | Milestones |
|---|---|---|
| Q1 | Vendor selection, baseline testing | Platform deployed |
| Q2 | Training rollout, monthly simulations | 95% completion |
| Q3 | Continuous training, metrics review | minder dan 10% click rate |
| Q4 | Optimization, annual report | meer dan 60% reporting rate |
8. Recommendation (1 slide)
RECOMMENDATION: Approve €25.000 for comprehensive security awareness program
JUSTIFICATION:
✅ Highest ROI security investment (300-500%)
✅ Addresses #1 threat vector (human error)
✅ NIS2 compliance requirement
✅ Measurable risk reduction
✅ Minimal implementation complexity
RISK OF DELAY:
❌ Every month = €5.800 expected loss
❌ Continued exposure to preventable attacks
❌ Potential regulatory non-compliance
NEXT STEPS:
1. Board approval
2. Vendor selection (2 weeks)
3. Deployment (4 weeks)
4. First results (Q1 end)
Tactieken voor Verschillende Stakeholders
CFO / Finance: Focus op cijfers en ROI
- "Every €1 invested returns €3-5"
- "€25K investment prevents €200K+ incidents"
- "Lower insurance premiums (20-30% reduction)"
- Risk-adjusted calculations
- Multi-year NPV analysis
CEO / Board: Focus op strategic risk
- "68% of breaches involve human error - our biggest vulnerability"
- "Reputation damage from breach: priceless"
- "Regulatory compliance (NIS2, AVG)"
- "Competitive advantage - we're securing our differentiator"
- Industry comparisons
CISO / CTO: Focus op technical effectiveness
- "Complements technical controls"
- "Users become sensors and first line of defense"
- "Reduces SOC alert fatigue"
- "Enables zero trust architecture"
- Integration with existing security stack
HR / Operations: Focus on employee impact
- "Empowers employees to protect themselves and company"
- "Positive security culture"
- "Minimal time investment (5-10 min/month)"
- "Gamification and engagement"
- "Part of professional development"
Objection Handling
Objection 1: "We already have antivirus/firewall/etc."
Response: "Technical controls are essential but insufficient. 68% of breaches bypass technology and exploit human vulnerabilities. Security awareness complements our technical stack - think of it as antivirus for people. Organizations with both technical + human controls reduce risk by 85% vs 40% with only technical."
Objection 2: "Our people are smart; they won't fall for phishing."
Response: "Our baseline test showed 32% click rate - including executives and IT staff. Modern phishing uses AI and sophisticated social engineering that fools even experts. This isn't about intelligence; it's about specialized training. Even cybersecurity professionals fall for advanced attacks without regular practice."
Objection 3: "Training is too expensive."
Response: "€25K seems expensive until we compare it to incident costs. One successful phishing attack costs €200K on average. We're looking at 35% probability this year - that's €70K expected loss. Training costs €25K and reduces that to €10K. We're essentially paying €25K to save €60K annually - that's 240% ROI. What other investment delivers that return?"
Objection 4: "We don't have time for this."
Response: "The training requires 5-10 minutes per month per employee - that's 0.4% of work time. Compare that to the hundreds of hours a security incident consumes: incident response, forensics, recovery, customer communication. Our last incident consumed 300+ hours of staff time. Prevention is far more time-efficient than reaction."
Objection 5: "Can't we just do free training?"
Response: "Free training typically lacks:
- Realistic phishing simulations
- Automated delivery and tracking
- Personalization per role
- Metrics and reporting
- Continuous updates for new threats
Result: 20% completion rate, 5% retention, minimal behavior change. Professional platforms deliver 95%+ completion, measurable risk reduction, and full compliance documentation. The ROI differential is 5-10x."
Objection 6: "Let's wait until next budget cycle."
Response: "Every month of delay is €5.800 in expected loss (€70K annual ÷ 12). Waiting 6 months = €35K expected loss - more than the training costs. Plus, training takes 2-3 months to show full effect, so delaying 6 months means 8-9 months of exposure. The business risk of waiting exceeds the cost of immediate action."
