New survey data from security vendor nCipher uncovers why organizations are finding it difficult to engage users to participate willingly in security-minded processes and behaviors.
Getting an organization to change the way it does business isn’t easy. It involves a lot of planning, budget, communication, training, and testing. According to nCipher’s Infosecurity Survey 2019, 29% of security spending involves employee training and 83% of organizations offer some level of cybersecurity training to employees.
And yet, according to the report, 66% of organizations find users unwilling to adapt to more secure processes and behaviors.
So, why are organizations having a tough time?
According to the survey, some of the issues that may be responsible are:
- A lack of skilled resource in-house to conduct training (67%)
- A lack of support from the board and wider C-suite (55%)
- A lack of best practice guidelines to work towards and implement (63%)
Adoption by users is the key to a security culture. And, it seems from the report data, that organizations are merely walking through the paces of security training, rather than making a concerted effort to actually change the culture within the organization – one that involves getting executive buy-in and support, proper planning, leveraging employee security champions, and utilizing new school Security Awareness Training that goes beyond the infrequent breakroom training and ineffective email updates sent out by IT.
Find out how affordable new-school security awareness training is for your organization. Get a quote now.
