Employees unsure who to go to to report security incident, finds study

Stu Sjouwerman, Chief Executive Officer at KnowBe4

KnowBe4, provider of security awareness training and simulated phishing platform, announced the release of a report from its research team that shows without training, 21% of the untrained global workforce did not know who to go to when faced with a threat. 

What were the findings of the survey?

The minutes that lapse between an employee seeing a potential security threat and the right person receiving the information can make the difference between warding off or leaving the door open to an intrusion. This makes ensuring employees know when to report a threat, and who to report to, a vital security step. Annual security training reduced to 17%.

But it is repetition that creates the most significant change – overall improvement on knowing who to go to doubled in those who completed monthly versus annual training. 

The report includes an assessment of training frequencies across industries, with Education, Technology and Healthcare and Pharmaceuticals coming in lowest on monthly training, meanwhile, Hospitality and Transportation are leading at 28 and 20% respectively. 

Why is repetitive training good for employees?

The report shows that increasing the frequency at which employees complete security awareness training has an almost universal positive influence. Without the benefits obtained by frequent training, employees are left to decipher security instructions on their own, lacking proper guidance and putting the company at higher risk for mishandling a security incident. 

According to KnowBe4 CEO Stu Sjouwerman, “Monthly training brings about an improved understanding of the terminology and knowledge about why the procedures are in place, as well as the correct channels for communication of threats. As the data demonstrates, ensuring that this vital information is communicated regularly is a necessary step in securing an organisation of any size and contributes to creating a stronger security culture.” 

To download the KnowBe4 Research Quarterly Research Report, visit the website.