Internet Security Awareness Training (ISAT) firm KnowBe4 released a study which reports that a significant percentage of organizations do not follow network security best practices with regard to training. Network security training, notes Digital Journal, is completed quarterly by less than 77 Percent of the 420 enterprises and government agencies surveyed for the report.
"Sjouwerman explains that for most enterprises, their greatest susceptibility is well-meaning employees who haven’t been trained to recognize and avoid social engineering and phishing tactics. ‘Cybercriminals have become very skilled at developing seemingly legitimate emails that trick employees into responding. Individuals will click a link if they think a request is coming from a vendor, government agency, bank or colleague. And all it takes is that single click for cybercriminals to bypass all security measures and install malware directly on the user’s system. From that point, they can gain open access to the entire network."