79% of Employees Have Knowingly Engaged in Risky Online Activities in the Past Year

With employees not believing that it’s important to personally worry about cyber security risks, they also tend to believe they’re not a target, new data suggest as the reason for the risky behavior.

In most cyberattacks, the employee plays some role – clicking on a malicious attachment, giving up their corporate credentials to an impersonated logon page on the web, or taking specific action because they were fooled into believing their CEO or boss told them to. So, it’s important for employees to not engage in risky online behaviors.

But according to new data from security vendor Thycotic, employees simply aren’t prepared and educated to think about corporate risk, let alone their role in helping to mitigate that risk. In their newly released Balancing Risk, Productivity and Security report, Thycotic point out some specific insights that clearly point to how and why employees are creating risk:

One of the reasons is clear from the report’s data: 56% of employees have received no Security Awareness Training in the last year. Over half of employees aren’t having the concept of needing to be vigilant continually reinforced – so it’s no wonder these organizations are seeing employees introduce risk regularly.

If you want a vigilant and cyber security-minded employee, you need to continuously teach them about the importance of cyber vigilance. Otherwise, you’re going to end up with an organization that is demonstrated by the Thycotic data.


SOURCE: KnowBe4

President, Manufacturing Company

We are high speed and wireless with computer systems for everything we do. I do not worry at all because it has not been an issue since IT360 became a part of our company.

President, Manufacturing Company

Recent
Technology News

IT 360 News
What is Penetration Testing and Why Does it Matter?

Penetration Testing (also called Pen Testing or Ethical Hacking) is a process by which your network is subjected to attempts to hack into it in order to identify vulnerabilities that could open your company up to data breaches. This is an audit that provides a point-in-time analysis, along with a report on the security gaps […]

Read more
IT 360 News
Five Signs of Social Engineering

Social engineering can come in many different forms: via email, websites, voice calls, SMS messages, social media and even fax. If it is a communication method, scammers and criminals are going to try to abuse it. Although the communication’s method may vary, the message the scammer is trying to convey has five traits in common. […]

Read more