The channel will need to dust down its education skills around security with customers failing to manage to get the message about the importance of data protection across to staff.
As a result of ineffective security awareness training firms are leaving themselves to the possibility of a security breach.
According to consulting firm Protiviti the level of security awareness training has gone up, particularly in the financial sector, but there is still plenty of ignorance out in the market.
Protiviti quizzed those responsible for security inside a range of UK firms and found that they had fairly downbeat views of the awareness of their fellow staff.
Around two-thirds (61%) of senior security professionals thought staff had a generally low level of understanding of information security risks and failed to put into practice procedures they had been taught in training.
"Many respondents to our survey report that they have made significant changes in the way that they work and the way they use technology at home following security awareness training. There is, therefore, value in training, provided it is effective," Ryan Rubin, director, at Protiviti UK.
"However, information security training needs to be more focused on employees’ roles and the consequences of information security breaches and less on the basic mechanics of security," he added.