Pages

New research indicates that more than half of employees don’t know about cybersecurity risks

Tessian, a cloud email security platform researches how many employees in a firm are concerned about data breaches and phishing attacks. The analysis revealed that almost thirty percent of employees don’t believe they play some part in keeping their firm’s cybersecurity status. The study also points out that nearly all (99 percent) security experts acknowledge that a secure culture is essential in sustaining a decent security environment.


The most common behavior of individuals working in an organization is that they often make mistakes and neglect security risks. Consequently, scammers acquire networks due to the negligence of an employee. Employees usually don’t cross-check or validate the website and provide their login credentials to a fraudulent website or mistakenly open a malware attachment to begin a data breach, thus posing a significant loss to a company. The Tessian study revealed that only 39 percent of staff members are willing to report a security threat. Because of this, security leaders take time to set up an inquiry and propose solutions during a security risk. Another research finding is a cultural disconnect between workers and security personnel. The leading cause of this appears to be that organizations do not emphasize educating their employees on the importance of security behaviors. Due to the lack of training sessions, a cultural disconnect arises.

In addition, enterprises do not succeed in providing engaging training experiences to their employees. According to research by a market research firm, Forrester, the majority of security experts have no idea how to guide workers and develop a security culture. As per Tessian head Kim Burton, employees only learn the concept they think is essential for the company, but if the training workshops are organized only once or twice a year, they neglect it entirely. According to the research, only 28 percent of the United Kingdom and the United States employees think cybersecurity training is influential and engaging. In comparison, thirty-six percent say they entirely focus on it.

It is necessary to mention that firms must identify this cultural discontinuity among workers and security leaders. To uplift awareness regarding security concerns, Kim Burton says that the firms should manage fear strategies and benefit the employees if they keenly focus on learning security training. Further, he says, organizations should be lenient with the employees and not pressure them because, as a response, they are more likely to open a link associated with a phishing attack. Moreover, firms need to make goals regarding security practices, including statements, for instance, verifying unfamiliar links before opening, using strong passwords, etc.

Read next: Nearly 80% of Malware Attacks in Q1 2022 Caused by Microsoft Office Security Flaws

No comments: