Many organizations are still struggling to feel confident in their ability to manage a breach and execute a response plan.
The Human Factor
Companies are not addressing the human factor of a data breach.
Despite human error being the leading cause of data breaches, employee security training is lacking. Half of survey respondents do not provide data protection training as part of new employee on-boarding, and amongst companies that do provide employee security training, a majority only conduct it once.
As a best practice, companies should ensure they provide regular security and data privacy awareness training for employees. The specifics covered in these trainings should be regularly reviewed and updated to ensure their programs address the areas of greatest risk to the organization.