Good news on the security awareness training front: Wombat Security reports that 95% of companies they surveyed now train end users on how to identify and avoid phishing attacks, up from 86% in 2014.
Even more good news: The training also has had an impact. Roughly 54% of security pros said they have been able to quantify reductions in phishing susceptibility based on training activities, according to Wombat's "2018 State of the Phish" report.
"There's been an increase in interest over the past year," says Gretel Egan, brand communications manager for Wombat Security, which is a division of Proofpoint. "A few years ago many scoffed at the idea of security awareness training, but now they realize that it can only benefit their company."
Yet there's still some work ahead in getting the word out and doing so effectively. That means understanding where companies go wrong with their security awareness training – and how to correct it.
Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio