“The report suggests that organisations are ultimately failing to protect themselves against cyberattacks because even if staff are being provided with cybersecurity training, it isn’t adequately informing them about good practice.
This represents a major cause for concern, especially given that recent research by PwC suggests that three-quarters of large organisations suffered a staff-related security breach during 2015, with half of the worst cases caused by human error.”
So not only are hackers out there poking around to find vulnerabilities but in many cases they are finding them as a result of user errors. Training for users and IT folks when it comes to security practices is pretty lacking. Without it, all the technical tools in the world won’t fully protect them.