Many bosses think their employees lack even basic security awareness
Nearly three-quarters (70%) of business leaders are increasingly concerned about their employees’ cybersecurity knowledge, saying they lack even the basic awareness needed to combat rising threats.
The news comes as companies brace for increased threat activity in the age of artificial intelligence, which helps threat actors increase the sophistication of their attacks.
Fortinet’s report cites another separate study from the company, which claims that more than four in five organizations have experienced incidents such as malware, phishing and password attacks in the past 12 months.
Employees are not prepared for the future of cybersecurity
Looking ahead, three in five leaders expect AI attacks to make it even more difficult for employees to recognize threats.
However, artificial intelligence is not only seen as a threat to business. Four in five survey participants believe emerging AI-enabled threats have led to greater openness to training initiatives within their companies, with three-quarters of leaders planning to launch awareness campaigns.
“As threat actors leverage new technologies such as AI to increase the sophistication of their attacks, it is increasingly important that employees serve as a robust first line of defense,” said John Maddison, Chief Marketing Officer of Fortinet.
In response to the changing threat landscape, companies are becoming increasingly proactive, with about a third (34%) delivering content monthly and almost half (47%) doing so quarterly. Almost all (98%) have covered phishing prevention, with security (48%) and privacy (41%) also often discussed in the training.
Additionally, Fortinet research shows that companies that offer more engaging, targeted training see the best results, with 89% of leaders reporting a stronger security posture after training.
As threats become more sophisticated and common, it’s clear that cybersecurity training has become an essential part of business. That’s why Fortinet is calling on organizations to consider a three-pronged approach: security awareness and training for all employees, technical cybersecurity skills for IT staff, and advanced network security solutions.