70% of US Employees Don’t Know Privacy and Security Best Practices
According to a new study, 70% of American workers don’t grasp web security and privacy.
The majority – 70% – of US employees fail when it comes to security and privacy best practices. As we discussed a few weeks ago, employees represent the biggest threat to their company or organization’s cybersecurity, this is just further proof.
The study, the 2017 State of Privacy and Security Awareness Report, surveyed 1,012 US workers and found the vast majority lacked a basic understanding of cybersecurity or digital privacy, much less the best practices associated with them. The study was conducted by MediaPro, which claims overall things are getting better.
Here’s why MediaPro says that. The survey asked each participant a set of 31 questions and then ranked them as either “high risk,” “novice” or “hero.”
- The number of “High Risk” employees rose from 16% to 19%
- The number of “Novice” employees shrunk from 72% to 51%
- The number of “Hero” employees rose from 12% to 30%
Basically, at the top end of the spectrum there are more people with a high proficiency when it comes to security and privacy best practices. About half of US workers are at the “Novice” level, which implies at least an understanding of the concepts, though not necessarily the techniques to defend against threats. And then nearly one out of every five employees is an active risk to their employer. That jibes with the fact that 20% of employees would perform actions that MediaPro deems “high risk” on their social media accounts.
Despite MediaPro’s optimism about the study, I tend a bit more pessimistic. One of the biggest issues we face in this, the SSL industry, is a lack of consumer education. It leads to more people getting phished and it also allows the debate around the usefulness of Extended Validation SSL certificates to continue.
If more users understood the basic indicators for connection security, much less what connection security is, the internet would be a safer place. But how do we do that?
One suggestion I have is Google could use its home page to educate users. Over half of American internet users are surfing the web with Chrome. I don’t have a statistic, but I’d guess most people still have their default homepage settings. Google could use part of the real estate to help educate users. No, it’s not a cure-all. There isn’t one. But it’s a good first step towards better educating internet users about security.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018in Hashing Out Cyber Security
How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chromein Everything Encryption
Re-Hashed: How to Fix SSL Connection Errors on Android Phonesin Everything Encryption
Cloud Security: 5 Serious Emerging Cloud Computing Threats to Avoidin ssl certificates
This is what happens when your SSL certificate expiresin Everything Encryption
Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Messagein Hashing Out Cyber Security
Report it Right: AMCA got hacked – Not Quest and LabCorpin Hashing Out Cyber Security
Re-Hashed: How to clear HSTS settings in Chrome and Firefoxin Everything Encryption
Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithmsin Everything Encryption
The Difference Between Root Certificates and Intermediate Certificatesin Everything Encryption
The difference between Encryption, Hashing and Saltingin Everything Encryption
Re-Hashed: How To Disable Firefox Insecure Password Warningsin Hashing Out Cyber Security
Cipher Suites: Ciphers, Algorithms and Negotiating Security Settingsin Everything Encryption
The Ultimate Hacker Movies List for December 2020in Hashing Out Cyber Security Monthly Digest
Anatomy of a Scam: Work from home for Amazonin Hashing Out Cyber Security
The Top 9 Cyber Security Threats That Will Ruin Your Dayin Hashing Out Cyber Security
How strong is 256-bit Encryption?in Everything Encryption
Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3in Everything Encryption
How to View SSL Certificate Details in Chrome 56in Industry Lowdown
PayPal Phishing Certificates Far More Prevalent Than Previously Thoughtin Industry Lowdown