29 Sep Report Outlines Importance of Providing Engaging User Awareness Training
The way cybersecurity awareness training is conducted in organizations has a huge bearing on employees’ subsequent security outlook and behaviours, according to a new report from Osterman Research.
The researchers discovered that users who found security training “very interesting” were over 13-times more likely to make “fundamental changes” to how they think about security compared to those who considered the training “boring.”
The survey of 1000 US everyday employees, IT managers and decision-makers also found that the quantity of security awareness training given makes a major difference, with the ability of staff to spot and deal with security threats such as phishing and business email compromise improving as more training is provided.
Encouragingly, it appears as though organizations are set to place much greater emphasis on security awareness training going forward, with around 45% of employees surveyed expecting to spend 15 minutes or more per month in training by mid-2021, a substantial rise from 26% in 2020. In addition, this type of training was regarded as just as important as technology in dealing with security threats by respondents.
Despite this, the authors said that although organizations generally want to establish a strong cybersecurity culture, IT, security and business leaders are not effectively conveying that idea to a large proportion of their employees, with senior IT and business management much more enthusiastic about security awareness training than non-management employees.
Overall, the report noted that “security and IT leaders, their staff members, and business leaders are largely onboard with the idea that developing a strong cybersecurity culture is important; everyday employees, however, are much less convinced about the importance of doing so, indicating that the goal of developing a robust security culture has not yet been achieved in most organizations.”
Lisa Plaggemier, the chief strategist at MediaPRO, which co-sponsored the research, added: “Security awareness training doesn’t do anyone any good if they sleep through it. You can deliver the best security advice in the world, but if no one is listening, you might as well be talking to a brick wall.
“Good security awareness training should get and keep your attention. That’s what it means to be engaging.”
We’re Synium IT, how can we help?
Our aim is to become a seamless and invaluable part of your team – so you can be sure of exceptional service and a proactive, friendly and jargon-free approach to IT.
Synium IT provides the full range of IT support services to organisations throughout the West Midlands. Our approach is to deliver the very best IT Support services to our clients for great value for money, with no contract tie-in. Allowing you to experience the benefits of your own IT support partner without any risk.
Contact us today on 0121 663 0203 to find out more about how we can help.
News Source: https://www.infosecurity-magazine.com/