Business Leaders Concerned About Employees’ Cybersecurity Knowledge Amid Rising AI-Driven Threats

Nearly 70% of business leaders now believe their employees lack critical cybersecurity knowledge, a sharp increase from 56% in 2023. This insight comes from Fortinet’s latest 2024 Security Awareness and Training Global Research Report. The report also highlights that AI-driven cyber-attacks are becoming increasingly difficult for employees to detect, with over 60% of respondents anticipating a rise in employees falling victim to AI-enhanced attacks.

Proactive Measures in Cybersecurity Training

In response to these growing concerns, 80% of surveyed organizations have embraced security awareness and training programs to combat AI-augmented threats. As cybersecurity challenges intensify, many companies are proactively enhancing their defenses. The report notes that three-quarters of leaders are planning security awareness campaigns, with 34% delivering content monthly and 47% doing so quarterly. The effectiveness of these programs relies heavily on high-quality, engaging content that helps employees recognize and respond to threats.

“It’s vital for organizations to increase cybersecurity investments in response to growing AI threats, as these threats can have significant financial and reputational consequences,” warned Stephen Kowski, Field CTO at SlashNext. “Priority areas for investment should include AI-powered content analysis and detection, employee training and awareness programs, and robust network security measures.”

The Persistent Threat of Phishing

Phishing remains a significant concern, especially as cyber-criminals use AI to craft more convincing attacks. Over 80% of organizations experienced targeted cyber-attacks such as malware and phishing in the past year. Phishing prevention is now a core focus, with 98% of respondents including it in their training. Other key areas of emphasis are data security (48%) and privacy (41%).

“Attackers are increasingly looking at weaker parts of the perimeter, such as non-human identities (NHIs), which control machine-to-machine access and are increasingly critical in cloud environments,” explained Amit Zimerman, Co-Founder and Chief Product Officer at Oasis Security. “Securing these non-human accounts is vital, especially in AI-heavy architectures like Retrieval-Augmented Generation (RAG) systems.”

The Importance of Dynamic Training Approaches

Fortinet’s report also highlights the positive outcomes when security training is implemented. Eighty-six percent of leaders stated that their employees view these programs favorably, and 89% reported improvements in their organization’s security posture after adoption.

However, leaders also noted that effective training must balance engaging content with manageable time commitments to avoid overwhelming employees. Mika Aalto, Co-Founder and CEO at Hoxhunt, commented, “The legacy security awareness training model was designed for compliance with yesterday’s threats. What is needed for the attacks of today and tomorrow is a dynamic security behavior change platform that stays current with the constantly evolving threat landscape.”

PhishDeck’s Role in Enhancing Cybersecurity Awareness

This is where PhishDeck comes into play. Recognizing the challenges highlighted in the report, PhishDeck offers advanced social engineering simulations and human risk evaluations that help organizations proactively address these issues. By leveraging AI-powered and human-led assessments, PhishDeck provides engaging and up-to-date training programs that keep pace with the evolving threat landscape.

PhishDeck’s services focus on real-world attack simulations across various platforms, including email, voice calls, SMS, and messaging apps like Slack and Teams. By doing so, they help employees recognize sophisticated threats and respond appropriately, significantly reducing the likelihood of successful attacks.

Moreover, PhishDeck’s tailored training programs address the need for dynamic and engaging content, ensuring that employees are not only informed but also motivated to maintain high security standards. This approach aligns with the report’s emphasis on the importance of high-quality training content and manageable time commitments.

Conclusion

As AI-driven cyber-attacks become more prevalent and sophisticated, it’s crucial for organizations to enhance their cybersecurity training and awareness programs. Solutions like PhishDeck provide the dynamic, engaging, and comprehensive approach needed to equip employees with the skills to recognize and combat these emerging threats. By investing in advanced training and simulation platforms, businesses can significantly improve their security posture and safeguard against potential financial and reputational damages.

About the Report

The Fortinet survey gathered responses from over 1,850 executives across 29 countries and multiple industries, including manufacturing, financial services, and technology.

By integrating PhishDeck’s innovative solutions into your organization’s cybersecurity strategy, you can effectively address the challenges posed by AI-enhanced cyber-attacks and strengthen your defenses against evolving threats.