Learn how to effectively test and improve your organization's security awareness program in this comprehensive talk from AIDE 2018. Explore various aspects of security testing, including external assessments, network vulnerabilities, and physical penetration testing. Discover the importance of creating a security-conscious culture, understanding legal implications, and implementing practical measures like visitor management and lock screen policies. Gain insights into common attack vectors such as phishing emails, ransomware, and social engineering tactics. Examine controversial topics in password policies and device management. Walk away with actionable strategies to strengthen your organization's overall security posture and better protect against evolving cyber threats.