Cybersecurity training governance: The SEAL Framework for sustained readiness
Morteza Safaeipour et al.
Abstract
Despite substantial investments in cybersecurity awareness training, human error remains a leading source of organizational vulnerability. This study challenges prevailing assumptions by examining how employees perceive various training methods and how these approaches influence cybersecurity readiness across four interdependent levels: individual, team, client, and organization. Contrary to the common belief that training effectiveness depends chiefly on content quality or delivery style, our findings underscore governance—the intentional selection, alignment, timing, and integration of training methods—as the decisive factor in driving cybersecurity readiness. Even when firms implemented comparable, high-quality training content, employee-reported outcomes varied markedly based on how these programs were governed. In response, we propose a cybersecurity training governance framework featuring six actionable recommendations to guide the shift from fragmented awareness initiatives to cohesive readiness strategies. By positioning training governance as a systemic enabler of organizational resilience, this study advocates a fundamental reorientation, from reactive awareness to adaptive readiness.
Evidence weight
Balanced mode · F 0.40 / M 0.15 / V 0.05 / R 0.40
| F · citation impact | 0.50 × 0.4 = 0.20 |
| M · momentum | 0.50 × 0.15 = 0.07 |
| V · venue signal | 0.50 × 0.05 = 0.03 |
| R · text relevance † | 0.50 × 0.4 = 0.20 |
† Text relevance is estimated at 0.50 on the detail page — for your query’s actual relevance score, open this paper from a search result.