61% Of Employees Fail A Basic Cyber Security Test

Uploaded on 2021-04-20 in TECHNOLOGY--Resilience, JOBS-Training, FREE TO VIEW

Currently damages relating to cyber-crime are expected to reach $6 trillion in 2021  and now 90% of organisations are facing an increase in cyber attacks due to the pandemic.  With cyber attacks increasing dramatically after the pandemic, TalentLMS and Kenna Security teamed up to gauge employees’ awareness of cyber security risks.

Their analysis shows that the current methods of training are insufficient and not working wellAlmost 70% of employees polled in a new survey have had cyber security training, but over sixty percent failed a basic cyber test.

This was one of the leading findings of the  TalentLMS / Kenna Security survey, that sought to understand the cyber security habits of some 1,200 workers, as well as their knowledge of best practices and ability to recognise security threats.

  • Only 17% of those surveyed who work in information services passed the quiz, compared to 57% of health care employees. And yet, 93% of respondents working in information services reported receiving cybersecurity training, compared to 67% of healthcare respondents. 
  • 60% of employees who failed the cyber security quiz reported that they feel safe from threats. Incredibly, 74% of respondents who answered every single question incorrectly report feeling safe. 
  • Despite their largely inherent familiarity with technology, employees aged 18-24 collectively performed the worst on the quiz, with only 16% passing. Among age demographic groups, 25-to-34-year-olds tied with those aged 54 and over for the best collective performance, with a pass rate of 43%.

These results certainly serve to emphasise the importance of organisations using effective and proven training solutions and organisations should hold repetitive simulated phishing assessments and additional training throughout the year. 

Commenting on the survey results Hank Schless, at mobile security solutions firm  Lookout said, “Be sure to constantly run security training and include mobile in those sessions... Consider any text, email, WhatsApp message, or communication that creates a time-sensitive situation a red flag. Users should approach any suspicious messages with extreme caution, or go straight to their IT and security teams to have them examine it first.”

James McQuiggan, security awareness advocate at KnowBe4, said organisations should hold repetitive simulated phishing assessments and additional training throughout the year, in addition to computer-based training. “Make the training engaging [and] interactive and provide users with an emphasis on protecting their passwords, watching out for phishing links and what it takes to protect the organisation as much as the IT and infosec departments,” 

When asked what would make cyber security training more engaging, 52% of employees said they would like it to be presented in a simpler and less technical way, while 50% would like it to be more fun and gamified. Even though the training had a positive impact on some aspects of employees’ cybersecurity habits, such as protecting their computers and correct password management, they were not consistent across all areas.

It is vital that to be really effective, cyber security training programmes address all the potential vulnerabilities that could threaten the organisation.

TalentLMS:     SCMagazine:      Help Net Security:       Security Brief:     DevOpsOnline:    Image:Unsplash

 For a cost effective Report on your organisation’s cyber security and training requirements, please contact Cyber Security Intelligence and we will recommend the right economic cyber training and cyber audit for your organisation. 

You Might Also Read: 

Cyber Security Insights For Executives:

 

« Industry 5.0 Will Transform The Workplace
Cyber Threats & Nuclear Dangers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DTEX Systems

DTEX Systems

DTEX Systems is the global leader for insider risk management. We empower organizations to prevent data loss by proactively stopping insider risks from becoming insider threats.

VisionWare

VisionWare

VisionWare provide consulting services and solutions in areas covering both physical and digital security.

TrustArc

TrustArc

TrustArc provide privacy compliance and risk management with integrated technology, consulting and TRUSTe certification solutions – addressing all phases of privacy program management.

CyberTech Network

CyberTech Network

CyberTECH is a global cybersecurity, Internet of Things (IoT) and Smart City network ecosystem and incubator operator.

Taqnia Cyber

Taqnia Cyber

Taqnia Cyber specializes in the fields of cyber security, intelligence, operations, and training. It offers its services and consultations to both public and private sectors.

IBLISS Digital Security

IBLISS Digital Security

How cyber-resilient is your business now? We help companies to continuously answer this never-ending C-level question.

Computer Network Defence (CND)

Computer Network Defence (CND)

Computer Network Defence (CND) are a Broad-Spectrum Cyber Security Consultancy and Recruitment Agency.

Jandnet Recruitment

Jandnet Recruitment

Jandnet Recruitment is a small specialist company working in the IT sector. We recruit across all IT disciplines including cyber security and digital identity.

Chicago Quantum Exchange (CQE)

Chicago Quantum Exchange (CQE)

Chicago Quantum Exchange is an intellectual hub and community of researchers with the common goal of advancing academic and industrial efforts in the science and engineering of quantum information.

Lancera

Lancera

Lancera provides growth accelerating Software Development, Web Presence and Cybersecurity Solutions with a focus on customer happiness.

Verica

Verica

Verica uses chaos engineering to make systems more secure and less vulnerable to costly incidents.

mxHERO

mxHERO

mxHERO reduces the risks inherent with ransom and cyber-security threats specific to email.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

Code First Girls

Code First Girls

Code First Girls are on a mission to close the gender gap in the tech industry by providing employment through free education.

Information Security Society of Africa – Nigeria (ISSAN)

Information Security Society of Africa – Nigeria (ISSAN)

The Information Security Society of Africa – Nigeria (ISSAN) is a not-for-profit organization dedicated to the protection of Nigeria’s cyberspace.

Verosint

Verosint

Verosint (formerly 443ID) provides real-time account fraud prevention that reveals fraudsters hiding in user accounts and proactively blocks them before their attacks can cause harm.