Nearly 70% of employees polled in a new survey said they recently received cybersecurity training from their employers, yet 61% nevertheless failed when asked to take a basic quiz on the topic.
This was one of the leading findings of a research study – conducted by TalentLMS on behalf of Kenna Security – that sought to understand the cybersecurity habits of some 1,200 workers, as well as their knowledge of best practices and ability to recognize security threats.
Here are some the other highlights that underscore why cybercrime has become a trillion-dollar business:
Only 17% of those surveyed who work in information services passed the quiz, compared to 57% of health care employees. And yet, 93% of respondents working in information services reported receiving cybersecurity training, compared to 67% of healthcare respondents.
60% of employees who failed the cybersecurity quiz reported that they feel safe from threats. Incredibly, 74% of respondents who answered every single question incorrectly report feeling safe.
Despite their largely inherent familiarity with technology, employees aged 18-24 collectively performed the worst on the quiz, with only 16% passing. Among age demographic groups, 25-to-34-year-olds tied with those aged 54 and over for the best collective performance, with a pass rate of 43%.
Despite the common frustrations brought out in the survey, companies still need to train, because it’s one of the best first-line defenses against an attack, said Hank Schless, senior manager, security solutions at Lookout.
“Be sure to constantly run security training and include mobile in those sessions,” Schless said. “Consider any text, email, WhatsApp message, or communication that creates a time-sensitive situation a red flag. Users should approach any suspicious messages with extreme caution, or go straight to their IT and security teams to have them examine it first.”
James McQuiggan, security awareness advocate at KnowBe4, said organizations should hold repetitive simulated phishing assessments and additional training throughout the year, in addition to computer-based training.
“Make the training engaging [and] interactive and provide users with an emphasis on protecting their passwords, watching out for phishing links and what it takes to protect the organization as much as the IT and infosec departments,” McQuiggan said.
We're Datek Solutions
Since 1998 we have been managing IT support, solutions and strategy for a range of clients. We have won awards for our excellent customer service and pride ourselves on being transparent. What you see, is what you get.
What makes us different? We don’t use a one-size fit all approach. We get to know your business and everyone in it, what it needs and how we can support you to give the best solutions at the best possible prices.
Above all this, we are committed to keeping it simple for you. If there’s a solution that your company needs, or you already have and it’s essential we support it, we make sure we know everything there is to know about it.
Contact us on 01753 540000 or email us at contactus@datek.co.uk.
News Source: https://www.scmagazine.com
