01387nas a2200205   4500000000100000000000100001000000100002008004100003260007900044653002300123653002900146653001800175653002700193653000900220653001800229653003400247100002100281245005100302520082800353       2015                            d  cMarch 2015bInstitute of Information and Communication TechnologiesaSofia10aattribution theory10aawareness based training10aCybersecurity10aorganizational culture10aRisk10arisk appetite10a„balance of consequences“1 aVenelin Georgiev00aLevels of Cybersecurity Training and Education3 a<p>The ambition of individuals and their organizations to achieve a desired level of cybersecurity may be subject to the application of different strategies. Known approaches to achieving cybersecurity involve the establishment of effective legal systems, innovative technical solutions, rational organizational structures, etc. The focus in discussions of cybersecurity remains on people and their training, which can lower the vulnerability to cyber attacks. Counting on such a strategy to build cybersecurity, it is important to properly understand that cybersecurity training can be constructed at several levels. Each of these levels has specific characteristics, such as the approach and methods used for training, and as a consequence is associated with different results in terms of the cybersecurity achieved.</p>