KnowBe4 reveals lack of cybersecurity awareness training

A survey conducted by KnowBe4 confirms regular cybersecurity training is lacking with unsafe business practices, therefore putting organisations at risk

Security awareness and training platform KnowBe4 has revealed that 50% of cybersecurity professionals have admitted that their organisations only conduct training once a quarter, or even once a year.

The survey, conducted at Infosecurity Europe 2023, consisted of 220 cybersecurity professionals and found that organisations are potentially at risk of a serious cyber incident due to irregular security awareness training. 

This comes in the wake of many reports citing challenges endured by an overworked cybersecurity workforce, in addition to a large skills gap within cyber organisations and security teams. Reports such as these recognise a need for workplaces to ensure knowledge and cyber defences are up-to-date.

Cyber professionals exhibiting “unsafe behaviours”

More than one in every four organisations (26%) are running a one-size-fits-all approach, according to the survey. Of the companies that did tailor their security awareness training, 46% modified training according to department, 25% adjusted it by personality type/learning style and 25% adapted it by seniority.

In addition, only 21% of professionals surveyed believed they have a great security awareness programme. For 27% of respondents, their current programme was found to be too boring or not attention-grabbing enough, with others claiming the training is outdated (22%), too general (17%), not user-friendly (17%) and too slow or not issued in real-time (15%).

It is clear that there is a greater need for skilled workers in cybersecurity roles to prevent the cost of global attacks from rising even further. In connection to growing cyberattacks worldwide, some countries are witnessing high demand for more skilled professionals within the cyber industry.

Reasons for a shortage within the industry could be due to technology advancing too quickly in contrast to not enough workers having enough of a professional skill-set to handle complex cyberattacks or data breaches.

The report cited that none of the respondents implemented security awareness training after a mistake was made. Yet, nearly one in four cybersecurity professionals believed that people exhibit unsafe behaviours within the workplace because the teachable moment passes too quickly.

“The lack of engaging, relevant, and frequently implemented security awareness training is concerning. Particularly in light of company research suggesting that as many as 80% of cybersecurity professionals have observed users performing risky behaviours at work, including the use of gaming, gambling and adult websites, as well as downloading malicious applications,” said Javvad Malik, lead security awareness advocate at KnowBe4. 

“Security awareness training should not simply be seen as a tick-a-box exercise. Rather, organisations must recognise that their people are critical to the success, but also the potential downfall of the business. 

“By investing in the right training programme, a strong security culture can be nurtured and could save the company significant costs that often accompany a breach.”



For more insights into the world of Technology - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - AI Magazine | Technology Magazine.

Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.


BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.

BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.


Featured Articles

Global events driving rise in DDoS attacks, says Netscout

Report by Netscout found that DDoS attacks grew 31% YoY in the first half of 2023 with a staggering 44,000 each day, fuelled by world events

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Cyber Security

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security