As cyber-attacks continue to escalate, more and more organisations are waking up to the importance of instilling a robust security culture among their employees, according a recent study.
In its most recent report, Fortinet’s FortiGuard Labs reveals that ransomware threats are maintaining their peak levels without any signs of slowing down on a global scale. Shockingly, 84 percent of organisations surveyed by Fortinet reported experiencing one or more breaches in 2022.
Fortinet’s latest research emphasises that over 90 percent of leaders believe that enhancing employee cybersecurity awareness would significantly reduce the occurrence of cyber-attacks. As organisations grapple with the rising tide of cyber risks, this study highlights the pivotal role played by employees in being the first line of defense against cybercrime.
Last year, a staggering 81 percent of organisations encountered malware, phishing, and password attacks, with users being the primary targets. This underscores the fact that employees can either be an organisation’s weakest link or their most powerful defense. Although 85 percent of leaders claim to have a security awareness and training program in place, over 50 percent of them acknowledge that their employees still lack essential cybersecurity knowledge.
This disparity suggests that existing training programs may not be as effective as desired, leading to inconsistencies in employees’ application of good cyber hygiene practices, or insufficient reinforcement of the training provided.
Given that many attacks focus on exploiting users, it is highly likely that boards of directors recognise, or will soon realise, the critical role of employee cybersecurity awareness in the overall defence strategy. In fact, a staggering 93 percent of organisations stated that their board of directors is actively inquiring about their cyber defences and strategy.
John Maddison, EVP of Products and CMO at Fortinet, stressed the importance of employee engagement in the battle against cyber-attacks, stating, “Our 2023 Security Awareness and Training Global Research Brief underscores the crucial role employees play in preventing cyber-attacks. It also highlights the critical need for organisations to prioritise security awareness and training services to ensure employees serve as the first line of defence.”
By implementing a comprehensive training program, organisations can enhance employees’ awareness of cyber risks and empower them to safeguard the organisation. This lays the foundation for fostering a robust cybersecurity culture that is prepared to face the challenges of the future.
While organisations understand the necessity of advanced cybersecurity solutions and recognise the value of technology certifications in strengthening their IT teams’ capabilities, employee awareness may not have received the attention it truly deserves. Nevertheless, in the years to come, it could prove to be a pivotal factor in the fight against cyber-attacks.