Case Studies: ROI in de Praktijk
Case Study 1: Nederlandse Zorginstelling (500 medewerkers)
Situatie:
- Ziekenhuis met 500 medewerkers
- 2 phishing incidenten in 2023 (€85K total costs)
- Geen formele security awareness training
- NIS2 compliance vereist
Implementatie:
- Q4 2023: Baseline phishing test (34% click rate)
- Q1 2024: AmiPhished deployment (€15K setup + €25K/jaar)
- Q1-Q4 2024: Maandelijkse training + phishing simulations
Resultaten na 12 maanden:
Leading metrics:
- Phishing click rate: 34% → 6% (82% improvement)
- Reporting rate: 3% → 67%
- Training completion: 97%
Lagging metrics:
- Real phishing incidents: 2 → 0
- Security incidents (human-related): 8 → 2 (75% reduction)
- Help desk tickets (security): +40% (good - more reporting)
Financial:
- Investment: €40K (year 1)
- Avoided costs: €170K (2 prevented incidents @ €85K avg)
- ROI: 325%
CISO quote: "Security awareness transformed our weakest link into our strongest defense. Our staff now catches phishing our email filter misses."
Case Study 2: MKB IT Dienstverlener (85 medewerkers)
Situatie:
- Managed Service Provider
- Target voor supply chain attacks
- 1 BEC incident in 2023 (€125K loss)
- High cybersecurity insurance premiums
Implementatie:
- Investment: €12K year 1, €8K recurring
- Focus: Executive whaling, BEC scenarios
- Cadence: Weekly microlearning + bi-weekly simulations
Resultaten na 18 maanden:
Leading metrics:
- Phishing click rate: 28% → 4%
- Reporting rate: 12% → 71%
- Executive team: 100% completion, minder dan 2% click rate
Business impact:
- 0 security incidents in 18 months (vs 3 in prior 18 months)
- Cybersecurity insurance premium: -25% (€8K/jaar besparing)
- Client confidence: Used in sales conversations
Financial:
- Investment: €12K + €8K + €8K = €28K (18 months)
- Avoided costs: €375K (3 incidents prevented)
- Insurance savings: €12K
- ROI: 1.282%
CEO quote: "Security awareness is now a competitive advantage. We won 3 contracts because clients trust our security culture."
Case Study 3: Productie Bedrijf (1.200 medewerkers)
Situatie:
- Manufacturing met operational technology (OT)
- Ransomware scare in 2023 (contained, but €200K response costs)
- Mixed workforce (office + factory floor)
- Limited IT literacy in some populations
Implementatie:
- Investment: €60K year 1, €45K recurring
- Challenges: Multilingual (Nederlands, Engels, Pools)
- Solution: Role-based training + simplified content for factory workers
Resultaten na 24 maanden:
Leading metrics:
- Office staff click rate: 31% → 5%
- Factory workers click rate: 45% → 12% (still improving)
- Overall training completion: 92%
Lagging metrics:
- Security incidents: 18 → 4 (78% reduction)
- 0 ransomware incidents (vs 1 scare)
- Email-based threats blocked by user reporting: 47 in year 2
Financial (2 years):
- Investment: €150K
- Avoided incidents: €800K (1 ransomware @ €600K + 4 phishing @ €50K each)
- ROI: 433%
CISO quote: "We customized training for different literacy levels. Now our factory workers recognize phishing as well as office staff. They've stopped multiple USB drop attacks."
