All links and images for this episode can be found on CISO Series. It appears our security awareness training is working, up to a point. Most people are well aware of the need for secure passwords, but they don't actually create secure passwords. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Patrick Harr, CEO, SlashNext. Thanks to our podcast sponsor, SlashNext With today’s transition to hybrid working, phishing attacks are becoming more prevalent than ever. Mobile phishing and credential harvesting are exploding and affecting business reputations, finances and most importantly, data loss. With new methods of phishing attacks appearing year over year, enterprises need more robust phishing protection to better protect this expanding attack surface and companies’ most valuable assets. Check out the report. In this episode: Why does it seem like our security awareness training is only working up to a certain point? Most people are well aware of the need for secure passwords, but why don't they actually create secure passwords? Is it true that, “people are not the weakest link, they're just the top attack vector?”