2025年全球信息安全意识与培训研究报告_第1页
2025年全球信息安全意识与培训研究报告_第2页
2025年全球信息安全意识与培训研究报告_第3页
2025年全球信息安全意识与培训研究报告_第4页
2025年全球信息安全意识与培训研究报告_第5页
已阅读5页,还剩27页未读 继续免费阅读

下载本文档

版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领

文档简介

2025SecurityAwarenessandTraining

GlobalResearchReport

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport2

Contents

3Methodology

4ExecutiveSummary

5TrainingWorks;ButtheWorkIsNeverDone

7AIIsReinforcingtheValueofSecurityAwarenessandTraining

13ExternalThreatsAreDrivingAdoption,ButInternalRisks

AreaGrowingConcern

20OrganizationsAreSeeingRealResultsFromSecurity

AwarenessandTraining

26DespiteMakingGains,MoreTrainingIsNeeded

31Conclusion

32AboutFortinet

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport3

Methodology

Thefindingsinthisreportarebasedonresponsesobtainedthroughonlineinterviewswith1,850seniorITsecuritydecision-makers.Theinterviewswere

conductedbySapioResearchinNovember2025.Responseswereobtainedfrom29locations:

•Argentina

•Australia

•Brazil

•Canada

•Colombia

•France

•Germany

•HongKong

•India

•Indonesia

•Israel

•Italy

•Japan

•MainlandChina

•Malaysia

•Mexico

•Netherlands

•NewZealand

•Philippines

•Singapore

•SouthAfrica

•SouthKorea

•Spain

•Sweden

•Taiwan

•Thailand

•UnitedArabEmirates

•UnitedKingdom

•UnitedStatesofAmerica

Overallresultsareaccurateto

±2.3%ata95%confidencelimit.

SizeofCompany

100-499employees21%

500-999employees20%

1,000-2,499employees22%2,500-4,999employees19%5,000+employees19%

Gender

63%ofrespondentsweremale

37%ofrespondentswerefemale

RoleType

9%heldOwnerpositions

30%heldC-LevelExecutivepositions6%heldVicePresidentpositions

14%heldHeadofDepartmentpositions17%heldDirectorpositions

24%heldManagerpositions

TopThreeBusinessSectors:Manufacturing15%

FinancialServices13%

ProfessionalServicesandTechnology12%

Totalrespondents:1,850

Asia-Pacific30%

Europe,MiddleEast,andAfrica27%LatinAmerica22%

NorthAmerica22%

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport4

ExecutiveSummary

AI-basedthreatshaveledemployeestoseethevalueofcybersecurityawarenessandtraininginanewlight.

Organizationsreportreal,measurableresultsfromtrainingefforts,thoughmostfeelthatevenmoretrainingisneededtodefendagainstevolvingcyberrisks.

AIisreinforcingthevalueofsecurityawareness

andtraining

•88%oforganizationssayAI

usebybadactorshashelpedemployeesseewhyawarenessandtrainingmatter.

•53%oforganizationstrain

employeesontheappropriate

useofgenerativeAI(GenAI)toolsandmonitororblockthesharingofsensitiveinformation.

•96%ofrespondentssaytheyareintheprocessofresearchingandimplementingasecuritypolicyforusingAIappsandothertools.

Externalthreatsaredrivingadoption

•41%ofrespondentssaythey

haveadoptedsecurityawarenessandtrainingtodefendagainst

externalthreats—downfrom52%in2024.

•51%seedatasecurityasthe

mostimportantawarenessand

trainingtopic,followedbydataprivacy(43%)andAI-basedtoolsandthreats(41%).

•34%saypersonnellimitationswerethemainreasonthey

didnotimplementsecurity

awarenessandtrainingsooner.

Organizationsareseeingrealresultsfromsecurityawarenessandtraining

•67%oforganizationsreportmoderateorsignificant

reductionsinintrusions,

incidents,andbreachessinceimplementingtraining.

•53%measuretraining

effectivenessintermsofreducedsecurityincidents.Othertop

measuresincludeemployeefeedback(52%)andsecurityaudits(50%).

•88%oforganizationsprovidetailoredtrainingtodifferentgroupsofemployees.

Despitemakinggains,moreisneeded

•95%ofdecision-makersbelievethatmoresecurityawareness

wouldhelpreducecyberattacks.

•69%ofleadersfeelemployeesstilllacksecurityawareness.

