A Third of U.S. Employees Receive No Meaningful Cybersecurity Training

While it’s well-established that human error and neglect are the leading causes of cyber breaches, many argue that calling employees the “weakest link” in the cybersecurity chain is unfair. If an employee clicks on an unsafe link and as a result infects a network with malware, they might be considered a weak point; but what if that employee was never trained on the dangers of clicking indiscriminately? If they were not aware of the consequences, it’s this lack of training that is indeed the weakest link. Despite the well-known dangers of cyber-attack, many employers are still neglecting to train their employees on proper cybersecurity measures. Just how many? One survey suggests it might be as high as one out of three employees receiving no formal cybersecurity training at all. Think about this: "a third of employees are using computers despite having received no cybersecurity training from their current employer,” cybersecurity expert Stephen Cobb writes. “This is problematic for multiple reasons beyond the obvious one that untrained employees are more likely to cause or enable security breaches.”