Practice makes perfect. That is the philosophy of Erich Kron, security advocate at KnowBe4, as well as one of the main takeaways of the 2023 Edition of the KnowBe4 Phishing by Industry Benchmarking Report (Report), of which Kron served as one of the authors. Regardless of location, industry or size, consistent and frequent security awareness training paid off, resulting in employees who demonstrated lower vulnerability to, and greater awareness of, social engineering scams. The Report provides key metrics on the industries most vulnerable to phishing attacks, outlines global challenges and provides some key takeaways to help organizations reduce their employees’ susceptibility to social engineering scams. This article highlights key practical takeaways from the Report, as well as color on these concepts from Kron based on his previous experience working as a security practitioner for the Department of Defense, and in the healthcare and large manufacturing industries. See our two-part series on phishing messages: “As Email Scams Surge, Training Lessons From 115 Million Phishing Messages” (May 12, 2022); and “How to Measure Whether Your Company Is Ready to Catch Lots of Phish” (May 19, 2022).