Following an employee security awareness training program, what should be the expected outcome?

[References: The CISM Review Manual 2023 states that “security awareness training should include information on how to identify and report social engineering attempts” and that “the effectiveness of security awareness training can be measured by the number and quality of reported incidents” (p. 121). The CISM Review Questions, Answers & Explanations Manual 2023 also provides the following rationale for this answer: “An increase in reported social engineering attempts is the best indicator that the security awareness training program has been effective, as it shows that the employees are more vigilant and proactive in detecting and reporting such attempts” (p. 45)., , , , , , , ]