Fortinet Report Finds Nearly 70% of Organizations Say Their Employees Lack Fundamental Security Awareness
Fortinet's 2024 Security Awareness and Training Global Research Report reveals critical cybersecurity challenges facing organizations. Nearly 70% of organizations report their employees lack fundamental security awareness, up from 56% in 2023. The report highlights that over 60% of respondents expect more employees to fall victim to AI-augmented attacks.
Key findings show that 80% of organizations are more open to implementing security awareness training due to AI threats. Three-quarters of leaders plan security awareness campaigns, with 34% delivering monthly and 47% quarterly content. More than 80% of organizations faced attacks targeting individuals last year, including malware, phishing, and password attacks. Notably, 89% of organizations reported improvements after implementing security awareness training programs.
Il Rapporto Globale sulla Consapevolezza e Formazione in Sicurezza di Fortinet del 2024 rivela sfide critiche di cybersicurezza che le organizzazioni devono affrontare. Quasi il 70% delle organizzazioni riportano che i loro dipendenti mancano di una consapevolezza fondamentale sulla sicurezza, rispetto al 56% nel 2023. Il rapporto sottolinea che oltre il 60% dei rispondenti si aspetta che un numero maggiore di dipendenti diventi vittima di attacchi potenziati dall'IA.
I risultati chiave mostrano che l'80% delle organizzazioni è più aperta a implementare formazione sulla consapevolezza della sicurezza a causa delle minacce legate all'IA. Tre quarti dei leader pianificano campagne di consapevolezza sulla sicurezza, con il 34% che offre contenuti mensili e il 47% trimestrali. Più di 80% delle organizzazioni hanno subito attacchi mirati a individui lo scorso anno, inclusi malware, phishing e attacchi alle password. È significativo che l'89% delle organizzazioni abbia riportato miglioramenti dopo aver implementato programmi di formazione sulla consapevolezza della sicurezza.
El Informe Global sobre Conciencia y Capacitación en Seguridad 2024 de Fortinet revela desafíos críticos de ciberseguridad que enfrentan las organizaciones. Casi el 70% de las organizaciones informan que sus empleados carecen de una conciencia fundamental en seguridad, un aumento desde el 56% en 2023. El informe destaca que más del 60% de los encuestados esperan que más empleados caigan víctimas de ataques potenciados por IA.
Los hallazgos clave muestran que el 80% de las organizaciones es más receptivo a implementar capacitación sobre conciencia de seguridad debido a las amenazas de IA. Tres cuartas partes de los líderes planean campañas de conciencia de seguridad, con el 34% entregando contenido mensual y el 47% trimestral. Más de 80% de las organizaciones enfrentaron ataques dirigidos a individuos el año pasado, incluyendo malware, phishing y ataques de contraseña. Notablemente, el 89% de las organizaciones reportaron mejoras después de implementar programas de capacitación sobre conciencia de seguridad.
포티넷의 2024 보안 인식 및 교육 글로벌 리서치 보고서는 조직이 직면한 중요한 사이버 보안 문제를 드러냅니다. 거의 70%의 조직이 직원들이 기본적인 보안 인식이 부족하다고 보고했으며, 이는 2023년의 56%에서 증가한 수치입니다. 이 보고서에 따르면 60% 이상의 응답자가 더 많은 직원이 AI 기반 공격의 희생자가 될 것으로 예상하고 있습니다.
주요 발견에 따르면 80%의 조직이 AI 위협으로 인해 보안 인식 교육을 수행할 준비가 되어 있습니다. 리더의 3분의 2는 보안 인식 캠페인을 계획 중이며, 34%는 월간, 47%는 분기별 콘텐츠를 제공합니다. 지난해 80% 이상의 조직이 개인을 겨냥한 공격을 경험했으며, 여기에는 악성코드, 피싱 및 비밀번호 공격이 포함됩니다. 특히 89%의 조직이 보안 인식 교육 프로그램을 도입한 후 개선된 결과를 보고했습니다.
Le Rapport de Recherche Mondiale sur la Sensibilisation à la Sécurité et la Formation 2024 de Fortinet révèle des défis critiques en matière de cybersécurité auxquels les organisations sont confrontées. Près de 70% des organisations rapportent que leurs employés manquent de sensibilisation fondamentale à la sécurité, contre 56% en 2023. Le rapport souligne qu'au-delà de 60% des répondants s'attendent à ce qu'un plus grand nombre d'employés soient victimes d'attaques augmentées par l'IA.
