As cyberattacks become more prevalent, companies are recognizing the importance of a strong security culture for all employees, a new survey from Fortinet shows.
In fact, Fortinet’s FortiGuard Labs Global Threat Landscape Report shows that over 90% of leaders believe that increased employee cybersecurity awareness would help decrease the occurrence of cyberattacks. This comes as 81% of organizations faced malware, phishing, and password attacks last year, mainly targeted at users, such as employees.
With that said, employees can either be an organization’s weakest point or one of its most powerful defense mechanisms.
Ransomware Threats are at Peak Levels
Organizations are facing a continuously evolving threat landscape, posing significant challenges. According to the findings, ransomware threats continue to surge at unprecedented levels worldwide, showing no signs of decline. Additionally, Fortinet’s report revealed that a staggering 84% of organizations encountered one or more security breaches in 2022.
Do Training Programs Help?
Eighty-five percent of leaders said that their organization has a security awareness and training program. Yet, more than half believe their employees still lack cybersecurity knowledge.
This inconsistency may suggest that training programs currently in place may not be as effective as they could be. With the right training, employees should be able to apply good cybersecurity hygiene practices.
In any comprehensive security awareness training, it is essential to cover the following four key topics at minimum:
- Phishing attacks: Despite being one of the oldest threats, continue to be highly effective. According to Verizon’s “2021 Data Breach Investigations Report,” phishing emails not only ranked as the most common action in cybersecurity breaches but also saw an 11% increase in 2021.
- Social engineering: Employees should be reminded that they might encounter social engineering scams in face-to-face interactions at customer service counters, over phone calls, or even within their own workplace.
- Password hygiene: While many organizations have implemented two-factor authentication, password security remains paramount since not all systems support multi factor authentication.
- Secure remote work practices: It is imperative for cybersecurity awareness programs to emphasize corporate policies regarding the storage and access of sensitive information outside the office. Employees need to understand the proper protocols and guidelines for maintaining security while working remotely.
A Focus on Cybersecurity from Boards of Directors
With many attacks targeted at users, it is likely that boards are already seeing how employee cybersecurity awareness is a critical part of defense. Ninety-three percent of organizations surveyed said that their board of directors are already asking about their cyber defenses and strategy.
“Our 2023 Security Awareness and Training Global Research Brief underscores the crucial role employees play in preventing cyberattacks. It also highlights the critical need for organizations to prioritize security awareness and training services to ensure employees serve as the first line of defense,” said John Maddison, EVP of Products and CMO at Fortinet.
How TNTMAX Can Help
At TNTMAX, we offer comprehensive cybersecurity awareness training for management and employees. Call us at (201) 891-8686 or email [email protected] to learn more or to set up a presentation!