That report was designed to test the level of knowledge and awareness of cyber security among employees by asking them to name proper behaviours in given circumstances. The survey covered eight risk domains and assigned three risk profiles—Risk, Novice and Hero—to indicate an employee’s privacy and security awareness IQ.
Key findings from the report include the following:
- Only 12 per cent of respondents earned a “Hero” profile, while 72 per cent were given a “Novice” profile and 16 per cent were given a “Risk” profile.
- Almost 40 per cent of respondents disposed of a password hint using unsecure means.
- About 25 per cent of respondents failed to recognize a sample phishing email, even though it came from a questionable sender and included an attachment.
This report highlights one of the key vulnerabilities of any organization—employees’ lack of basic cyber security knowledge. Regardless of other hardware or network protections, employees can and will allow cyber criminals into an organization, often without even realizing it.
Fortunately, employee cyber training can help reduce this risk to your organization.
© Zywave, Inc. All rights reserved.