Security awareness programs often focus on educating employees about threats, yet 93% of people who breach company policies know they're creating risk - they simply do it anyway. The gap between awareness and behavior represents a critical vulnerability that traditional annual compliance training fails to address.

Understanding BJ Fogg's behavior model - that behavior equals motivation multiplied by ability - reveals why knowledge alone doesn't change actions.

In this session, Xandra Uth of SoSafe will share insights on:

• How motivation and ability drive behavior change;
• How to prove data importance and vulnerability through targeted phishing simulations and compelling narratives;
• Why spreading training consistently throughout the year creates lasting behavioral change rather than forgotten annual compliance.