Untrained users are the greatest weakness in a cyber defense plan

KnowBe4 has released its 2024 Phishing by Industry Benchmarking Report. This report measures the likelihood that an organization’s employees would fall for a phishing or social engineering scam, assessing the status of security preparedness and awareness across global industries such as government, healthcare and critical infrastructure. 

54 million simulated phishing tests were analyzed in the report. These tests involved more than 11.9 million individuals from 55,675 organizations across 19 industries. Through this analysis, the report found that without security awareness training, 34.3% of users were likely to click on malicious links or follow through with scam requests. When phishing tests are integrated into regular security awareness training, organizations see this number decline to 18.9% within 90 days. After a year of regular training, it declines to 4.6%. 

The report reinforces the importance of managing the human element in order to properly secure an organization.