Cyber criminals are increasingly targeting an organization’s employees, figuring to trick an untrained staffer to click on a malicious link that begins a malware attack, Fortinet said in a newly released study of security awareness and training.
Results of the cybersecurity provider’s survey of some 1,800 IT and cybersecurity decision-makers from 29 different locations, entitled 2023 Security Awareness and Training Global Research Brief, highlight the importance of building a cyber-aware workforce to strengthen security posture and reduce cyber risk.
Employees on the Cybersecurity Front Lines
Fortinet’s research revealed that more than 90% of the survey’s respondents believe that increased employee cybersecurity awareness would help decrease the occurrence of cyberattacks. As organizations face increasing cyber risks, employees serving as an organization’s first line of defense in protecting their organization from cybercrime becomes of paramount importance, Fortinet said.
Here are key findings from Fortinet’s research:
- More than 80% of organizations faced malware, phishing and password attacks last year, which mainly were targeted at users. This underscores that employees can be an organization’s weakest point or one of its most powerful defenses.
- Having an effective training program is key to instilling good cyber hygiene in employees. Some 85% of leaders said their organization has a security awareness and training program. However, more than 50% believe their employees still lack cybersecurity knowledge.
- Cybersecurity is increasingly becoming a priority for the board of directors. The report found that 93% of organizations indicated their board of directors are asking about the organization's cyber defenses and strategy.
Commenting on the employee cyber training programs, John Maddison, products executive vice president and chief marketing officer at Fortinet, said:
“Our 2023 Security Awareness and Training Global Research Brief underscores the crucial role employees play in preventing cyberattacks. It also highlights the critical need for organizations to prioritize security awareness and training services to ensure employees serve as the first line of defense.”
Fortinet Offers Security Awareness Training
For organizations looking to implement cybersecurity awareness training for their employees or those evaluating the effectiveness of their current program, Fortinet offers its Security Awareness and Training service to develop a cyber-aware workforce.
The service aligns with the National Institute of Standards and Technology (NIST) guidelines to further ensure key topics are covered including, information security, data privacy, physical security, password protection and internet security.
Fortinet has also tailored this service for educators. It is available for free to school districts across the United States and local education authorities in the United Kingdom, with plans to continue increasing access globally.