•26%sayemployeeswhosee

securityasimportantdon’talwaysactaccordingly.

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport5

INTRODUCTION

TrainingWorks;ButtheWorkIsNeverDone

The2025SecurityAwarenessandTrainingGlobal

ResearchReportreinforcestwokeyfindingsfromthepastcoupleofyears:thatorganizationsseeknowledgeandskillsascrucialtocyberdefense,andthattrainingmustadaptcontinuallyasthreatsandrisksevolve,

especiallywhenAIisinvolved.

Our2025findingsshowthatorganizationscontinuetoseesecurityawarenessandtrainingasimportantandthatexternalthreatsarestillthemainmotivatorforundertakingsecurityawarenessand

trainingprograms.

Astheyhaveinpreviousyears,leadersremaincommittedtosecurityawarenessandtraining,recognizingtheneedandbuildingitinto

corporatepriorities.Yetmanycontinuetofeelthattheirworkforcesareunpreparedtofendoffcyberthreats,despiteconcertedeffortstoraiseawarenessandprovidesecuritytraining.Thefollowing

pagesexplorepossiblereasonsforthismindset,fromtheconstantevolutionofthreatstoratesoftrainingcompletion,toissueswithtrainingcontent.

In2025,webroadenedthescopeofourSecurityAwarenessand

Trainingsurvey,askingnewquestionsanddivingdeeperintoareas

suchaspreferredtrainingmodalities,howorganizationsaremeasuringtheeffectivenessoftraininginitiatives,andemployeeperceptionsofcybersecurityasasharedresponsibility.

Wealsoaddedanewsectiontothereport—firstintroducedinour

2025CybersecuritySkillsGapGlobalResearchReport

—TakingAction.Inthissection,wesharetheperspectivesofFortinetexpertsastheyrespondtothesurveyfindings,theirimplications,andthepotential

actionsthatorganizationsmighttakeinresponse.

Fortinet2025SecurityAwarenessandTrainingGlobalResearchReport6

Fewerthanhalf(40%)of

respondentssayemployees

arehighlytrainedandreadytoidentify,avoid,andreportAI-basedcyberthreats.

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport7

AIIsReinforcingtheValueofSecurityAwarenessandTraining

AsorganizationscontinuetoadoptAItools—andas

threatactorsincreasinglyuseAIformaliciouspurposes—employeesandleadersrecognizethedualneedforgreaterawarenessofAIrisksandmoretraininginhowtodealwiththoserisks.

Theoverwhelmingmajority(88%)ofrespondentstoour2025surveysaythatthegrowinguseofAIbybadactorshaseithersomewhatorsignificantlyinfluencedemployeeperspectivesontheimportanceof

securityawarenesstraining.YetdespitebeinghighlyawareoftherisingthreatofAI,leadersaren’tespeciallyconfidentthattheiremployeesareequippedtomeetit.

Just40%ofsurveyrespondentsconsidertheiremployeestobehighlytrainedandreadytoidentify,avoid,andreportAI-basedcyberthreatsinthenext12months.Fifty-eightpercent(58%)describetheiremployeesasbeingeithermoderatelyorslightlyprepared.

Asilverliningisthatonlyaverysmallportionofleaders(2%)believetheiremployeesarenotatallreadytofaceAI-driventhreats.

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport8

TheAIAlarmBell

MostrespondentssayknowledgeofAIthreatshaseithersignificantlyorsomewhatincreasedemployeeperceptionsoftheimportanceofsecurityawarenessandtraining.

HowAIhasaffectedemployeeperceptionsofsecurityawarenessandtraining

Significantlyincreasedemployeeperceptionofitsimportance Somewhatincreasedemployeeperceptionofitsimportance Nochangeinemployeeperceptionofitsimportance SomewhatdecreasedemployeeperceptionofitsimportanceSignificantlydecreasedemployeeperceptionofitsimportance

8%

3%

1%

47%

41%

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport9

DIGGINGDEEPER

OrganizationsareactingtosafeguardagainstAIrisks

AIuseneedstobemanaged

OrganizationsaretakingconcretestepstomanageemployeeAIuse,including:

•TrainingemployeesonhowtouseAItoolsproperly(53%)

•UsingtechnologiestomonitororblockthesharingofsensitiveinformationwithAItools(53%)

•ImplementingpoliciesforAItooluse(48%)

•Maintainingauthorizedapplists(45%)

AItoolsneedtobesecured

ThemajorityarealsotakingstepstomanageAItoolsecurity:

•96%ofrespondentsindicatedthattheir

organizationeitherhasmeasuresinplaceorisintheprocessofresearchingorimplementingmeasurestotestandvalidatethesecurity

ofdeployedAIandlargelanguagemodel(LLM)tools.(Ofthat96%,68%havealreadyimplementedsuchmeasures.)

