EMA Announces Second Annual Report on Security Awareness Training

Share Article

With people often being the weakest link in security defense, security teams strive to achieve both security and usability

security awareness

security awareness

Historically, many organizations have spent a significant amount of resources to ensure job specific training while simultaneously connecting their people to the Internet with little training on how to avoid its pitfalls.

Enterprise Management Associates (EMA), a leading IT and data management research and consulting firm, today released its second annual security awareness research report titled, ["Security Awareness Training: Are We Getting Any Better at Organizational and Internet Security?” Based on research criteria defined by David Monahan, research director of security and risk management at EMA, this major research study arms security and IT decision makers with insight on how to improve their security awareness training programs.

2014 was dubbed “the year of the breach” as over a billion consumer records across nearly every industry vertical worldwide were exposed, costing billions of dollars in recovery costs and lost revenue for the affected organizations. Though this was a tough wake-up call, many organizations have seen that technology, though a necessary part of a security strategy, is not able to fully prevent breaches. They see that people are now most often the weakest link in security defense. At the same time, the old strategies of locking down everything so people cannot cause a problem increases worker and business friction to a point that is unacceptable to both, putting security programs and security personnel at risk. To achieve both security and usability, security teams must create an environment that makes personnel more aware of and vigilant against the various attacks they face on a near daily basis.

“Undoubtedly, people are a critical part of security programs,” said Monahan. “That said, it's odd that, historically, many organizations have spent a significant amount of resources to ensure job specific training while simultaneously connecting their people to the Internet with little training on how to avoid its pitfalls. The EMA security awareness report demonstrates that that trend has significantly reversed. Moving forward, it's a matter of partnering with solutions providers that have the best means of delivering training success.”

For this year’s report, nearly 600 people in North America across the small-to-medium businesses (SMB), midmarket, and enterprise spaces were surveyed. The research revealed that a tremendous shift in awareness training programs has taken place, especially across the previously underserved SMB space. While in 2014 56% of individuals reported they had not received any training from their organizations, in 2015, 59% indicated they had now received some level of training. Many positive trends continued in the research showing the following:

  • Training content is becoming more accessible to organizations of all sizes from both a delivery and cost perspective.
  • Programs are becoming more effective and have better measurement and management capabilities.
  • Due to training, employees are better at recognizing various forms of social engineering.
  • Trained personnel recognize that they make better security choices at home as well as at work, further increasing the value of training.

The EMA “Security Awareness Training: Are We Getting Any Better at Organizational and Internet Security?” Research Report is available online at: http://www.enterprisemanagement.com/research/asset.php/3085/Security-Awareness-Training:-Are-We-Getting-Any-Better-at-Organizational-and-Internet-Security?

The Security Awareness Training: Are We Getting Any Better at Organizational and Internet Security? webinar will be held on October 6, 2015. Those interested can register at: http://research.enterprisemanagement.com/security-awareness-training-2015-webinar-pr.html

About Enterprise Management Associates
Founded in 1996, Enterprise Management Associates (EMA) is a leading industry analyst firm that provides deep insight across the full spectrum of IT and data management technologies. EMA analysts leverage a unique combination of practical experience, insight into industry best practices, and in-depth knowledge of current and planned vendor solutions to help its clients achieve their goals. Learn more about EMA research, analysis, and consulting services for enterprise line of business users, IT professionals and IT vendors at http://www.enterprisemanagement.com or blogs.enterprisemanagement.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Raleigh Gould
Enterprise Management Associates (EMA)
Like >
Visit website