Les conclusions clés montrent que 80% des organisations sont plus ouvertes à la mise en œuvre de formations sur la sensibilisation à la sécurité en raison des menaces liées à l'IA. Les trois quarts des dirigeants prévoient des campagnes de sensibilisation à la sécurité, avec 34% fournissant du contenu mensuel et 47% trimestriel. Plus de 80% des organisations ont été confrontées à des attaques ciblant des individus l'année dernière, y compris des logiciels malveillants, du phishing et des attaques par mot de passe. Notamment, 89% des organisations ont signalé des améliorations après avoir mis en œuvre des programmes de formation à la sensibilisation à la sécurité.
Die Fortinet-Studie zur globalen Sicherheitsbewusstseins- und Schulungsforschung 2024 zeigt kritische Herausforderungen der Cybersicherheit auf, mit denen Organisationen konfrontiert sind. Fast 70% der Organisationen berichten, dass ihre Mitarbeiter grundlegendes Sicherheitsbewusstsein vermissen, ein Anstieg von 56% im Jahr 2023. Der Bericht hebt hervor, dass über 60% der Befragten erwarten, dass mehr Mitarbeiter Opfer von KI-unterstützten Angriffen werden.
Wesentliche Erkenntnisse zeigen, dass 80% der Organisationen aufgrund von KI-Bedrohungen offener für die Implementierung von Schulungen zur Sicherheitsbewusstseinsbildung sind. Drei Viertel der Führungskräfte planen Kampagnen zur Sicherheitsbewusstseinsbildung, wobei 34% monatliche und 47% vierteljährliche Inhalte bereitstellen. Mehr als 80% der Organisationen wurden im letzten Jahr Ziel von Angriffen, die auf Individuen abzielten, einschließlich Malware, Phishing und Passwortangriffen. Bemerkenswert ist, dass 89% der Organisationen nach der Implementierung von Schulungen zur Sicherheitsbewusstseinsbildung Verbesserungen berichteten.
- None.
- None.
SUNNYVALE, Calif., Oct. 23, 2024 (GLOBE NEWSWIRE) --
John Maddison, Chief Marketing Officer at Fortinet
“As threat actors harness new technologies like AI to augment the sophistication of their attacks, it’s increasingly crucial that employees serve as a robust first line of defense. Fortinet’s new research underscores the importance of creating a culture of cybersecurity and the need to deploy organization-wide security awareness and training. These findings reinforce the importance of our award-winning Security Awareness and Training service for enterprises, including the free educational version available at no cost to primary and secondary schools around the world, and its role in strengthening cyber resilience.”
News Summary
Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today released its annual 2024 Security Awareness and Training Global Research Report, highlighting the crucial role a cyber-aware workforce plays in managing and mitigating organizational risk.
Key findings from the global report include:
- As malicious actors use AI to increase the volume and velocity of their attacks, leaders believe these threats will be harder for their employees to spot. More than
60% of respondents expect more employees to fall victim to attacks in which cybercriminals use AI. However, the good news is that most respondents (80% ) also say enterprise-wide knowledge of AI-augmented attacks has made their organizations more open to implementing security awareness and training. - Employees can be an organization’s first line of defense, but leaders are increasingly worried that their employees lack security awareness. Nearly
70% of those surveyed believe their employees lack critical cybersecurity knowledge, up from56% in 2023. - Leaders recognize the importance of security awareness training but believe specific attributes make some training programs more effective than others. Three-quarters of leaders say they plan their security awareness campaigns, delivering content monthly (
34% ) or quarterly (47% ). Executives also point to high-quality content playing a leading role in the success or failure of the program.
The Latest Threats That Employees Must Battle
One prominent way cybercriminals use AI is to make phishing schemes more believable and harder to detect. Because phishing targets individual users directly, organizations are heavily focused on teaching employees how to recognize and avoid falling victim to these attacks.
- End-users remain attractive targets. More than
80% of organizations faced attacks last year, such as malware, phishing, and password attacks that directly targeted individuals. - As attacks evolve, security awareness and training will only become more vital. Nearly all (
96% ) of those surveyed say their leadership team supports employee security awareness training. - Nearly all respondents (
98% ) say phishing prevention is a component of their training programs and plans. Other top training priorities include data security (48% ) and privacy (41% ).
