Welcome to the Firewall Academy Blog

We've spent a lot of time thinking about security awareness training. We've talked to security leaders frustrated with low engagement. We've seen compliance programs that check boxes but change nothing. We've watched expensive platforms gather dust while phishing rates stay flat.

Along the way, we've developed strong opinions about what works, what doesn't, and why most training fails to move the needle.

This blog is where we share those insights.

What You'll Find Here

Expect:

• Honest analysis of what's broken in security training and why
• Insights from building Firewall Academy and working with customers
• Industry perspectives that might challenge conventional thinking
• Practical ideas you can actually use

Some posts will be tactical. Some will be philosophical. All of them will reflect things we genuinely believe and think are worth discussing.

The Value of Thinking Out Loud

There's something powerful about writing things down. Ideas that seem solid in your head often need refinement when you try to explain them clearly. And insights that feel obvious sometimes aren't obvious to anyone else.

This blog is partly for you—but it's also for us. Documenting what we're learning forces clarity. It creates a record we can revisit. It invites feedback and conversation.

We think the best companies reflect constantly on what's working and what isn't. This is our way of doing that in public.

Join the Conversation

If you're a security leader trying to build a training program that actually works, we hope you'll find something useful here. If you see things differently than we do, we'd love to hear your perspective. And if you're just curious about the state of security awareness training—stick around. We have a lot to say.

---

Have a topic you'd like us to explore? Get in touch—we're always looking for good questions to dig into.