2 min Security

Research: employees lack security knowledge

Research: employees lack security knowledge

Fortinet research shows that cybercriminals are increasingly launching targeted attacks against company employees. However, according to more than half of the surveyed decision-makers, employees have insufficient security knowledge, which makes organizations vulnerable.

Attention to proper security awareness training is therefore important. In the survey, Fortinet found that a large majority of companies surveyed, 80 percent, signalled that cybercriminals are attacking employees more directly. Examples include malware, phishing and password attacks. So people or employees are still the weakest link.

In addition, 84 percent of respondents indicated they had to deal with one or more security incidents in 2022.

Focus on security

According to the researchers, companies do a lot to prepare employees for possible cyber attacks. 85 percent indicated that they have a security awareness and training program. Security is also high on the agenda of most management boards.

Yet more than half say their employees still lack security knowledge. Fortinet says this gap probably exists because existing security awareness programs lack effectiveness.

Employees are reportedly still inconsistently applying best practices for good “cyber hygiene.” Also, employees’ knowledge gained during security awareness training may not be sufficiently refreshed.

Training important

According to Fortinet, the research shows that it is therefore important to train employees more on security awareness. “The research points to the pressing need to prioritize security awareness and security training. That way, employees can form a first line of defense,” Fortinet regional director Netherlands Vincent Zeebregts said in a commentary.

Read also: ‘70% of employees are willing to delegate work to AI’