As much as 88 percent of data breaches are caused by human error, but only 43 percent of workers admit having made mistakes that compromised cybersecurity. In the past year, one-third of the breaches incorporated social engineering techniques and the cost of a breach caused by a human error averaged $3.33 million. The need for consistent and effective cybersecurity training is evident.
To mitigate the risk, enterprises develop complex cybersecurity strategies and action plans, yet they are insufficient unless acknowledged by every member of their organization. Half of chief information security officers (CISOs) plan to extend cybersecurity and privacy into all business decisions and that makes it every employee’s concern.
With ever-changing and evolving digital threats, maintaining cyber resistance is no longer limited to IT and security officers and depends on every member of the organization. Constant training is a way to build the team’s resilience against threats, yet it is not uncommon for them to turn into dull slide presentations, after which few remember the safety measures they should take. The problem is amplified by the workforce operating from home and not subscribing to security policies of the company.
CISOs and other stakeholders can grab employees’ attention by changing the methods of the regular cybersecurity training. Those who found training to be very interesting were 13 times more likely to change the way they think about cyber threats and protection against them. Therefore, organizations should seek memorable, entertaining, and accessible ways to talk about complicated security matters.