Cybersecurity company Fortinet released its annual 2024 Security Awareness and Training Global Research report, highlighting the crucial role a cyber-aware workforce plays in managing and mitigating organizational risk.
Key findings include:
- More than 60 percent of respondents expect more employees to fall victim to attacks in which cybercriminals use AI. At the same time, however, 80 percent claim that enterprise-wide knowledge of AI-augmented attacks has made their organizations more open to implementing security awareness and training.
- Nearly 70 percent believe their employees lack critical cybersecurity knowledge, up from 56 percent (2023).
- Three-quarters of leaders say they plan their security awareness campaigns, delivering content monthly (34 percent) or quarterly (47 percent). Executives also point to high-quality content playing a leading role in the success or failure of the program.
- More than 80% of organizations faced attacks last year, such as malware, phishing, and password attacks that directly targeted individuals.
- 96 percent say their leadership team supports employee security awareness training.
- 98 percent say phishing prevention is a component of their training programs and plans, with other training priorities including data security (48 percent) and privacy (41 percent).
- 89 percent of leaders say their organization saw at least some improvement in its security posture after security awareness and training were implemented. Not a single respondent claimed to see no improvement.
- 96 percent of decision-makers say their leadership team supports implementing training to raise employees’ cybersecurity awareness.
- 97 percent of leaders think increased employee awareness would strengthen the organization’s cybersecurity posture, while 86 percent are satisfied with their current security awareness and training solution.
“As threat actors harness new technologies like AI to augment the sophistication of their attacks, it’s increasingly crucial that employees serve as a robust first line of defense,” said Fortinet CMO, John Maddison. “Fortinet’s new research underscores the importance of creating a culture of cybersecurity and the need to deploy organization-wide security awareness and training. These findings reinforce the importance of our award-winning Security Awareness and Training service for enterprises, including the free educational version available at no cost to primary and secondary schools around the world, and its role in strengthening cyber resilience.”
Beyond teaching individuals what to do when they encounter threats, awareness and training lay the foundation for creating a culture of cybersecurity throughout the organization. Fortinet offers its security awareness and training service to businesses that want to develop a cyber-aware workforce. Designed by the Fortinet Training Institute’s trainers, the service covers a broad range of topics, offering content customization opportunities, and reinforces learnings with periodic reminders and checks. Organizations using the service also have access to a variety of dashboards to track learner progress and reporting to address cyber insurance and compliance needs.
