Only Half of All Organizations Have Refreshed Their Security Strategy Based on the Pandemic



Only Half of All Organizations Have Refreshed Their Security Strategy Based on the PandemicA new study published by Ponemon Institute shows that a material portion of organizations are still using pre-pandemic security processes and policies, putting the org at risk.

It seems logical that with all the shifts in how cyberthreats are being delivered, executed, and monetized over the last two years, that every single organization would be taking note and aligning their protective, preventative, detective, and responsive strategies to align. But according to Ponemon’s latest report, Security Innovation: Secure Systems Start with Foundational Hardware, we find some great details around how organizations have and haven’t changed their strategies.

According to the report, only 53% of organizations have refreshed their security strategy over the last two years.

Of those that have refreshed their strategy, the following priorities have changed:

  • Emphasis on the remote workforce (66%)
  • Expanded use of automation and AI tools for security operations (56%)
  • Use of cybersecurity compliance, risk management and privacy frameworks (52%)
  • Heightened awareness among employees about cyber hygiene (54%)
  • Increased accountability among employees (40%)

While the strategy changes above are certainly moving organizations in the right direction, it’s a bit saddening to see of the 53% that have refreshed strategies, about half of those are doing the right thing.

Focusing in on Security Awareness Training for a moment, 54% of 53% of organizations means only about 28% of organizations are putting a newfound emphasis on educating employees on how to identify and avoid phishing and social engineering attacks.

If the pandemic has taught us nothing else about the state of cyberattacks, it has shown us that phishing and social engineering are the most often used – and most effective – initial attack vector, requiring a focused defense – one found in Security Awareness Training.


The world's largest library of security awareness training content is now just a click away!

In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world's largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.

You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.

ModStore01-1The ModStore Preview includes:

  • Interactive training modules
  • Videos
  • Trivia Games
  • Posters and Artwork
  • Newsletters and more!

Start Your Preview

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/training-preview



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews