The 451 Global Digital Infrastructure Alliance’s Q4 Information Security Trends report shows 45 percent of 910 respondents see their organizations’ IT security spending increasing, compared with 4 percent expecting a decline.

That’s good news for the channel, as is one surprising finding around the top pain point for respondents. While compliance, staffing and a lack of executive buy-in for security initiatives are all major concerns, the No. 1 worry is end user behavior. Cloud and mobile are barely a blip, with each cited by just 3 percent.

Given high-profile ransomware attacks, which often get in via phishing emails, formalized end-user security training is a smart investment for customers. A service that helps educate end users adds significant value, and stickiness, for a partner. One option is KnowBe4’s awareness training system, which is available through its partner program, as well as distributors, including Lifeboat. Training can’t be a one-and-done situation; continual updates are critical, which makes KnowBe4 an attractive offering for partners looking for high-touch products to sell to customers. The company’s approach is to train on a continual basis, and the program includes ongoing testing to quantify results. {ad}

“We are so confident our security awareness training program works, we’ll pay your ransom if you get hit with ransomware while you are a customer,” said Stu Sjouwerman, founder and CEO of KnowBe4, in a statement. That’s a compelling selling point.

The 451 report, free now to all registered members of the Channel Partners community, also does a deep dive into security information and event management (SIEM) suites, which act as a central repository for events and information from a wide array of systems. The idea is to centralize data and apply threat intelligence and analytics to spot intrusions and identify potential security vulnerabilities before attackers find them.

Because SIEM systems tend to be complex and expensive, they’re mainly deployed in-house in larger enterprises. However, SIEM vendors, including top-rated Splunk, are aggressively pursuing partners and provide options for managed services programs, which enable providers to deliver the benefits of this technology to smaller companies.

Follow executive editor @LornaGarey on Twitter.