Forty percent of employees have never received cybersecurity training, according to a new report from Yubico. That number rises to nearly sixty percent for employees working for small businesses.
The report surveyed 18,000 employed adults from the US, the UK, Australia, India, Japan, France, Germany, Singapore, and Sweden.
“Our research finds that 4 in 10 (40%) employees have never received training on cybersecurity in any form,” Yubico says. “Furthermore, 44% of companies wait longer than 3-5 months to update their cybersecurity policies.
“These two statistics suggest that close to half of employees were never introduced to their company’s security guidelines in the first place, and roughly half of those that were given cybersecurity training are operating on outdated information. With new attack techniques emerging on a near-constant basis and the rise of AI-based threats, inconsistent cybersecurity training habits leave many organizations and their workforce in a constant state of vulnerability.”
Additionally, Yubico warns that AI tools are making phishing attacks more convincing, and seventy percent of respondents couldn’t tell the difference between an AI-generated phishing message and a human-written one.
“We found that of those who have been tricked by phishing messages, 34% of respondents said the reason they fell for the ruse was that it appeared to come from a trusted source,” the report says.
“With AI’s ability to cater to specific individuals and draw from vast amounts of data, this finding shows how AI is allowing these types of threats to grow and become more successful.”
Yubico concludes that employees need to be made aware of evolving cybersecurity threats in order to thwart these attacks.
“Educational programs must emphasize the importance of both professional and personal cybersecurity, giving employees a deep understanding of how personal habits can impact workplace security,” the report says.
“Regular training sessions are essential in today’s rapidly changing threat landscape, and organizations should provide a steady stream of education on emerging risks, including assessments to ensure knowledge retention.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.
Cybersecurity Intelligence has the story.
