Good news on the security awareness training front: Wombat Security reports that 95% of companies they surveyed now train end users on how to identify and avoid phishing attacks, up from 86% in 2014.
Even more good news: The training also has had an impact. Roughly 54% of security pros said they have been able to quantify reductions in phishing susceptibility based on training activities, according to Wombat's "2018 State of the Phish" report.
"There's been an increase in interest over the past year," says Gretel Egan, brand communications manager for Wombat Security, which is a division of Proofpoint. "A few years ago many scoffed at the idea of security awareness training, but now they realize that it can only benefit their company."
Yet there's still some work ahead in getting the word out and doing so effectively. That means understanding where companies go wrong with their security awareness training – and how to correct it.