Advanced: Beyond Basic ROI
Total Economic Impact (TEI)
Forrester's TEI methodology includes broader benefits:
Direct financial benefits:
- Reduced incident costs (primary ROI)
- Lower insurance premiums
- Reduced security tool spending (users catch more)
Operational benefits:
- Reduced SOC/IT workload (fewer false positives to investigate)
- Faster incident detection (user reporting)
- Improved compliance posture
Strategic benefits:
- Competitive advantage in sales
- Improved employee morale and engagement
- Enhanced brand reputation
- Better customer trust
Example TEI for 500-employee organization:
| Benefit Category | Annual Value | 3-Year NPV |
|---|---|---|
| Avoided breaches | €120.000 | €324.000 |
| Insurance reduction | €15.000 | €41.000 |
| IT productivity | €25.000 | €68.000 |
| Compliance value | €10.000 | €27.000 |
| Total Benefits | €170.000 | €460.000 |
| Investment | €30.000 | €85.000 |
| Net Value | €140.000 | €375.000 |
| ROI | 467% | 441% |
Risk-Based ROI: Monte Carlo Simulation
For sophisticated boards, use probabilistic modeling:
Variables:
- Incident probability distribution (not single point)
- Incident cost distribution (range of possible costs)
- Training effectiveness (confidence intervals)
Monte Carlo simulation (1.000 iterations):
- 50th percentile (median) ROI: 285%
- 25th percentile (conservative): 180%
- 75th percentile (optimistic): 420%
- 95% confidence: ROI > 150%
Translation for board: "We have 95% confidence that our security awareness investment will deliver at least 150% ROI, with median expectation of 285%."
Implementation: Maximizing ROI
Best Practices voor Hoge ROI
1. Start with baseline measurement
- Phishing simulation before any training
- Document current incident rate
- Establish realistic targets
2. Focus on high-risk populations
- Finance (BEC targets)
- Executives (whaling targets)
- HR (credential phishing)
- IT admins (privileged access)
3. Make it continuous, not annual
- Monthly microlearning > annual workshop
- Regular phishing simulations
- Always-on awareness
4. Personalize content
- Role-based scenarios
- Industry-specific threats
- Language and cultural adaptation
5. Measure and report
- Monthly dashboards
- Quarterly board updates
- Annual comprehensive review
6. Integrate with security stack
- User reports feed SIEM
- Simulation data informs email filters
- Metrics in GRC platform
7. Positive culture, not punishment
- Reward reporting, not punish clicking
- Gamification and recognition
- Leadership participation
ROI Killers (Vermijd Deze)**
❌ One-and-done training Result: 80% knowledge loss in 6 months, no behavior change
❌ Generic content Result: Low engagement, poor retention, minimal impact
❌ No measurement Result: Can't prove value, lose budget in next cycle
❌ Treating it as compliance checkbox Result: Minimum effort, minimum results, no ROI
❌ Poor communication Result: Low completion rates, employee resistance
❌ No executive buy-in Result: Deprioritized, underfunded, ineffective
Conclusie: Security Awareness is a No-Brainer Investment
De cijfers liegen niet:
Costs:
- €10-25 per user per jaar
- Minimal implementation effort
- Low ongoing management
Benefits:
- 60-85% reduction in human-error incidents
- €200K+ average avoided cost per prevented incident
- 300-500% average ROI
- Compliance met NIS2, AVG, ISO 27001
Risk of not investing:
- 35%+ probability of successful attack per jaar
- €70K+ expected annual loss
- Regulatory non-compliance penalties
- Reputation damage
Voor elke CISO, CFO, of CEO is de vraag niet "Kunnen we ons security awareness veroorloven?" maar "Kunnen we het ons veroorloven om het NIET te doen?"
Start Vandaag: Bewijs de ROI
AmiPhished biedt Nederlandse organisaties:
✅ Proven ROI - Gemiddeld 400% return on investment ✅ Complete metrics - Real-time dashboards voor board reporting ✅ Effortless implementation - Up and running in 2 weken ✅ Nederlandse content - Cultureel relevant en effectief ✅ Full compliance - NIS2, AVG, ISO 27001 documentatie
Bereken je eigen ROI met onze gratis calculator - Zie binnen 5 minuten wat security awareness jouw organisatie kan opleveren.
Of plan een gesprek met onze ROI experts - We helpen je een overtuigende business case bouwen voor je board.
Investeer in je mensen. Het is de beste security investering die je ooit doet.