A Fortinet, global company in cybersecurity that drives the convergence of network and security, launched today its2024 Global Cybersecurity Awareness and Training Survey, highlighting the crucial role that a workforce with cyber awareness plays in managing and mitigating organizational risks
Key findings from the global survey include:
- As malicious agents use AI to increase the volume and speed of their attacks, leaders believe that these threats will be harder for their employees to detect.
More than 60% of respondents expect that more employees will fall victim to attacks in which cybercriminals use AI. However, the good news is that most respondents (80%) also state that the knowledge of the entire company about AI-enhanced attacks has made their organizations more open to implementing awareness and security training
- Employees can be the first line of defense for an organization, but leaders are increasingly concerned about their employees' lack of awareness regarding safety
Almost 70% of respondents believe that their employees do not have critical knowledge of cybersecurity, against 56% in 2023
- Leaders recognize the importance of security awareness training, but they believe that specific attributes make some training programs more effective than others
More than half of leaders say they plan their security awareness campaigns, delivering content monthly (34%) or quarterly (47%). Executives also point out that high-quality content plays an important role in the success or failure of the program
As threat agents leverage new technologies like AI to increase the sophistication of their attacks, it is increasingly crucial for employees to act as a strong first line of defense. The new research from Fortinet highlights the importance of creating a cybersecurity culture and the need to establish awareness and security training throughout the organization. These findings reinforce the importance of our award-winning safety awareness and training service for companies, including the free educational version available for elementary and high schools worldwide, and its role in strengthening cyber resilience, declareJohn Maddison, Chief Marketing Officer of Fortinet
The latest threats employees must combat:
One of the main ways cybercriminals use AI is to make phishing schemes more convincing and harder to detect. How phishing targets individual users directly, organizations are strongly focused on teaching employees to recognize and avoid becoming victims of these attacks
- End users continue to be attractive targets. More than80% of organizationsfaced attacks last year, as malware, phishing and password attacks that directly targeted individuals
- As attacks evolve, awareness and training in safety will become increasingly vitalAlmost all (96%) of the respondents state that their leadership team supports employee safety awareness training
- Almost all respondents (98%) say that phishing prevention is a component of their training programs and plansOther training priorities include data security (48%) and privacy (41%)
Employees can act as a strong first line of defense against attacks
Although security and IT teams are crucial for protecting organizations against cyber threats, employees of a company also play an important role in preventing violations
- Employees are open to opportunities for awareness and training in cybersecurityMost leaders (86%) state that their employees view safety awareness and training positively
- Organizations see positive results when they implement safety training and awareness programsThe overwhelming majority of leaders (89%) state that their organization has seen at least some improvement in its security posture after implementing awareness and security training. No interviewee claimed to have seen no improvement
Cyber awareness training is vital, but not all programs are created the same way
A maioria das organizações é motivada a introduzir treinamento e conscientização sobre segurança com base em sua experiência de violação ou conhecimento de ameaças em seu setor e/ou indústria. Almost all decision-makers (96%) say that their leadership team supports the implementation of training to raise employee awareness about cybersecurity
According to this year's research, 97% of leaders believe that increasing employee awareness would strengthen the company's cybersecurity posture. However, the interviewees also agree that there are key attributes of training programs that are important for effectiveness
- Attractive content is essentialAlthough 86% of decision-makers say they are satisfied with their current security awareness and training solution, the biggest complaint was the lack of engaging content among those who are not satisfied
- Consider the necessary dedication timeAvoid training fatigue by considering the amount of time required from students. Demanding too much time from employees can overwhelm them. Between 1,1 and 2 hours is the most common proposed time, with an average of three hours
Develop a cyber-aware workforce with Fortinet's security awareness and training service:
A single incident of breach has significant repercussions for a business. It is vital to builda three-pronged defense strategythat includes awareness and safety training for all employees, cybersecurity technical skills for the IT and security team and advanced security solutions for the network.
In addition to teaching people what to do when they encounter threats, awareness and training establish the foundation for creating a cybersecurity culture throughout the organization. Fortinet offers thesecurity awareness and training servicefor companies that want to develop a workforce with cybersecurity knowledge. Designed by world-class instructors from the Fortinet Training Institute, this service covers a wide range of topics, offers opportunities for content customization and reinforces learning with reminders and periodic checks. Organizations that use the service also have access to a variety of dashboards to track student progress and generate reports to meet cybersecurity insurance and compliance needs
