Traliant study exposes unsafe employee practices and urgent training gaps — plus introduces enhanced HIPAA course to help address evolving privacy and security challenges
Traliant, a leader in online compliance training, released its latest research, The State of Cyber: 2025 Cybersecurity Pulse Survey, highlighting a persistent gap between cybersecurity awareness and practice — including risky employee habits that leave organizations vulnerable to increasingly sophisticated cyberattacks.
Also Read: CIO Influence Interview with Dipto Chakravarty, Chief Product and Technology Officer at Black Duck
Based on a survey of over 600 full-time US employees across various industries, the research found:
- 18% of employees reuse passwords across work accounts, creating cascading risk if one account is compromised.
- 23% write down passwords, exposing credentials to loss or theft.
- Only 30% use password managers and less than half (46%) consistently use multi-factor authentication (MFA).
- 42% have accessed sensitive company information on personal devices without IT approval.
- 78% say they’re not fully confident in spotting more advanced phishing attacks like deepfakes or voice spoofing.
- 40% report that current cybersecurity training doesn’t feel relevant to their day-to-day responsibilities.
“AI engineered cyberthreats have become more complex, harder to detect, and exploit employee behaviors,” said John Brushwood, Compliance Counsel at Traliant. “Organizations must rethink how they engage employees around cybersecurity because threats are no longer a tech-only issue — they’re a human one. It’s critical for HR and IT to work together to make a measurable impact on building a stronger culture of cyber vigilance.”
Also Read: About IoT Security: Challenges and Tips for a Hyperconnected World
The survey emphasizes the importance of equipping employees with training that is relatable, actionable and provides practical tools and real-world scenarios to build and reinforce cyber awareness — not just to reduce security risks, but to foster a culture of accountability. The report follows the recent release of Traliant’s Cybersecurity solution, which takes a multi-layered approach to threat prevention by combining a 30-minute Cybersecurity Awareness training course, interactive Phishing Simulations, and quarterly Microlearning courses on topics like AI-enabled threats and social engineering. This comprehensive program empowers employees to recognize, prevent and respond to cyber risks year-round.
Read the full Cybersecurity Pulse Survey report here.
Expanding privacy protection: Protecting health data with new HIPAA training
As cyber threats increasingly target sensitive personal and health data, organizations must also reinforce their data privacy practices. In response, Traliant has enhanced its HIPAA training and introduced a new 15-minute refresher course – an efficient option for employees who’ve already completed the full training, offering a streamlined way to reinforce key concepts. Created with oversight from in-house legal and compliance experts, the updated training helps covered entities and business associates comply with federal HIPAA regulations and better safeguard protected health information (PHI).
“Having confidence that your workforce understands HIPAA is essential — not just to avoid costly penalties, but to uphold patient trust,” adds Brushwood.
The HIPAA course combines interactive scenarios and clear guidance on state laws, breach notification rules, and key administrative, technical and physical safeguards — all aligned with the HITECH Act and current state-level privacy standards.
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
