The human aspect of cybersecurity is widely recognized as a critical component of cyber resilience and risk reduction. However, one of the least understood areas is that of security behaviors and attitudes. Specifically, the gap or disconnect between knowledge and action. On the heels of 2021’s first of its kind research, the National Cyber Security Alliance will be launching the second annual Cybersecurity Attitudes & Behaviors Report ahead of October’s CyberSecurity Awareness month. The research will go even deeper this year in examining cybersecurity attitudes and behaviors of the general public, shedding light on one of the most important aspects of cyber risk - the human factor. This research applies scientific rigor and robust data analysis to help academics, practitioners and policymakers around the world better understand people-related security issues as they relate to enhancing awareness, influencing security behavior and improving security culture. The Annual Cybersecurity Attitudes and Behaviors Report 2021 polled 2,000 individuals across the U.S. and UK, the report examined key cybersecurity trends, attitudes and behaviors. Some insights from last year’s report: Millennials (44%) and Gen Z (51%) are more likely to say they have experienced a cyber threat than baby boomers (21%). 79% of baby boomers said they had never been a victim of cybercrime. 46% of respondents say they use a different password for important online accounts, with 20% saying that they “never” or “rarely” do so. Only 43% said they create a long and unique password either “always” or “very often.” 48% of respondents say they have “never heard of MFA.” 64% of respondents have no access to cybersecurity training, while more than a quarter of those who do have access choose not to use it. In this session, National Cybersecurity Alliance Executive Director Lisa Plaggemier will explore the findings from the organization’s annual survey and what can be learned when creating awareness programs.