•96%haveimplementedorareintheprocessofimplementingsecuritypoliciesforGenAIappsandotherAItools.

AItrainingadoptionis

fairlyconsistentacrossorganizationsofallsizes

AItrainingadoptionisbroadlysimilaracrosscompaniesofallsizes,withamodestuptickamongorganizationswith5,000+employees.

•5,000+employees—57%

•2,500to4,999employees—55%

•1,000to2,499employees—52%

•500to999employees—49%

•100to499employees—52%

53%oforganizationstrainemployeesonproperuseofGenAItools.

FRTInEtTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport10

RegionalHighlights

AsiaPacificorganizationsarethemostlikelytotrainusersonAItools

WhilenoregionreportsespeciallyhighusertrainingonAItools,AsiaPacificleadsthewayat59%.LatinAmericaistheonlyregiontocomeinatlessthan50%.

AI-drivensecurityawarenessvariesbyregion,withEurope,theMiddleEast,andAfricabeingthelowestWorkersinNorthAmericaaremostlikelytoseesecurityawarenessandtrainingasimportantduetothegrowingmalicioususeofAI.

RegionAIthreatshaveledemployeestovalue

securityawarenessandtrainingEmployeesandusersaretrainedintheproperuseofAItools

Europe,MiddleEast,andAfrica

50%

NorthAmerica

51%

AsiaPacific51%Europe,MiddleEast,andAfrica37%

LatinAmerica49%

NorthAmerica53%

NorthAmericaismostconfidentaboutdealingwithAIthreats

MorerespondentsinNorthAmericasayemployeesaretrainedand

readytoidentify,avoid,andreportAI-basedcyberthreatsoverthenext12monthsthaninanyotherregion.

RegionEmployeesaretrainedandreadyforAI-based

cyberthreatsoverthenext12months

AsiaPacific88%

Europe,MiddleEast,andAfrica83%

LatinAmerica83%

LatinAmerica

49%

AsiaPacific

NorthAmerica91%

59%

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport11

TakingAction

OrganizationsarestillverymuchatthelearningstagewhenitcomestomanagingAI-related

risks.Forexample,fewerthanhalf(42%)of

thosesurveyedsaytheyhavetoolstomonitoremployeeAIuse.

AItrainingisneeded

Thiscanbedoneinseveralways,includingbyholdingAItrainingmoreregularlyandprovidingbriefrefreshersessions,orbyoffering

microlearningoron-demandresourcesasrequiredbyemployeestostaycurrentonevolvingAIthreatsandbestpractices.

GuidanceonAIuseisalsorequired

Itisimportanttoprovideup-to-dateAI

guidanceandpoliciesthathelpemployees

understandandfollowthebestpracticesforusing,selecting,andengagingwithAIvendorsandthird-partyAItechnologyproviders.Suchguidanceshouldclearlyoutlinedatatypes

andclassificationlevels,provideinformationsecurityandlegal/privacycriteria,andlistapprovedAIvendorsandproviders.

AIgovernancepoliciesneedcontinuousmonitoring

Implementingpoliciesaloneisnotenoughintheever-changingworldofAI.Organizationsmustalsomonitorandrevisitthosepoliciescontinuouslytokeeppacewithshiftsin

technologyandregulations.

Fortinet2025SecurityAwarenessandTrainingGlobalResearchReport12

41%oforganizationssay

externalthreatswerethecore

driverforadoptingsecurityawarenessandtraining.

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport13

ExternalThreatsAreDrivingAdoption,ButInternalRisksAreaGrowingConcern

Potentialthreats,pastbreaches,andbreachesinthesameindustrywerethebiggestmotivatorsofincreasedsecurityawarenessandtrainingin2025(41%).Thisisdownfrom

52%theyearbefore,thoughtheadditionofnewoptionsrelatedtointernaldriverscouldaccountforthedecline.

