Half of employees are afraid to report security errors

Half of employees are afraid to report security flaws to their bosses, according to a new study by ThinkCyber.

The survey found that half of employees said they would not feel free from repercussions if they reported an error within their organization.

Respondents were also asked about the security behaviors they witnessed in their organization that caused them the most concern.

Clicking on links in emails (53%), sharing corporate data outside the company (53%) and sharing usernames and passwords (51%) were the most frequently cited alarming activities.

Worryingly, employees felt that security training and awareness did little to change their colleagues’ risky behavior.

Worryingly, three in five people admitted that they only receive training once every few months, or even once a year. This rings some serious alarm bells, as threats continue to develop rapidly and constant training is required to defend against emerging cyber risks.

Part of the problem is the lack of progress tracking and measuring the success of security awareness programs.

42% of respondents felt their organization could not even demonstrate to some extent whether their current security awareness training was changing risky behavior.

Additionally, half of respondents said they would not feel free from repercussions if they reported an error within their organization, which could actually discourage workers from reporting potential security risks.

While about half (51%) of respondents believed that most people in the company were focused on security, 39% felt that only executives and security teams were focused on it.

Half of employees are afraid to report security errors

Recommended reading

Related

Recommended reading

Related

Related Posts