Back to Blogs Report Highlights Deficiencies in Training, Security Technologies

Report Highlights Deficiencies in Training, Security Technologies

Sept 27, 2024

Cybersecurity is more critical than ever, especially for business owners and leaders who may not be deeply technical. The fourth “Cybersecurity Attitudes and Behaviors, Oh Behave! 2024-2025” report sheds light on several key areas that highlight the importance of robust cybersecurity measures and the risks posed by human behavior.

Of the 7,000 respondents, the majority are employed. An impressive 53% of participants reported they are always connected online. An additional 38% go online several times a day. Younger generations, particularly Gen Z (65%) and Millennials (64%), are the most connected. A third of respondents said they have 10 or more sensitive accounts online.

The Role of AI in Cybersecurity

The report underscores the dual role of artificial intelligence (AI) in cybersecurity. On one hand, AI is increasingly used by hackers to develop targeted attacks. These AI-powered attacks can automate phishing campaigns, create convincing fake identities, and bypass traditional security measures.

On the other hand, AI is also a powerful tool for defense. AI-driven tools can analyze vast amounts of data to detect anomalies, predict potential threats, and respond to incidents in real-time.

However, the report also raises concerns about the ethical implications and potential misuse of AI, emphasizing the need for robust policies and regulations to ensure responsible use.

More than half of employed participants (52%) and students (58%) said they have not been trained to use AI safely. And 38% admitted to sharing sensitive work information with AI without their employer’s knowledge. These AI-influenced transgressions are more prominent among younger generations (46% of Gen Z, 43% of Millennials).

Human Behavior and Cybersecurity Risks

One of the most significant findings of the report is the impact of human behavior on cybersecurity. Risky behaviors, such as poor password hygiene, lack of multi-factor authentication (MFA), and inadequate software updates, can lead to incidents like business email compromise (BEC).

The report highlights five critical behaviors that are essential for maintaining online security:

  • Password hygiene
  • Multi-Factor Authentication (MFA)
  • Software updates
  • Data backups
  • Phishing awareness

It also notes that younger generations tend to use less secure password practices and are less consistent with unique passwords compared to older generations, although they are more open to using modern login methods like facial recognition.

Training and Awareness

Despite the increasing access to cybersecurity training, over half of the participants in the report still lack access to adequate training. This gap underscores the need for better training and awareness programs to improve cybersecurity behaviors.

Regular training programs, promoting strong password practices, enforcing MFA, ensuring regular software updates, and conducting phishing simulations are some of the strategies that businesses can implement to enhance their employees' cybersecurity behaviors. STACK Cyber offers all of these services and a lot more.

The Growing Threat Landscape

Looking ahead to 2025, the report identifies several top cybersecurity threats. Ransomware attacks are expected to become more sophisticated, with attackers using double extortion tactics. The expansion of Internet of Things (IoT) devices is increasing the attack surface for hackers, as each new device connected to a network can be a potential entry point.

AI-powered cyberattacks are also on the rise, with cybercriminals leveraging AI to create more sophisticated malware and automate attacks. Additionally, the increasing use of public cloud services and extended reality (XR) technologies introduces new vulnerabilities that must be addressed.

Investing in Advanced Security Technologies

To mitigate these risks, the report recommends investing in advanced security technologies such as Security Information and Event Management (SIEM) systems. SIEM systems can monitor and respond to potential threats in real-time, providing an additional layer of security for businesses.

In conclusion, the Annual Cybersecurity Attitudes and Behaviors Report 2024-2025 highlights the importance of cybersecurity and the need for businesses to invest in both technology and training to protect against evolving threats. By focusing on improving cybersecurity behaviors and leveraging advanced technologies, businesses can create a more secure environment and reduce the risk of cybersecurity incidents.

Cybersecurity Risk Assessment

Is your organization truly secure against cyber threats? Do you have the right security policies, tools, and practices in place to protect your data, reputation, and productivity? If you’re not sure, it’s time for a cybersecurity risk assessment (CSRA). Our cybersecurity risk assessment will meticulously identify and evaluate vulnerabilities and risks within your IT environment. We’ll assess your network, systems, applications, and devices, and provide you a detailed report and action plan to improve your security posture. Don't wait until it's too late.

Schedule Consult Learn More