Nearly three-quarters (70%) business leaders are increasingly concerned about their employees’ cybersecurity knowledge, stating they lack even fundamental awareness needed to combat rising threats.
The news comes as companies brace themselves for increased threat activity in the age of artificial intelligence, which aids threat actors to increase the sophistication of their attacks.
The report from Fortinet cites another separate study carried out by the company claiming more than four in five organizations have faced incidents like malware, phishing and password attacks over the past 12 months.
Workers aren’t prepared for the future of cybersecurity
Looking ahead, three in five leaders expect AI-augmented attacks to make it even harder for workers to recognize threats.
However, artificial intelligence isn’t just seen as a threat to buisnesses. Four in five of the study’s participants believe that emerging AI-enhanced threats have driven greater openness to training initiatives within their companies, with three quarters of leaders planning to launch awareness campaigns.
“As threat actors harness new technologies like AI to augment the sophistication of their attacks, it’s increasingly crucial that employees serve as a robust first line of defense,” said Fortinet Chief Marketing Officer John Maddison.
In response to the changing threat landscape, companies are becoming increasingly proactive, with around one-third (34%) delivering content monthly, and almost half (47%) doing so quarterly. Almost all (98%) have covered phishing prevention, with security (48%) and privacy (41%) also frequently appearing in training.
Moreover, Fortinet’s research shows companies offering more engaging, targeted training are seeing the best results, with 89% of leaders reporting a stronger security posture after training.
As threats are becoming both more sophisticated and more common, it’s clear that cybersecurity training has become a paramount part of business. As such, Fortinet calls for organizations to consider a three-pronged approach – security awareness and training for all employees, technical cybersecurity skills for IT workers, and advanced security solutions for the network.