- I can't recommend this rugged power station enough to drone users -- now with $340 off for Black Friday!
- Give your iPhone 16 thermal camera superpowers with this gadget
- This power station has an irreplaceable emergency feature (and now get $350 off for Black Friday)
- This ultra-thin power bank is a must-have travel gadget (grab it cheap in this Black Friday deal)
- The Jackery Explorer 1000 V2 is one of the best entry-level portable power stations (and it's now half price for Black Friday)
67% of organizations say employees lack basic security awareness
Fortinet’s 2024 Security Awareness and Training Global Research Report reveals 67% of organizations are concerned that employees lack fundamental security awareness. This percentage has increased since 2023, when 56% expressed concerns with employee security awareness. Perhaps as a result, 94% of organizations want to implement more stringent cybersecurity policies for high-risk employees.
Key findings from the report include:
Amit Zimerman, Co-Founder and Chief Product Officer at Oasis Security, offers the following advice for organizations seeking to improve employee security awareness training.
“Regular employee training remains essential in combating today’s threats, however, training must evolve beyond static lessons. Incorporating phishing simulators to mimic real-world attacks enables employees to apply their training in dynamic environments, testing their ability to recognize and respond to threats effectively. However, education alone isn’t sufficient,” Zimerman asserts. “IT security teams must implement strong identity and access management (IAM) frameworks with compensating controls like multi-factor authentication (MFA) to mitigate phishing attempts.
“Attackers are increasingly looking at weaker parts of the perimeter, such as non-human identities (NHIs), which control machine-to-machine access and are increasingly critical in cloud environments. NHIs now outnumber human identities in most organizations, and securing these non-human accounts is vital, especially in AI-heavy architectures like Retrieval-Augmented Generation (RAG) systems.
“To successfully integrate AI-enabled security tools and automation, organizations should start by evaluating the effectiveness of these tools in their specific contexts. Teams should test tools against real-world data to ensure they provide actionable insights and surface previously unseen threats. Existing security frameworks may need to be updated, as older frameworks were designed for non-AI environments. A flexible approach that allows for the continuous evolution of security policies is critical.”