Episode 221: Developing and Executing Security Awareness Programs (Domain 5)

New Security+ Course Now Available! (V8 SY0-801)

The new CompTIA Security+ Course for 2026 is now online!  Find it at: https://secv8.baremetalcyber.com/

Welcome to the SEC+ Audio Course

Dive into a fast, no-fluff overview of what this podcast delivers, who it’s for, and how each episode helps you level up with practical, real-world takeaways. In this trailer, you’ll hear the show’s promise, the format you can expect, and a sneak peek at the kinds of stories, tips, and expert insights coming your way. Hit follow to get new episodes as they drop and start listening smarter from day one.

Episode 221: Developing and Executing Security Awareness Programs (Domain 5)

Security awareness programs don’t happen by accident—they’re built with intent, tested with feedback, and refined over time. In this final episode of the series, we walk through how to develop and execute a successful awareness program, from defining goals and identifying target audiences to choosing content formats and delivery methods. We discuss how to incorporate phishing simulations, microlearning modules, video training, and role-specific content to meet learners where they are. Execution involves not just delivery, but reinforcement through regular communication, gamification, and leadership engagement. We also cover program measurement—tracking participation, testing knowledge, and adjusting campaigns based on results. A strong awareness program turns passive users into active defenders, extending your security posture across every click, login, and decision.

Episode 220: Security Reporting and Monitoring (Domain 5)

A well-informed workforce should be empowered not just to avoid risk—but to report it. In this episode, we explore how organizations build clear, accessible reporting channels that encourage employees to share suspicious activity, policy violations, or near misses without fear of reprisal. We also examine how recurring reports—like monthly phishing metrics or training completion rates—can help monitor the effectiveness of your awareness program and adjust content accordingly. Beyond individual reports, monitoring systems track broader trends in user behavior, risk exposure, and incident volume, providing insight into where further training may be needed. Reporting and monitoring aren’t just reactive tools—they’re indicators of a healthy security culture. The more people contribute, the stronger your human firewall becomes.

Episode 219: Hybrid and Remote Work Security Awareness (Domain 5)

Remote and hybrid work models create new layers of security complexity—blending corporate environments with home networks, personal devices, and cloud-first workflows. In this episode, we explore the core topics of remote work security awareness, starting with safe home Wi-Fi configurations, strong authentication, and VPN use for secure connections. We then discuss endpoint hardening for laptops and mobile devices, including encryption, screen locking, and secure backup practices. Hybrid workers also need guidance on physical security—like preventing shoulder surfing in public places or securing devices during commutes. Training should also cover secure transitions between environments, cloud data handling, and how to report incidents while working remotely. As the office perimeter disappears, awareness becomes the frontline.