70% of US Employees Don’t Know Privacy and Security Best Practices
According to a new study, 70% of American workers don’t grasp web security and privacy.
The majority – 70% – of US employees fail when it comes to security and privacy best practices. As we discussed a few weeks ago, employees represent the biggest threat to their company or organization’s cybersecurity, this is just further proof.
The study, the 2017 State of Privacy and Security Awareness Report, surveyed 1,012 US workers and found the vast majority lacked a basic understanding of cybersecurity or digital privacy, much less the best practices associated with them. The study was conducted by MediaPro, which claims overall things are getting better.
Here’s why MediaPro says that. The survey asked each participant a set of 31 questions and then ranked them as either “high risk,” “novice” or “hero.”
- The number of “High Risk” employees rose from 16% to 19%
- The number of “Novice” employees shrunk from 72% to 51%
- The number of “Hero” employees rose from 12% to 30%
Basically, at the top end of the spectrum there are more people with a high proficiency when it comes to security and privacy best practices. About half of US workers are at the “Novice” level, which implies at least an understanding of the concepts, though not necessarily the techniques to defend against threats. And then nearly one out of every five employees is an active risk to their employer. That jibes with the fact that 20% of employees would perform actions that MediaPro deems “high risk” on their social media accounts.
Despite MediaPro’s optimism about the study, I tend a bit more pessimistic. One of the biggest issues we face in this, the SSL industry, is a lack of consumer education. It leads to more people getting phished and it also allows the debate around the usefulness of Extended Validation SSL certificates to continue.
If more users understood the basic indicators for connection security, much less what connection security is, the internet would be a safer place. But how do we do that?
One suggestion I have is Google could use its home page to educate users. Over half of American internet users are surfing the web with Chrome. I don’t have a statistic, but I’d guess most people still have their default homepage settings. Google could use part of the real estate to help educate users. No, it’s not a cure-all. There isn’t one. But it’s a good first step towards better educating internet users about security.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown