Fortinet’s Global Security Awareness and Training Report: Key Insights for Building Cyber Resilience

In an increasingly AI-driven world, cybersecurity is no longer just a technology challenge, it is a human one. Fortinet’s 2024 Security Awareness and Training Global Research Report reveals how business leaders worldwide are rethinking their approach to employee cyber awareness in response to rapidly evolving threats. At Nextro, we believe that cybersecurity starts with people. Here’s what you need to know from the latest global research and why building a cyber-smart workforce has never been more important.

AI-Driven Threats Are Reshaping the Risk Landscape

62% of organisations expect that employees will fall victim to more cyberattacks due to cybercriminals’ malicious use of AI.
Threat actors are increasingly using AI to create deepfakes, hyper-targeted phishing emails, and other sophisticated attacks that are harder for individuals to detect.

Key findings:

  • 95% of organisations are actively using or exploring AI-powered security solutions.
  • 80% say that growing awareness of AI-driven attacks has increased internal support for security awareness programmes.
  • Despite this, 31% of organisations still do not manage or monitor employee use of AI applications, creating significant policy gaps.

At Nextro, we see this as a critical reminder that technology alone is not enough. Strong internal policies, supported by education and training, are vital for managing AI-related risks.

Security Awareness Training Is Now a Strategic Priority

Training is no longer a box-ticking exercise. It is a core component of building organisational resilience. Fortinet’s report highlights a growing maturity in how leaders are delivering and planning training:

  • 81% of organisations believe that a minimum of three hours of security awareness training per employee per year is needed.
  • 75% of programmes are now pre-planned and delivered monthly or quarterly for maximum impact.
  • 89% of organisations report that they have seen a measurable improvement in their security posture after implementing awareness training.
  • Top training topics include phishing prevention, data security, and data privacy, all critical areas as cybercriminal tactics continue to evolve.

However, engagement remains a challenge. Among organisations dissatisfied with their programmes, 41% cited a lack of engaging content as a major issue.

Compliance, Risk, and Culture: A Unified Approach

Security awareness initiatives are increasingly being driven by:

  • Past incidents (52%)
  • Corporate sponsorship (21%)
  • Compliance and regulatory obligations (13%)

Leaders also recognise that they need to go further. 94% are interested in introducing stricter cybersecurity policies for high-risk user groups.

These findings reinforce a key Nextro belief that cybersecurity must be embedded into an organisation’s culture, not treated as an add-on. Awareness training, clear policies, and regular reinforcement must work together to build lasting resilience.

Final Thoughts

The 2024 report makes it clear that organisations investing in security awareness are better positioned to defend against both traditional and AI-enhanced threats. But successful programmes require more than good intentions. They demand strategic planning, engaging content, and executive sponsorship.

At Nextro, we deliver Fortinet Security Awareness and Training as a fully managed, turnkey service, helping businesses build cyber resilience from the inside out.

For more information, visit Security Awareness Training on our website.

If you are ready to strengthen your human firewall,
Talk to us about how we can help build a smarter, stronger, and safer workforce.