PREVIOUS ARTICLENEXT ARTICLE
FEATURE ARTICLES
By 31 October 2024 | Categories: feature articles

0

Fortinet, the global cybersecurity leader driving the convergence of networking and security, released its annual 2024 Security Awareness and Training Global Research Report, highlighting the crucial role a cyber-aware workforce plays in managing and mitigating organisational risk.

Key findings from the global report include:

  • As malicious actors use AI to increase the volume and velocity of their attacks, leaders believe these threats will be harder for their employees to spot. More than 60% of respondents expect more employees to fall victim to attacks in which cybercriminals use AI. However, the good news is that most respondents (80%) also say enterprise-wide knowledge of AI-augmented attacks has made their organisations more open to implementing security awareness and training.
  • Employees can be an organisation’s first line of defense, but leaders are increasingly worried that their employees lack security awareness. Nearly 70% of those surveyed believe their employees lack critical cybersecurity knowledge, up from 56% in 2023.
  • Leaders recognise the importance of security awareness training but believe specific attributes make some training programs more effective than others. Three-quarters of leaders say they plan their security awareness campaigns, delivering content monthly (34%) or quarterly (47%). Executives also point to high-quality content playing a leading role in the success or failure of the program.

The latest threats that employees must battle

One prominent way cybercriminals use AI is to make phishing schemes more believable and harder to detect. Because phishing targets individual users directly, organisations are heavily focused on teaching employees how to recognise and avoid falling victim to these attacks.

  • End-users remain attractive targets. More than 80% of organisations faced attacks last year, such as malware, phishing, and password attacks that directly targeted individuals.
  • As attacks evolve, security awareness and training will only become more vital. Nearly all (96%) of those surveyed say their leadership team supports employee security awareness training.
  • Nearly all respondents (98%) say phishing prevention is a component of their training programs and plans. Other top training priorities include data security (48%) and privacy (41%).

Employees can serve as a strong first line of defence against attacks

While security and IT teams are crucial to safeguarding organisations against cyberthreats, an enterprise’s employees also play an important role in preventing breaches.

  • Employees are open to cybersecurity awareness and training opportunities. Most leaders (86%) say their employees positively view security awareness and training.
  • Organisations see positive results when they implement security and awareness training programs. An overwhelming majority of leaders (89%) say their organisation saw at least some improvement in its security posture after security awareness and training were implemented. Not a single respondent claimed to see no improvement.

Cyber awareness training Is vital, but not all programs are created equal

Most organisations are motivated to introduce security awareness and training based on their experience of being breached or knowledge of threats in their industry or sector.

Almost all decision-makers (96%) say their leadership team supports implementing training to raise employees’ cybersecurity awareness.

According to this year’s survey, 97% of leaders think increased employee awareness would strengthen the organisation’s cybersecurity posture. Yet respondents also agree that there are key attributes of training programs that are important for effectiveness.

  • Engaging content is paramount. While 86% of decision-makers say they are satisfied with their current security awareness and training solution, the biggest complaint was a lack of engaging content among those not satisfied.
  • Consider the time commitment required. Avoid training fatigue by considering the amount of time required from learners. Demanding too much time from employees can overburden them. Between 1.1 and 2.0 hours is the most common time proposed, with three hours as the average.

  “As threat actors harness new technologies like AI to augment the sophistication of their attacks, it’s increasingly crucial that employees serve as a robust first line of defense. Fortinet’s new research underscores the importance of creating a culture of cybersecurity and the need to deploy organisation-wide security awareness and training,’’ explained John Maddison, Chief Marketing Officer at Fortinet.

‘’These findings reinforce the importance of our award-winning Security Awareness and Training service for enterprises, including the free educational version available at no cost to primary and secondary schools around the world, and its role in strengthening cyber resilience,” he added.

USER COMMENTS

Read
Magazine Online
TechSmart.co.za is South Africa's leading magazine for tech product reviews, tech news, videos, tech specs and gadgets.
Start reading now >
Download latest issue

Have Your Say


What new tech or developments are you most anticipating this year?
New smartphone announcements (45 votes)
Technological breakthroughs (28 votes)
Launch of new consoles, or notebooks (14 votes)
Innovative Artificial Intelligence solutions (28 votes)
Biotechnology or medical advancements (21 votes)
Better business applications (132 votes)