Abnormal AI Reveals Gaps and Opportunities in Security Awareness Training Programs in New Report

99% of organizations experienced security incidents linked to avoidable human error, yet current training tools fall short

Abnormal AI, the leader in AI-native human behavior security, today released a new research report that highlights a stark disconnect between security awareness training (SAT) programs and their real-world effectiveness. While nearly every organization surveyed (99%) suffered a security incident tied to human error in the past year, the vast majority stated that they struggle to implement effective, scalable SAT programs that reduce this risk.

Based on a survey of over 300 security and IT leaders in the United States and United Kingdom, Abnormal’s research found that SAT is widely adopted, with 75% of organizations requiring employees to complete training at least quarterly. However, many programs exist only to satisfy regulatory or insurance requirements, which results in stale content, minimal engagement, and a perception of training as “checkbox compliance.”

“When SAT content is one-size-fits-all and delivered against an annual or quarterly schedule to check a box, it can feel like a chore that employees are apt to tune out—and that opens the door to costly breaches,” said Mike Britton, CIO of Abnormal AI. “Attackers’ most vulnerable targets are people, not systems, and reducing avoidable user actions—like clicking on a suspicious link—needs to be front and center.”

Unfortunately, the amount of time and effort required to run an effective SAT program was shown to be a major blocker preventing organizations from achieving success. Eighty-three percent of respondents agreed that their current SAT tools require substantial effort to operate and maintain, with more than half (53%) agreeing that the effort required to run them outweighs their impact.

Despite widespread recognition that training can dramatically improve an organization’s security posture, the reality is grim: SAT programs are currently insufficient, ineffective, or both. The good news is, organizations are prepared to act.

The report's findings highlight the potential for AI to improve both the efficiency and effectiveness of training programs in reducing human error. Nearly all of the organizations surveyed (99%) are in favor of including AI in future SAT tools and workflows, and see the value in using AI to support various functions of their programs, including to:

• Automatically generate training campaigns and workflows (99%)
• Automate the creation of training videos (95%)
• Automatically create individualized attack simulations based on individual user profiles (95%)
• Conduct conversational coaching by leveraging LLMs (95%)
• Create dynamic risk scores based on past user behavior and the types of attacks targeting certain types of users (96%)

The report highlights Just-in-Time (JIT) training as an untapped opportunity in SAT. JIT training delivers education to employees at the exact moment they need it—for instance, right when they encounter a suspicious email. This dynamic, adaptive learning can be tuned to current threats and individual user behavior, with lessons that are highly relevant to real-world risks.

“To truly defend against human-centric threats, enterprises must evolve their SAT programs to be continuous, dynamic, contextual, and personalized,” continued Britton. “For years, this kind of training was something security leaders might have wished for, but implementing it in the real world would have been far too labor-intensive. Now, with AI, security teams have the power to make the dream of highly effective security awareness training a reality.”

• Download 2025 State of Security Awareness Training here.
• Learn more about Abnormal AI’s AI Phishing Coach solution.

About Abnormal AI

Abnormal AI is the leading AI-native human behavior security platform, leveraging machine learning to stop sophisticated inbound attacks and detect compromised accounts across email and connected applications. The anomaly detection engine leverages identity and context to understand human behavior and analyze the risk of every cloud email event—detecting and stopping sophisticated, socially-engineered attacks that target the human vulnerability.

You can deploy Abnormal in minutes with an API integration for Microsoft 365 or Google Workspace and experience the full value of the platform instantly. Additional protection is available for Slack, Workday, ServiceNow, Zoom, and multiple other cloud applications. Abnormal is currently trusted by more than 3,200 organizations, including over 20% of the Fortune 500, as it continues to redefine how cybersecurity works in the age of AI. Learn more at abnormal.ai.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250513231522/en/