As cybercriminals use AI to increase the volume and speed of their attacks, leaders believe these threats will become harder for employees to detect. New study highlights the relationship between greater organizational cyber awareness and reduced risk.
Nearly 70% of respondents feel their employees lack critical cybersecurity knowledge
Fortinet, a global leader in cybersecurity that promotes the convergence between networks and security, recently released its 2024 Global Security Awareness and Training Survey Report, which highlights the crucial role of a cyber-aware workforce in managing and mitigating organizational risks
More than 60% of respondents expect more employees to fall prey to attacks where cybercriminals use AI. The good news is that the majority of respondents (80%) also say that widespread knowledge about AI-powered attacks has made their organizations more open to implementing security awareness and training.
Employees may be an organization's first line of defense, but leaders are increasingly concerned about their employees' lack of awareness. Nearly 70% of respondents believe their employees lack critical cybersecurity knowledge, up from 56% in 2023.
Leaders recognize the importance of security awareness training, but believe that certain attributes make some programs more effective than others. Three-quarters of leaders say they are planning security awareness campaigns with monthly (34%) or quarterly (47%) content. Executives also indicate that high-quality content plays a crucial role in the success or failure of the program.
Most organizations are motivated to introduce security awareness training based on their experience of being breached or their knowledge of threats in their industry.
According to this year's study, 97% of leaders believe that increasing employee awareness would strengthen the organization's cybersecurity posture. However, respondents also agree that there are key attributes of training programs that are important to their effectiveness.
A single breach incident has significant repercussions for a company. It is vital to build a three-pronged defense strategy that includes security awareness and training for all employees, technical cybersecurity skills for IT and security staff, and advanced security solutions for the network.
Source: pplware.sapo.pt
