A Fortinet study shows that 67 percent of companies believe their employees are not sufficiently aware of cyber risks. Training and awareness prove crucial to reducing security risks.

Fortinet published the yearbook Global Security Awareness and Training Research Report 2024. This shows, among other things, that cybercriminals are increasingly using advanced technologies such as AI. Fortinet’s main purpose of the report is to highlight the need for effective security training.

Vulnerable target

AI makes phishing attacks harder to detect and prompts companies to train their employees. 93 percent of organizations receive support from management to provide such training. This is also urgently needed, as the figures from the report show.

More than eighty percent of companies surveyed report that their employees have fallen victim to end-user attacks such as phishing and malware. But 67 percent of companies do not have the basic employee knowledge to recognize and prevent these attacks.

Positive effect of training

The survey also shows that 85 percent of companies see improvements after implementing security awareness training. 45 percent of organizations offer quarterly training, while 26 percent do so monthly. The programs focus primarily on phishing prevention (82%), data security (42%) and data protection (37%).

While employees are open to training, respondents emphasize the importance of engaging content. Programs that are too long or uninteresting reduce effectiveness. On average, training sessions last three hours, although a shorter duration is often recommended to avoid overload.

Fortinet uses the study for its own benefit Security awareness and training service praise. As cyberattacks become increasingly complex, a combination of security awareness, technical training and advanced security technology is essential to protecting organizations.