Auto-sync: update nexus workspace

wiki/concepts/Security Awareness Training.md

@@ -0,0 +1,36 @@
+---
+title: "Security Awareness Training"
+type: concept
+tags:
+  - Security
+  - Human-Factor
+  - Training
+last_updated: 2026-04-14
+---
+
+# Security Awareness Training
+
+## Definition
+通过系统化的培训和演练提升组织内所有成员（从员工到高管）对安全威胁的认知和应对能力。
+
+## Components
+- **月度安全通讯**：定期向全员推送安全信息和最佳实践
+- **网络钓鱼演练**：模拟钓鱼攻击测试员工识别能力
+- **关键指标**：衡量有多少人报告可疑活动（而非仅关注点击率）
+
+## Goals
+- 将安全意识融入组织文化
+- 建立"全员参与"的安全防线
+- 持续改进安全态势
+
+## Key Quote
+> "The focus is on how many people report suspicious activity." — GIS Security Awareness Program
+
+## Relationship to [[Global Information Security Policy (GISP)]]
+- GISP 是政策框架，Security Awareness Training 是执行层的安全意识落地
+- 两者共同构成"政策+人"的安全治理闭环
+
+## Connections
+- [[Global Information Security Policy (GISP)]]：政策基础
+- [[Global Information Security Team (GIS)]]：执行团队
+- [[OpenText]]：实施组织