Twenty-sevenpercent(27%)ofrespondentssaytheyadoptedsecurityawarenessandtrainingtoprotectfrominsiderrisks.Insiderrisks

includecorporatesponsorships,pastorpotentialinsiderbreaches,

andconcernsthatinternaluserscouldcontributetoadatabreach

ordisclosure.Thisisajumpfromjust4%in2024whichsuggests

organizationsaremoreattunedtoinsiderrisks—andseethemas

addressablewithgreaterawarenesstraining,thoughtheadditionofnewinsiderriskoptionswithinthesurveymayaccountforthedramaticjump.

Respondentslistpersonnellimitations(34%),budgetconstraints(19%),andothersecuritypriorities(18%)astheirtopreasonsfornotadoptingsecurityawarenessandtrainingpreviously.Themainprioritiesthat

tendtopushsecurityawarenessandtrainingtothebackburnerare

operationalandproductionefficiencyinitiatives(47%),othertraining

anddevelopment(44%),digitaltransformationandtechnologyupgrades(43%),cybersecurityanddataprotection(42%),andinfrastructureandITmodernization(41%).

Formanyorganizations(51%),datasecuritycontinuestobethemost

importantsecurityawarenessandtrainingtopic,followedbydata

privacy(43%),andAI-basedtoolsandthreats(41%).Thispriorityseemstobereflectedinthetypesoftrainingthataredelivered,with50%of

respondentsreportingtrainingondatasecurity,43%ondataprivacy,and42%onAI-basedtoolsandthreats.

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport14

20252024

Toptopicsforsecurityawarenessandtraining

Theadditionofnewoptionstothelistin2025shiftedsomeyear-over-yearweightings,butdatasecurityanddataprivacyarestillseenasthetwomostimportanttopicstobecoveredbyawarenessprogramsandsecuritytraining.

Mostimportanttopicstocover

DataSecurity

DataPrivacy

AI-BasedToolsandThreats

ProtectionAgainstMalwareandRansomware

CloudandApplicationSecurity

EmailSecurity

InformationSecurityConcepts

PasswordProtectionandSecurityManagement

Phishing‚Smishing,andVishingAwareness

Multi-FactorAuthentication

23%

NA

17%

22%

18%

15%

16%

12%

16%

NA

17%

16%

11%

13%

0%0%

0%0%

51%

48%

43%

41%

41%

NA

34%

38%

33%

NA

27%

28%

29%

NA

30%

28%

28%

28%

23%

20%

ReportingIncidentsandSuspiciousActivity

MobileDeviceSecurity

RemoteWorkSecurity

Role-SpecificTraining

PhysicalSecurity

RiskFromInsiders

SocialEngineering

Other

NoneoftheAbove

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport15

Thetopicstrainedoninsecurityawarenessclearlyalignwiththekeytopicsthatneedtobecovered.

Topicstrainedoninthepast12months

DataSecurity

DataPrivacy

AI-BasedToolsandThreats

ProtectionAgainstMalwareandRansomwareCloudandApplicationSecurityEmailSecurity

InformationSecurityConceptsPasswordProtectionandSecurityManagement Phishing‚SmishingandVishingAwarenessMulti-FactorAuthentication

ReportingIncidentsandSuspiciousActivity

MobileDeviceSecurityRemoteWorkSecurityRole-SpecificTrainingPhysicalSecurity

RiskFromInsidersSocialEngineeringOther

NoneoftheAbove

50%

43%

42%

37%

36%

34%

34%

34%

31%

28%

28%

26%

26%

23%

23%

21%

15%

0%0%

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport16

DIGGINGDEEPER

Leadersandemployeescontinuetoseevalueinsecurityawarenessandtraining

Supportforsecuritytrainingiswidespread

Responsesin2025aboutsupportfortrainingremaininlinewith2024:

•88%ofemployeesseesecurityawarenessandtrainingpositively(86%in2024).

•95%ofcorporateleaderssupportsecurityawarenessandtrainingtoacertainorlargeextent(96%in2024).

•ITleaders(56%)andsecurityleaders(51%)arethetopchampionsofsecurityawarenessandtraining,followedbyCEOs(41%)and

CTOs(33%)—allinlinewith2024.

