Most organisations say they “do awareness” — emails, posters, phishing simulations — but it’s often hard to tell whether behaviour really changes.
On March 05, 2026, Geert Nobels shows how to use ENISA’s AR-in-a-Box as a practical, structured roadmap to build a risk-based, measurable cyber awareness program.
You’ll learn how to start from real risk behaviours, set clear objectives, tailor messages to different audiences, and choose the right awareness activities.
We’ll also cover how to measure outcomes beyond participation rates and how to involve leadership so awareness becomes part of governance and culture.
Why attend
- Move from “awareness as communication” to awareness as measurable risk reduction.
- Translate ENISA AR-in-a-Box into a roadmap you can apply immediately.
- Avoid common traps like activity overload, vague objectives, and vanity metrics.
- Learn how to align awareness KPIs with organisational risk and resilience.
- Get practical arguments to support awareness investments with boards and auditors.
What participants will learn
- Identify the risk behaviours that should drive your awareness priorities
- Define clear, actionable objectives for behavioural change (not just “raise awareness”)
- Segment audiences and tailor messages for executives, technical teams, and business functions
- Select the most effective formats (micro-learning, workshops, simulations, campaigns) for each objective
- Build KPIs that measure outcomes and behavioural improvement, not only participation
- Explain and position awareness as part of governance and organisational culture
Earn CPEs
You can earn up to 1.5 CPEs (full attendance required).
Please note that if you do not attend the entire program or fail to complete the required process, no CPEs can be attributed. Applying for CPEs is the participant’s responsibility.
Price
This event is free. You can register through the blue button.
More information
For any aditional questions, contact us via our social media or ISACA Education Support at eb.acasi@noitacude
