70% of employees don't know enough about preventing cyber fraud
- Results from MediaPro's second annual State of Privacy and Security Awareness Report show that 70% of employees don't know how to prevent a cyberattack.
- For the second consecutive year, the majority of employees received a "Novice" rating, which means they're likely to make the wrong choices should an attack occur. The other two rating categories were "Crisis," or seriously unaware, and "Hero," the most knowledgeable. MediaPro surveyed 1,000 U.S. workers. In last year's report, nine in 10 workers received a "Novice" rating. Although employees have improved since then, MediaPro says employers need to increase awareness of cybercrime.
- Other results from the report show that almost 20% of respondents' scores merited a "Crisis" rating, up from 16% last year; 30% of those polled received a "Hero" rating, a sign of some improvement in security knowledge; and 1% of respondents made risky choices when working remotely by connecting their computers to unsecured public Wi-Fi connections.
With the widespread cyberbreaches witnessed this year, including the massive WannaCry breach and the more recent Equifax hacking, employers that don't school employees in how to prevent and detect security breaches put their organizations at great risk.
HR departments are attractive targets for cybertheft due to the volume of personal and financial data they maintain. By partnering with IT or third-party cyber experts, HR staff can defend against phishing schemes and other security break-ins and teach workers how to avoid them.
Employees routinely use their own smartphones and tablets at work, which can make organizational systems vulnerable. Employers should set policies on using company and personal devices, not only to protect proprietary information but also to protect the workplace from cybertheft.
Employers shouldn't overlook workers who breach company networks, maliciously or otherwise. A report by Dtex Systems, a cybersecurity firm, showed that 95% of workplaces have employees who try to override security and web restrictions.