2018 Safety Awareness Training Figures

A new study carried out by Mimecast has produced some interesting security mindfulness training figures for 2018. The survey shows a lot of companies are taking substantial risks by not providing sufficient training to their workers on cybersecurity.

Question the IT department what is the greatest danger cybersecurity danger and several willsay end users. IT teams put a considerable amount of effort into applying andmaintaining cybersecurity fortifications, only for employees to take actionsthat introduce malware or lead to an electronic mail breach. It isunderstandable that they are annoyed with employees. Most cyberattacks start withend users. By compromising one appliance, an attacker gains a footing in the systemwhich can be utilized as a Launchpad for more attacks on the business.

However, it doesn’t need to be like that. Businesses can create a strong last line of protection by providing safety awareness training to employees to help them identify threats and to prepare them how to respond and report difficulties to their IT group. The difficulty is that a lot of businesses are failing to do that. Even when cybersecurity teaching is provided, it is often insufficient or not obligatory. That means it is just partly effective.

Mimecast’s security awareness training figures show that just 45% of firms provide workers with recommended safety awareness teaching that is obligatory for all employees. 10% of firms have training programs available, however, they are only voluntary.

Explore deeper into these safety awareness training statistics and they are not quite as they appear. Certainly, 45% of firms provide obligatory cybersecuritytraining but, in many cases, it falls short of what is needed.

For example, only 6% of firms provide monthly training and 4% do so three-monthly. For that reason, just 10% of the 45% are providing training regularly and are adhering to acceptable industry standards for safety. 9% of the 45% only provide safety awareness training when an employee joins the company.

The training processes used propose safety awareness training, for a lot of businesses, is more of a checkbox item. 33% provide printed lists of cybersecurity guidelines or electronic mail instructions even though several employees will simply neglectthose messages and handouts.

30% issue prompts concerning possibly risky links, in spite of that little is done neglect those employees actually clicking those links. Businesses are in its place relying on their employees to know what to do and to take care, even though formal cybersecurity training is often lacking and they lack suitable skills. Only 28%are using interactive training videos that involve users.

These safety awareness training figures show that firms clearly need to do more. As Mimecastproposes, effective safety awareness training means making training obligatory. Training must also be a continuous process and simply handing out advices is not sufficient.

You must involve workers and make the training more enjoyable and ideally, amusing.  “The easiest way to lose your audience is by making the training dull, unconnected,and worst of all, unmemorable.”