More companies investing in cyber security training and engagement

Over 80% of companies are increasing their investment in cybersecurity, according to a report by software company Capterra. The survey, conducted with 1,264 employees in India, focused on how companies engage employees in cybersecurity, handle phishing attacks, and provide security awareness training.

The report highlighted that employees view cybersecurity training as crucial, given the risk of cyberattacks. The survey suggests open communication between employers and employees plays a vital role in making staff feel involved in the cybersecurity process.

While 97% claim to receive cybersecurity training, the survey shows a desire for a mix of activities like training, workshops, and phishing simulations. Results indicate ongoing security awareness training, with 60% having refreshers every six months and 27% opting for yearly sessions.

In terms of phishing attacks, 79% of businesses were targeted in the last year, with 76% admitting to clicking on a phishing email link. Despite this, 64% of employees are very confident, and 26% are quite confident that their company takes cybersecurity seriously, reflecting positive communication between employers and employees.

Regarding company devices, 75% of employees take extra steps for online safety, possibly indicating the need for improved company protections or well-trained staff actively seeking greater protection.

Employees play a crucial role in identifying and reporting attacks, with 84% having protocols to report an attack and 81% having a formal incident response plan, according to the survey.

A separate study based on ISACA's State of Cybersecurity 2023 report indicates a cybersecurity skills gap, with over 40% of CIO/CTOs in India stating their cybersecurity teams are understaffed. The study also reveals a 55% increase in cyber-attacks, attributed to hiring and staffing challenges.