Newtrainingtopicsrankhighly

Whenidentifyingthemostimportantsecurityawarenessandtrainingtopics,respondents’choicesincludedthefollowingnewoptionsin2025:

•AI-basedtoolsandthreats(41%)

•Cloudandapplicationsecurity(33%)

•Informationsecurityconcepts(29%)

•Reportingincidentsandsuspiciousactivity(23%)

•Physicalsecurity(16%)

Satisfactionwithtrainingisgenerallyhigh

85%ofdecisionmakerssaythey’resomewhatorverysatisfiedwiththeircurrentsecurityawarenesstrainingsolution(86%in2024),

thoughsomehavereservations:

•Ofthosenotsatisfied,thetopconcernwasmissingimportanttopics(28%,newin2025).

•Othersourcesofdissatisfactionare

unengagingcontent(21%)andmultilingualavailability/languagesupport(18%,new

in2025).

•Athirdnewoption,rankingfourth,was

“contentisnoteasytounderstand”(13%).

88%ofemployeesseesecurityawarenessandtrainingpositively.

FRTInEtTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport17

RegionalHighlights

ThethreatofabreachisatopmotivatorinEurope,theMiddleEast,andAfrica,andinLatinAmerica

NorthAmericanrespondentswereleastlikelytosaytheyadoptedsecurityawarenessandtrainingoutofconcernaboutbreaches.

OrganizationsinNorthAmericaaremostsatisfiedwiththeircurrentsolution

Respondentsinotherregionsarelikeliertosaytheyhadsomedissatisfactionwiththeircurrentsecurityawarenessand

trainingsolutions.

Region

AsiaPacific

Europe,MiddleEast,andAfricaLatinAmericaNorthAmerica

Satisfactionwithcurrentawarenessandtrainingsolution

Awarenessandtrainingaremotivatedbythethreatofabreach

Europe,MiddleEast,andAfrica

82%

NorthAmerica

91%

17%19%19%13%

LimitedpersonnelisasignificantobstacletoadoptioninAsiaPacific

OrganizationsintheAsiaPacificregionweremuchmoreinclinedtocitehumanresourceconstraintsasthetopreasonfornotadoptingsecurityawarenessandtrainingsooner.

Region

AsiaPacific

Europe,MiddleEast,andAfricaLatinAmericaNorthAmerica

Limitedpersonnelresourcesinhibitedawarenessandtrainingadoption

40%

28%

LatinAmerica

81%

AsiaPacific

85%

32%

33%

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport18

TakingAction

Previoussecurityawarenessandtraining

surveyshaveshownconsistentlythatqualitytrainingcontentmatters—andisimportant

toorganizations.Yetthatdoesn’tnecessarilymeanallorganizationshaveaclearsenseofwhat“quality”lookslike.

Qualitytrainingneedstoberelevantandeffective

Relevantcybersecuritytrainingaddressestherisksthatusersfaceinreallifeandemphasizesthebiggestandpotentiallymostharmful

threats.Qualitytrainingusesscenarios,media,andinteractiveelementstoengagelearners

andaccommodatedifferentlearningstyles;isdeliveredinmultiplelanguages;andprovidestheinformationandeducationrequiredto

teachallstudentshowtorecognize,assess,andrespondtothreats.

Measurementiscritical

Learningshouldbemeasuredwith

assessmentsandtests.Trackcompletionsaswellasbehaviorchanges,suchasphishing

clickrates,securitytooluptake,andthenumberofincidents.

Timingmatters

Timingandtimelinessarealsoimportant.

Delivertrainingregularly—atshortintervals,notjustonceayear—andreinforceitwithreminders,simulations,andmicrolearning.

Updatetrainingregularlytomatchchangesintechnology,policies,andthreats,andtoensurenew,important,andhigh-priority

topicsaren’tmissed.

Cyberawarenessiscultural

Thegoalofawarenessandtrainingisnot

justtoinform:Itistoeffectchangeandbuildacultureofsecurityawareness.Thisgoal

shouldextendthroughouttheorganization

fromleadershipondown.Organizationsshouldencouragetheiremployeestoseesecurity

awarenesstrainingasatoolthathelpsthemprotectthemselvesandthecompanyratherthanacomplianceboxthatmustbechecked.

Fortinet2025SecurityAwarenessandTrainingGlobalResearchReport19

67%oforganizationshave

seenareductioninintrusions,incidents,andbreachessinceimplementingtraining.

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport20

OrganizationsAreSeeingRealResultsFromSecurityAwarenessandTraining

Anencouraginginsightfromour2025surveyisthatmany

organizationsareusingamixofindicatorstomeasurethe

effectivenessofsecurityawarenessandtraining,withaclearmajority(67%)sayingthey’veseenacorrespondingdeclineinintrusions,incidents,andbreaches.

