- News
In the world of cybersecurity, a shortage of talent needed to fill open positions
Post originally shared on VentureBeat.
According to a new study by ThriveDX, cybersecurity awareness has increased significantly in the last year, with 97% of organizations surveyed having implemented some type of security awareness measures.
Given that up to 91% of successful cyberattacks start with a lack of employee understanding, this trend towards greater awareness efforts is crucial. Well over half of the survey’s respondents (54%) stated that awareness had significantly increased corporate security.
The study found that properly implemented awareness training programs move the needle of enterprise risk where technology alone cannot. As many as 87% of study participants stated that effective IT security is not possible without employee training. However, challenges remain, including gaining user acceptance and a lack of resources for increasing awareness efforts.
While 58% of the companies surveyed have security awareness policies in place, only 42% actively engage employees in efforts with tools such as a Phishing Incident Button. This is worth noting as this type of interaction builds a “human firewall” inside enterprises, empowering employees to report threats quickly and building a strong security culture.
Additionally, just 20% of survey participants reported conducting more than seven phishing simulations per year and only 67% invest up to 12 hours per year in awareness training. In fact, one-fifth of participants conduct only one training course per year and just under a quarter reported conducting two courses. Six percent of those surveyed said they do without training altogether.
The most common training topics focused on phishing awareness (28.1%), password safety (13.3%), social engineering (9.4%) and malware (7.0%).
Researchers did find an increased maturity in cybersecurity awareness programs, with 58% of participants reporting having an awareness policy including mission statements, policies and metrics in place. A majority (65%) of those surveyed believe cybersecurity awareness programs still need to expand.
The 2022 Global Cybersecurity Awareness Training Study by ThriveDX Enterprise surveyed 1900+ CISOs, security leaders and IT professionals to better understand the benefits of cybersecurity awareness training, in particular phishing simulations, and how employee awareness is taking hold to make enterprises safer.
Read the full report by ThriveDX.
Sign up for ThriveDX's quarterly newsletter to receive information on the latest cybersecurity trends, expert takes, security news, and free resources.
If you are looking to connect with someone from our team on-site, please leave your contact information here and we will connect with you directly during the conference.