Practice makes perfect. That is the philosophy of Erich Kron, security advocate at KnowBe4, as well as the one of the main takeaways of the 2023 Edition of the KnowBe4 Phishing by Industry Benchmarking Report (Report), of which Kron served as one of the authors. Regardless of location, industry or size, consistent and frequent security awareness training paid off, resulting in employees who demonstrated lower vulnerability to, and greater awareness of, social engineering scams. In this article, we highlight key practical takeaways from the Report, as well as from our conversation with Kron, who gave color to these concepts based on his previous experiences working as a security practitioner for the Department of Defense, and in the healthcare and large manufacturing industries. See our two-part series on phishing messages: “As Email Scams Surge, Training Lessons From 115 Million Phishing Messages” (Mar. 30, 2022), and “How to Measure Whether Your Company Is Ready to Catch Lots of Phish” (Apr. 6, 2022).