KnowBe4 reveals lack of cybersecurity awareness training

A survey conducted by KnowBe4 confirms regular cybersecurity training is lacking with unsafe business practices, therefore putting organisations at risk

Security awareness and training platform KnowBe4 has revealed that 50% of cybersecurity professionals have admitted that their organisations only conduct training once a quarter, or even once a year.

The survey, conducted at Infosecurity Europe 2023, consisted of 220 cybersecurity professionals and found that organisations are potentially at risk of a serious cyber incident due to irregular security awareness training. 

This comes in the wake of many reports citing challenges endured by an overworked cybersecurity workforce, in addition to a large skills gap within cyber organisations and security teams. Reports such as these recognise a need for workplaces to ensure knowledge and cyber defences are up-to-date.

Cyber professionals exhibiting “unsafe behaviours”

More than one in every four organisations (26%) are running a one-size-fits-all approach, according to the survey. Of the companies that did tailor their security awareness training, 46% modified training according to department, 25% adjusted it by personality type/learning style and 25% adapted it by seniority.

In addition, only 21% of professionals surveyed believed they have a great security awareness programme. For 27% of respondents, their current programme was found to be too boring or not attention-grabbing enough, with others claiming the training is outdated (22%), too general (17%), not user-friendly (17%) and too slow or not issued in real-time (15%).

It is clear that there is a greater need for skilled workers in cybersecurity roles to prevent the cost of global attacks from rising even further. In connection to growing cyberattacks worldwide, some countries are witnessing high demand for more skilled professionals within the cyber industry.

Reasons for a shortage within the industry could be due to technology advancing too quickly in contrast to not enough workers having enough of a professional skill-set to handle complex cyberattacks or data breaches.

The report cited that none of the respondents implemented security awareness training after a mistake was made. Yet, nearly one in four cybersecurity professionals believed that people exhibit unsafe behaviours within the workplace because the teachable moment passes too quickly.

“The lack of engaging, relevant, and frequently implemented security awareness training is concerning. Particularly in light of company research suggesting that as many as 80% of cybersecurity professionals have observed users performing risky behaviours at work, including the use of gaming, gambling and adult websites, as well as downloading malicious applications,” said Javvad Malik, lead security awareness advocate at KnowBe4. 

“Security awareness training should not simply be seen as a tick-a-box exercise. Rather, organisations must recognise that their people are critical to the success, but also the potential downfall of the business. 

“By investing in the right training programme, a strong security culture can be nurtured and could save the company significant costs that often accompany a breach.”



For more insights into the world of Technology - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - AI Magazine | Technology Magazine.

Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.


BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.

BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.


Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI