Report Outlines Importance of Providing Engaging User Awareness Training

The way cybersecurity awareness training is conducted in organizations has a huge bearing on employees’ subsequent security outlook and behaviours, according to a new report from Osterman Research.

The researchers discovered that users who found security training “very interesting” were over 13-times more likely to make “fundamental changes” to how they think about security compared to those who considered the training “boring.”

The survey of 1000 US everyday employees, IT managers and decision-makers also found that the quantity of security awareness training given makes a major difference, with the ability of staff to spot and deal with security threats such as phishing and business email compromise improving as more training is provided.

Encouragingly, it appears as though organizations are set to place much greater emphasis on security awareness training going forward, with around 45% of employees surveyed expecting to spend 15 minutes or more per month in training by mid-2021, a substantial rise from 26% in 2020. In addition, this type of training was regarded as just as important as technology in dealing with security threats by respondents.

Despite this, the authors said that although organizations generally want to establish a strong cybersecurity culture, IT, security and business leaders are not effectively conveying that idea to a large proportion of their employees, with senior IT and business management much more enthusiastic about security awareness training than non-management employees.

Overall, the report noted that “security and IT leaders, their staff members, and business leaders are largely onboard with the idea that developing a strong cybersecurity culture is important; everyday employees, however, are much less convinced about the importance of doing so, indicating that the goal of developing a robust security culture has not yet been achieved in most organizations.”

Lisa Plaggemier, the chief strategist at MediaPRO, which co-sponsored the research, added: “Security awareness training doesn’t do anyone any good if they sleep through it. You can deliver the best security advice in the world, but if no one is listening, you might as well be talking to a brick wall.

“Good security awareness training should get and keep your attention. That’s what it means to be engaging.” See out Training services here: https://beesoit.com/services/it-training/

 

We’re Beeso IT, how can we help?

Our expert team of engineers, consultants, solution architects and project managers work right alongside our client’s internal IT teams – bringing their years of technical experience & competencies to your business on a need by need basis.

Wherever you require support, for whatever technology requirement. The Beeso IT team are on-hand locally as your global technology partner. If you are unsure of how secure your endpoints are, please contact the team today.

 

News source: https://www.infosecurity-magazine.com/

Posted in

Ryan Norfolk

MICROSOFT OFFICE 365
YOUR COMPLETE OFFICE IN THE CLOUD

Bringing together everyone's favourite productivity tools with the benefits of cloud-based communication and collaboration, Microsoft have developed a platform that is both technically & commercially-sound for businesses of any shape.