Cyber security threats continue to proliferate and become more costly to businesses that suffer a data breach. One reason for that is that hackers have realized it’s easier to find someone who may be willing in a moment of weakness to open an attachment containing malicious content than to exploit technical vulnerabilities within computer software, according to Symantec.
When it comes to combatting these growing risks, most organizations continue to place more trust in technology-based solutions than on training their employees to be more aware of the threat landscape and able to recognize the red flags in cyber breach attempts. Organizations tend to see their employees as liabilities rather than as assets, who, when trained appropriately and incentivized, can be part of a more robust solution to many problems.
A report, “Magic Quadrant for Security Awareness Computer-Based Training,” by Gartner, the leading computer trends analyst, evaluates a broad range of computer-based security training products on the market. “People impact security outcomes, much more than any technology, policy or process,” Gartner explains. “The market for security awareness computer-based training is driven by the recognition that, so long as technology-based security systems do not provide perfect protection, people play an undeniable role in an organization's overall security and risk posture. This role is defined by both inherent strengths and weaknesses: people's ability to learn and their capacity for error.”