Themostcommonmeasureoftrainingeffectivenessisreduced

securityincidents(53%).Alsocommonareemployeefeedback

(52%),andsecurityaudits(50%).Slightlylowerbutstillsignificant,42%ofrespondentssaytheyevaluateeffectivenessbytrackingthecompletionrateforsecurityawarenessandtraining.Thishassomeinterestingimplications,becauseonly6%oforganizationsreport

100%trainingcompletion.Justoverhalf(56%)reportcompletionratesgreaterthan70%,whichisthemeanaverage.

Theselower-than-100%completionratesmayholdpartofthe

keyastowhy,despitecorporateefforts,manyleaders(69%)stillfeelemployeeslackcybersecurityawareness(apointthatwillbeelaboratedoninthenextsection).

Organizationsdoseemtorecognizethattargetedtrainingismore

effective.Eighty-eightpercent(88%)providetrainingthatistailoredtospecificgroupsofemployees,with64%focusingongroupsthat

aretargetedmoreoftenand58%focusingonindividualswhoseemtohavetheleastsecurityawarenessorknowledge.

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport21

Mixingmeasuresandmodalities

Organizationsuseawiderangeofmeasurestodeterminetheeffectivenessofsecurityawarenessandtraining.Theyalsoemployablendoftrainingmodalities,within-personandcomputer-basedtrainingmostcommon(53%and52%,respectively).

TopmeasuresoftrainingeffectivenessToptrainingmodalities

Reducedsecurityincidents Employeefeedback SecurityauditTrainingparticipation

Knowledgeassessments/quizzes

Trainingcompletionrates

PhishingsimulationresultsBehavioralchangeSurveys

53%

52%

50%

47%46%

42%40%

38%35%

In-Persontraining Computer-basedtrainingSimulatedphishingattacks

SmishingsimulationsInternalchatsuchasTeams,Slack

“Nudge”

Screenmonitorscommunications

Newsletters

SimulatedQRcodesOnsitepostersAwards

SimulatedUSBContests

45%37%

36%

33%

32%

30%

29%26%

26%

23%21%

53%

52%

FRTInETTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport22

DIGGINGDEEPER

Manyorganizationshavegoodtrainingdiscipline

Regulartrainingsessionsarecommon

94%ofrespondentssaytheyholdsecurityawarenessandtrainingsessionsona

regularbasis:

•46%holdtrainingquarterly(47%in2024).

•32%holdtrainingmonthly(34%in2024).

•16%holdtrainingannually(15%in2024).

Manyplanfortrainingcampaigns

Planningofsecurityawarenesstrainingcampaignsisontherise:

•35%conductplannedcampaignsquarterly(downfrom45%in2024).

•22%conductplannedcampaignsannually(downfrom30%in2024).

•16%plancampaignsforCybersecurityAwarenessMonth(October).

Organizationsfavor2–3hoursoftrainingperyear

45%ofdecision-makerssay2–3hoursperyearisreasonableforsecurityawarenesstraining

(upfrom31%in2024).Otherdurationsinclude:

•Upto1hourperyear(7%,downfrom9%in2024)

•1–2hoursperyear(31%—downfrom34%in2024)

•Morethan3hoursperyear(16%—downfrom25%in2024)

94%oforganizationsholdregularsecurityawarenesstrainingforemployees.

FRTInEtTrainingInstituteFortinet2025SecurityAwarenessandTrainingGlobalResearchReport23

RegionalHighlights

NorthAmericanorganizationsaremostlikelytoreportreducedincidentsaftertraining

MoreorganizationsinNorthAmericareportmoderateorsignificantreductionsinsecurityintrusions,incidents,orbreachescomparedtootherregions.

OrganizationsinEurope,theMiddleEast,andAfricaareleastinclinedtoruntrainingprogramsmonthlyorquarterly.

ThoseinNorthAmericaandLatinAmericaaremostlikelytoruntrainingprogramsmonthlyandquarterly.

Region

AsiaPacific

Europe,MiddleEast,andAfricaLatinAmericaNorthAmerica

Monthlyandquarterlysecuritytraining

Europe,MiddleEast,andAfrica

69%

NorthAmerica

温馨提示

  • 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
  • 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
  • 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
  • 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
  • 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
  • 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
  • 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

评论

0/150

提交评论