Given that human error is still responsible for more than 90% of security breaches, can we agree at this point that the current security awareness model of videos followed by a quiz at the end is not working? If we need to use a carrot or a stick to get users to complete cybersecurity awareness training, then we have lost before we even started. The onus is on cybersecurity leaders to develop awareness programs so compelling, that people want to complete it!