Training Improves Prevention of Security Breaches


KnowBe4 has announced a new KnowBe4 Research report, More Training, Better Prepared: Increasing the Frequency of Training Improves Understanding of Security Instructions, which finds that increasing the frequency of security awareness training improves reactions to security breaches by enhancing the understanding of security instructions.

In this report, KnowBe4 examined how clearly security instructions are understood by employees relative to the amount of security awareness training they have taken in the last 12 months.

Responses were analysed and compared based on those who completed no security awareness training, annual training, quarterly training, and monthly training.

Data from over 526,000 people worldwide in a variety of industries was included. Highlights from the findings include:

  • In 84% of cases, security awareness training increased employees’ understanding of security instructions.
  • The average clarity rating by respondents was 70 out of 100; however, the clarity varied greatly depending on how much security awareness training had been completed in the last 12 months.
  • When analysing specific industries, Hospitality was noted as having the highest frequency of no security awareness training and Education rated the clarity of instructions in the event of a security incident lowest of all industries examined.

“The correlation between more frequent security awareness training and being better prepared on the specifics of how to deal with a security incident is made clear based on the findings of this report,” said Kai Roer, chief research officer, KnowBe4.

“For organisations looking to improve their communication efforts with employees regarding what to do in the event of a security breach, leaders should implement security awareness training on a monthly or at least quarterly basis. Without the benefits obtained by frequent training, employees are left to decipher security instructions on their own, lacking proper guidance and ultimately putting the organisation at higher risk for mishandling a security incident.” said Roer.

You can read the full report here.