The human element is one of the most critical vulnerabilities for security professionals, and often the root of high-profile breaches. Effective security awareness programs are an important step that recently are gaining more traction and funding from boards. Too often, these programs are a patchwork of materials created in-house and tools purchased from vendors, which can lead to a lack of a consistent, coordinated message. In this discussion, consider methodologies for developing a cohesive security awareness program that will help to establish a strong security culture.