A significant portion of the workforce (45 percent) doesn’t think cybersecurity is their responsibility because they don’t work in the IT department, a new report from security training company KnowBe4 states.
Surveying more than 1,000 US employees for the report, KnowBe4 found that not only are employees careless about keeping their perimeter secure, but they are also lacking basic awareness. Roughly a quarter (24 percent) believe clicking on a suspicious link or email attachment is not a risky move, while less than a third (31 percent) believe sharing their work devices with friends and family could jeopardize security.
In reality, however, employees are the first line of defense for virtually all companies these days. A variety of experts say that cybersecurity awareness training is essential for every organization, as the majority of attacks start with a phishing email or a social media-borne fraud attempt.
However, KnowBe4 believes there is significant room for improvement where current training initiatives are concerned. The majority (55 percent) of the respondents had continuous cybersecurity and data privacy training throughout the lockdown, but are still mostly clueless about the dangers lurking in the depths of the internet.
Those working in government, healthcare and education have the poorest understanding of social engineering threats, the report said.
Gloss