On the site of North Dakota, you may find a security awareness training. It is reasonably good and informative. The targeted audience was North Dakota administration employees. Nevertheless, it can be used by every body.
You may say: “OK, one more”. And you would be right. What I found interesting is the date of this training 2001. It is a jump to the past. And ten years later, it is still valid!!! Of course, there are some missing new threats such as removable storage media (such as USB memories), and the new Internet threats such as phishing, social networks… But the threats that were already present in 2001 are still present in 2011. We have solved none of them , and many new ones appeared.
We rely more on more on IT, and the environment is becoming more and more dangerous. More and more people handle tools that they do neither master, nor understand. We have to make a better training, to increase security awareness. At school, it should be a mandatory training, and that starting at the early age, so that it becomes a pure reflex.
If in 2021, we will look a security awareness training of 2011, will there be at least some old threats that will have disappeared? Medicine succeeded to eradicate some illnesses, why could we not succeed the same in security?