61% Of Employees Fail A Basic Cyber Security Test

Currently damages relating to cyber-crime are expected to reach $6 trillion in 2021  and now 90% of organisations are facing an increase in cyber attacks due to the pandemic.  With cyber attacks increasing dramatically after the pandemic, TalentLMS and Kenna Security teamed up to gauge employees’ awareness of cyber security risks.

Their analysis shows that the current methods of training are insufficient and not working wellAlmost 70% of employees polled in a new survey have had cyber security training, but over sixty percent failed a basic cyber test.

This was one of the leading findings of the  TalentLMS / Kenna Security survey, that sought to understand the cyber security habits of some 1,200 workers, as well as their knowledge of best practices and ability to recognise security threats.

  • Only 17% of those surveyed who work in information services passed the quiz, compared to 57% of health care employees. And yet, 93% of respondents working in information services reported receiving cybersecurity training, compared to 67% of healthcare respondents. 
  • 60% of employees who failed the cyber security quiz reported that they feel safe from threats. Incredibly, 74% of respondents who answered every single question incorrectly report feeling safe. 
  • Despite their largely inherent familiarity with technology, employees aged 18-24 collectively performed the worst on the quiz, with only 16% passing. Among age demographic groups, 25-to-34-year-olds tied with those aged 54 and over for the best collective performance, with a pass rate of 43%.

These results certainly serve to emphasise the importance of organisations using effective and proven training solutions and organisations should hold repetitive simulated phishing assessments and additional training throughout the year. 

Commenting on the survey results Hank Schless, at mobile security solutions firm  Lookout said, “Be sure to constantly run security training and include mobile in those sessions... Consider any text, email, WhatsApp message, or communication that creates a time-sensitive situation a red flag. Users should approach any suspicious messages with extreme caution, or go straight to their IT and security teams to have them examine it first.”

James McQuiggan, security awareness advocate at KnowBe4, said organisations should hold repetitive simulated phishing assessments and additional training throughout the year, in addition to computer-based training. “Make the training engaging [and] interactive and provide users with an emphasis on protecting their passwords, watching out for phishing links and what it takes to protect the organisation as much as the IT and infosec departments,” 

When asked what would make cyber security training more engaging, 52% of employees said they would like it to be presented in a simpler and less technical way, while 50% would like it to be more fun and gamified. Even though the training had a positive impact on some aspects of employees’ cybersecurity habits, such as protecting their computers and correct password management, they were not consistent across all areas.

It is vital that to be really effective, cyber security training programmes address all the potential vulnerabilities that could threaten the organisation.

TalentLMS:     SCMagazine:      Help Net Security:       Security Brief:     DevOpsOnline:    Image:Unsplash

 For a cost effective Report on your organisation’s cyber security and training requirements, please contact Cyber Security Intelligence and we will recommend the right economic cyber training and cyber audit for your organisation. 

You Might Also Read: 

Cyber Security Insights For Executives:

 

« Industry 5.0 Will Transform The Workplace
Cyber Threats & Nuclear Dangers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

WIRED

WIRED

WIRED is the magazine about what's next – the people, the trends and the big ideas that will change our lives. Topics covered include cyber security.

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab conducts research into predictive security analytics.

idappcom

idappcom

idappcom provides unique industry approved software solutions for auditing and enhancing the threat recognition and response capabilities of your corporate security defences.

FoxGuard Solutions

FoxGuard Solutions

FoxGuard Solutions develops customized cyber security, compliance and industrial computing solutions for critical infrastructure entities and control system vendors.

TCDI

TCDI

TCDI specializes in computer forensics, eDiscovery and cybersecurity services.

MaskTech

MaskTech

MaskTech supplies highest security embedded chipsets, operating systems and related middleware for electronic identification cards, travel documents and authentication solutions.

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC) is a government body providing support for ICT related activities including formulating national ICT strategy and policy.

Expanse

Expanse

Expanse SaaS-delivered products plus service expertise reduce your internet edge risk to prevent breaches and successful attacks.

Netsecurity AS

Netsecurity AS

Netsecurity is a Norwegian owned company focused and specialised within IT security and cybersecurity-as-a service.

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet is a network of companies who collaborate to address skills needs within the technology sector.

IT Band Systems

IT Band Systems

IT Band Systems is an international provider of IT products and services including web server monitoring and web security consulting.

Alertot

Alertot

Hackers attack minutes after a new vulnerability is published. Alertot helps to decrease exposure time in organizations by notifying new issues when they are disclosed.

Certo Software

Certo Software

Certo are trusted experts in mobile security. At Certo, mobile security is not an afterthought, it’s what we do.

CyberMaxx

CyberMaxx

At CyberMaxx, our approach to cybersecurity provides end-to-end coverage for our customers – we use offense to fuel defense.

CloudDefense.AI

CloudDefense.AI

CloudDefense.AI is an industry-leading multi-layered Cloud Native Application and Protection Platform (CNAPP) that safeguards your cloud infrastructure and cloud-native apps,

Blackmere Consulting

Blackmere Consulting

Blackmere Consulting is a Nationwide Technical and Executive Recruiting firm dedicated to Cyber Security and Information Technology.