Fortinet, a global cybersecurity leader driving the convergence of networking and security, has released its annual 2024 Security Awareness and Training Global Research Report, highlighting the crucial role a cyber-aware workforce plays in managing and mitigating organisational risk.
“Our latest research highlights key trends within the United Arab Emirates, showing significant progress in the adoption of AI-driven security solutions,” said Alain Penel, Vice President – Middle East, Turkey and CIS at Fortinet. “According to the findings, 32% of respondents in the UAE are in the process of implementing AI security measures, while 68% have already integrated these technologies into their systems. These advancements reflect the region’s proactive approach to enhancing cybersecurity resilience and awareness, reinforcing the UAE’s position as a leader in security innovation across the Middle East.”
Key findings from the global report include:
- As malicious actors use AI to increase the volume and velocity of their attacks, leaders believe these threats will be harder for their employees to spot. More than 70% of respondents in the UAE expect employees to fall victim to AI-driven cyberattacks. While globally,more than 60% of respondents expect more employees to fall victim to attacks in which cybercriminals use AI. However, the good news is that most respondents globally (80%) also say enterprise-wide knowledge of AI-augmented attacks has made their organisations more open to implementing security awareness and training.
- Employees can be an organisation’s first line of defence, but leaders are increasingly worried that their employees lack security awareness. Nearly 78% of those surveyed believe their employees lack critical cybersecurity knowledge, up from 56% in 2023.
- Leaders recognise the importance of security awareness training but believe specific attributes make some training programmes more effective than others. Three-quarters of leaders say they plan their security awareness campaigns, delivering content monthly (38%) or quarterly (54%). Executives also point to high-quality content playing a leading role in the success or failure of the programme.
The latest threats that employees must battle
One prominent way cybercriminals use AI is to make phishing schemes more believable and harder to detect. Because phishing targets individual users directly, organisations are heavily focused on teaching employees how to recognise and avoid falling victim to these attacks.
- End-users remain attractive targets. More than 80% of organisations faced attacks last year, such as malware, phishing and password attacks that directly targeted individuals.
- As attacks evolve, security awareness and training will only become more vital. Nearly all (98%) of those surveyed say their leadership team supports employee security awareness training.
- Nearly all respondents (98%) say phishing prevention is a component of their training programmes and plans. Other top training priorities include data security (58%) and privacy (48%).