Lately, in terms of cybersecurity, we have had very little good news to communicate as cyberattacks are numerous and devastating. A recent study conducted by the company ThriveDX gives some reason for celebration, however.
Employees increasingly well trained in cybersecurity issues
For the purposes of this survey, more than 1,900 security managers and IT professionals were interviewed. In particular, it shows that 97% of organizations have implemented security awareness measures for their employees.
This is a very good thing, especially when we know that 91% of successful cyberattacks start following a lack of knowledge on the part of an employee. And the results are already there, since 54% of respondents explain that these educational operations aimed at their employees have made it possible to increase cybersecurity in their company.
In detail, 42% of companies surveyed have deployed a phishing incident button that allows you to react much faster in the event of danger. 20% of them have deployed more than seven phishing simulations per year to anticipate this problem.
Finally, 67% of respondents have invested more than 12 hours of training per year in awareness training. Only a fifth of respondents limit themselves to one training course, while a quarter of them organize two. These operations deal in particular with phishing (28.1%), but also with password security (13.3%), which is one of the other recurring problems in terms of cybersecurity.
These initiatives are clearly not superfluous. To cite just the example of phishing attacks, their number will explode in 2022. Last June, John LaCour, an expert from the APWG, specified as follows: “ In the first quarter of 2022, we saw a 7% increase in credential theft phishing against enterprise users, accounting for nearly 59% of all malicious emails. “.
The problem is all the greater since these phishing attacks are often a gateway for cybercriminals who then take advantage of them to deploy ransomware on systems.
In this very delicate context, having employees who are really aware of these issues is therefore a major asset. But since zero risk does not exist, experts also recommend that companies make regular backups of their database.
For your part, have you been trained in the challenges of cybersecurity within your company? Tell us in the comments.