Security training has little effect on reducing human error

Traditional techniques such as security awareness training and phishing simulations have a limited impact on improving employees' real-world cybersecurity practices according to a new report. The study, prepared by the Cyentia Institute, uses aggregated data from 114,000 Elevate Security Platform users for the last three years, examining malware, phishing, email security and other real world attack data. It finds that while security training results in slightly lower phishing simulation click rates among users, it has no significant effect at the organizational level or in real-world attacks. What's more, an increase in simulations and training can be counterproductive, with the report… [Continue Reading]