Bridging the Cybersecurity Awareness Gap: A Communication-First Approach

Cybersecurity is often framed as a technical challenge, but most incidents involve human behaviour: errors in judgment, susceptibility to manipulation, and practices shaped by organisational context rather than individual carelessness.

This COcyber white paper, authored by Dorina Stanculescu and Carmen Serna of AUSTRALO, argues that closing the gap between policy ambition and real-world security outcomes requires treating awareness and communication as a strategic function.

                                   Check the Full White Paper

The paper examines why people are targeted and how social engineering exploits predictable patterns of trust, urgency, and authority to bypass even technically robust defences. It makes the case that effective awareness cannot be designed for a generic user: different audiences face different risks and respond to different communication approaches. Generic and fear-based campaigns may increase visibility but rarely change behaviour.

The second part of the paper focuses on what effective awareness design looks like. This means segmenting audiences, equipping SMEs with practical and accessible guidance, and engaging senior leadership as the primary driver of organisational security culture. Creative and participatory formats such as gamification, storytelling, escape rooms, and team-based exercises are legitimate tools for strengthening engagement and retention.

The paper concludes with a call to shift awareness from information delivery to behaviour-focused communication: audience-first, empowerment-driven, measured for impact, and sustained through collective learning.