Half of employees are afraid to report security flaws to their bosses, according to a new study by ThinkCyber.
The survey found that half of employees said they would not feel free from repercussions if they reported an error within their organization.
Respondents were also asked about the security behaviors they witnessed in their organization that caused them the most concern.
Clicking on links in emails (53%), sharing corporate data outside the company (53%) and sharing usernames and passwords (51%) were the most frequently cited alarming activities.
Worryingly, employees felt that security training and awareness did little to change their colleagues’ risky behavior.
Worryingly, three in five people admitted that they only receive training once every few months, or even once a year. This rings some serious alarm bells, as threats continue to develop rapidly and constant training is required to defend against emerging cyber risks.
Part of the problem is the lack of progress tracking and measuring the success of security awareness programs.
42% of respondents felt their organization could not even demonstrate to some extent whether their current security awareness training was changing risky behavior.
Additionally, half of respondents said they would not feel free from repercussions if they reported an error within their organization, which could actually discourage workers from reporting potential security risks.
While about half (51%) of respondents believed that most people in the company were focused on security, 39% felt that only executives and security teams were focused on it.
Recommended reading
“Cybersecurity should be everyone’s concern, so identifying which user groups need extra help with secure practices is crucial for any business,” said Tim Ward, CEO and co-founder of Think Cyber Security Ltd.
“A flexible and enjoyable training program can make all the difference by increasing staff engagement and giving cyber professionals greater confidence in their team’s ability to make smart security decisions.”
Related