Employees Can Serve as a Strong First Line of Defense against Attacks
While security and IT teams are crucial to safeguarding organizations against cyberthreats, an enterprise’s employees also play an important role in preventing breaches.
- Employees are open to cybersecurity awareness and training opportunities. Most leaders (
86% ) say their employees positively view security awareness and training. - Organizations see positive results when they implement security and awareness training programs. An overwhelming majority of leaders (
89% ) say their organization saw at least some improvement in its security posture after security awareness and training were implemented. Not a single respondent claimed to see no improvement.
Cyber Awareness Training Is Vital, but Not All Programs Are Created Equal
Most organizations are motivated to introduce security awareness and training based on their experience of being breached or knowledge of threats in their industry or sector. Almost all decision-makers (
According to this year’s survey,
- Engaging content is paramount. While
86% of decision-makers say they are satisfied with their current security awareness and training solution, the biggest complaint was a lack of engaging content among those not satisfied. - Consider the time commitment required. Avoid training fatigue by considering the amount of time required from learners. Demanding too much time from employees can overburden them. Between 1.1 and 2.0 hours is the most common time proposed, with three hours as the average.
Develop a Cyber-Aware Workforce with the Fortinet Security Awareness and Training Service
One breach incident alone has significant repercussions for a business. It is vital to build a three-pronged defense strategy that includes security awareness and training for all employees, technical cybersecurity skills for IT and security staff, and advanced security solutions for the network.
Beyond teaching individuals what to do when they encounter threats, awareness and training lay the foundation for creating a culture of cybersecurity throughout the organization. Fortinet offers its Security Awareness and Training service to businesses that want to develop a cyber-aware workforce. Designed by the Fortinet Training Institute’s world-class trainers, this service covers a broad range of topics, offers content customization opportunities, and reinforces learnings with periodic reminders and checks. Organizations using the service also have access to a variety of dashboards to track learner progress and reporting to address cyber insurance and compliance needs.
About the Fortinet Cyber Awareness Survey:
- The survey was conducted among more than 1,850 executive-level and management-level professionals from 29 different countries at organizations with security awareness and training.
- Survey respondents came from a range of industries, including manufacturing (
17% ), financial services (13% ), and technology and professional services (11% ).
Additional Resources
- Learn more about Fortinet’s free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
- Visit fortinet.com/trust to learn more about Fortinet innovation, collaboration partners, product security processes, and enterprise-grade products.
- Learn more about Fortinet's commitment to product security and integrity, including its responsible product development and vulnerability disclosure approach and policies.
- Learn more about FortiGuard Labs threat intelligence and research and Outbreak Alerts, which provide timely steps to mitigate breaking cybersecurity attacks.
- Learn more about Fortinet’s FortiGuard Security Services portfolio.
- Read about how Fortinet customers are securing their organizations.
- Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.
About Fortinet
Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with esteemed organizations from both the public and private sectors, including CERTs, government entities, and academia, is a fundamental aspect of Fortinet’s commitment to enhance cyber resilience globally. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.
Copyright © 2024 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet’s trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiMail, FortiSandbox, FortiADC, FortiAI, FortiAIOps, FortiAntenna, FortiAP, FortiAPCam, FortiAuthenticator, FortiCache, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCASB, FortiCentral, FortiConnect, FortiController, FortiConverter, FortiCSPM, FortiCWP, FortDAST, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevSec, FortiEDR, FortiExplorer, FortiExtender, FortiFirewall, FortiFlex FortiFone, FortiGSLB, FortiGuest, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMonitor, FortiNAC, FortiNDR, FortiPenTest, FortiPhish, FortiPoint, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiSDNConnector, FortiSEC, FortiSIEM, FortiSMS, FortiSOAR, FortiStack, FortiSwitch, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM and FortiXDR. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.
| Media Contact: | Investor Contact: | Analyst Contact: |
| Stephanie Lira Fortinet, Inc. 408-235-7700 pr@fortinet.com | Aaron Ovadia Fortinet, Inc. 408-235-7700 investors@fortinet.com | Brian Greenberg Fortinet, Inc. 408-235-7700 analystrelations@fortinet.com |
FAQ
What percentage of organizations report employees lacking cybersecurity knowledge according to Fortinet's 2024 report?
How many organizations experienced improvements after implementing Fortinet (FTNT) security awareness training?
What percentage of organizations faced individual-targeted attacks in 2023 according to Fortinet?
How many organizations expect increased AI-augmented attack vulnerability according to Fortinet's 2024 report?
