The industry-leading penetration testing and vulnerability management firm surveyed over 1200 employees and asked them many questions regarding their cybersecurity habits and know-how.
The results were shocking. 69% of the employees have received cybersecurity training, and yet, when asked to take a basic cybersecurity quiz, 61% failed. 17% of those working in the field of information services passed the examination. 60% of those who claimed they felt safe from cyber threats failed the test.
When studying the survey, it became apparent that cybersecurity education was important for everyone to protect employers, companies, and businesses and stop scammers from taking advantage of people during their everyday activities online.
Here are some reasons for such poor results and how employers can improve their employees’ cybersecurity knowledge.
The State of Cybersecurity Employee Training
Cybersecurity training is a sure way to improve employee habits when it comes to protecting their computers. Cybersecurity training will increase your employees’ chances of using a password to log in more securely by over 10%. Training will also improve the number of those using encryption but a staggering 20%.
Due to the COVID-19 pandemic, many employees have been forced to work from home, severely impacting cybersecurity in the workplace. Working from home presented companies with a huge problem when it came to the safety and security of their business, and with the rise of cyber attacks, there were bound to be slip-ups.
Cyber attacks using unseen malware have almost doubled in the last year, making it even more critical that cybersecurity training is improved in the workplace. One of the areas that require attention is video calls, and the technology involved can lead to breaches in security.
Cyberattacks During Video Calls
According to a new study by Deloitte, cyberattacks on video conferencing services impacted more than 500,000 people worldwide between February and May 2020. Personal data intercepted from video calls was stolen and sold on to hackers.
It’s natural to trust the security provided by video call providers. Still, businesses must use the training time to make employees aware that vigilance is required at all times and teach them how to spot if their information is under attack during a remote call.
Where Do Employees Store Their Passwords?
Despite training, 33% of the employees were storing their passwords in their browsers, a common but hazardous practice. It is effortless for a hacker to access a person’s computers either physically or remotely, gaining access to their browser and all of their passwords.
34% of those with training still store their passwords in plaintext, compared to 16% of those without training. This is significantly worse than storing them on the browser as it will leave the company entirely vulnerable to any hackers hanging around.
Before the pandemic, a study conducted by NordPass revealed that the average person has around 80 passwords. When industry experts conducted the research, they showed that this number had increased to an average of 100. Ideally, every password should be unique from all other passwords used by the individual, but 73% of employees who weren’t using a password manager are most likely using the same password each time.
Password managers are the best way to increase your cybersecurity and keep your passwords safe from online hackers and malicious cyber attacks.
How Can Companies Improve their Cybersecurity?
The survey results show that cybersecurity training does significantly increase a person’s awareness when working online. Still, the improvement is only minor, and with over half of the test subjects failing to answer half of the questions, there is a definite need for change.
When it comes to cybersecurity training programs, theoretical training is not the best option for employers. Hands-on experience with real-life examples is the best form of training. It teaches employees practical skills that can be mastered and used again in the future.
It’s a good idea to avoid long training sessions and instead opt for more engaging and interactive solutions that will cater to various learning styles and skills, rather than sitting through a dull lecture that no one will remember.
When asked about how experts could improve cybersecurity training, most employees said that using more straightforward wording and less technical language accompanied by a fun and interactive course would be far more effective and more accessible for employees to digest.
No matter how big or how small the company is, cybersecurity is a serious threat. Many breaches in security are down to human error and can be avoided if the correct training is put into place. Training your employees on recognizing a threat and the best practices to follow will help keep your company safer and more secure when functioning online.
To achieve the best results, it’s good to invest in some proper interactive and engaging training.
Remember that the workers are not machines. They are people who need special consideration. Take into account the various learning styles and any suggestions they might provide. The best way to tackle cyber attacks is to keep everyone updated on the latest advice about keeping their computers safe.