75% of Organizations Believe They Are at Risk of Careless or Negligent Employees

75% Careless EmployeesNew data shows organizations are well aware that their users are one of their greatest cybersecurity risks today, and yet aren’t taking the right steps to remediate the risk.

KnowBe4 exists and continues to thrive because the human threat surface is far and wide. Email, text, web surfing, phone calls and crafty combinations therein all create somewhat unique attacks. In each of these instances, the user is relying on technology to stop the threat before the attack gets to them.

According to Mimecast’s State of Email and Collaboration Security 2024 report, organizations are understanding the fallacy in that expectation, seeing the value in their own cybersecurity tech stacks, and now grasping the ever-present problem of the unwatchful user.

Let’s start with the state of cybersecurity presented in the report:

  • 90% of organizations have a formal cybersecurity strategy
  • 96% credit that strategy to reducing their cybersecurity risk
  • 99% say their company’s cybersecurity practices are “effectively protecting the organization’s customers, employees and business partners”

OK, so organizations feel like they have a handle on cybersecurity. That’s good.

The report points out a new threat vector — one that most organizations are not yet prepared for: collaboration tools.

  • 70% feel online collaboration tools pose new threats
  • 59% say their employees routinely download and make use of new collaboration tools that have not been approved by IT
  • 61% say that most of the native security provided by these tools is inadequate
  • 69% say they cannot keep up with the number of collaboration tools used

And now add back in the user:

  • Three out of four organizations feel their company is at risk of inadvertent data leaks by careless or negligent users
  • Only 15% of organizations provide ongoing security awareness training to ensure a vigilant user and an increased culture of security

Add all this up, and what you end up with is users who aren’t frequently being educated on the risks that exist when interacting with email, the web and collaboration tools they trust. In other words, an organizations that is “definitely ready”… oh, but wait — “the user is a huge risk”; and a new wave of toolsets where the term “shadow IT” doesn’t even cover the evolution of online tool usage that’s occurring.

And, in the end, the one place where the organization can make a positive impact is the one thing that they seem (at least according to the data) to be overlooking is ongoing security awareness training.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews