At this stage, most companies understand the real risk of data breaches and phishing emails, and therefore the importance of having a strong cybersecurity framework. More importantly, most businesses are now aware of how vital it is to educate employees to make sure they are helping combat the problem, rather than being part of it themselves.

With hackers preying on employees lack of real cybersecurity knowledge, the pandemic has caused a massive spike in cybercrime. To counteract this, employers have started providing cybersecurity training for their employees. The bad news? Even with such training 61% of employees failed a basic cybersecurity quiz.

Cybersecurity Training is Insufficient

In a survey conducted by TalentLMS on behalf of Kenna Security, 1,200 employees answered questions pertaining to their cybersecurity habits. The results of this survey were very much alarming. First of all, only 17% of people who worked in Information Services passed, even though 93% said they received some kind of cybersecurity training. Ironically, 57% of health care employees passed, even though only 67% claimed to have received a similar training.

While one would have expected 18 to 24 year olds to perform well, as they’ve grown up their entire lives using internet technologies, they actually performed the worst on the quiz compared to all other age brackets, with just 16% passing. To compare, 25 to 34 year olds tied with 54 and over: they had a pass rate of 43%.

It gets worse. 60% of people who failed the quiz reported they feel safe from cyber threats, and 74% of those who answered every single - yes, every single question wrongly, reported they too felt safe from any cyber risks. Ignorance is bliss as they say.

Proper Cybersecurity Training Should be Companies’ Priority

Despite such disappointing results, companies must continue to educate their employees on the very real risks of ransomware and phishing campaigns, as employees remain the first defense against any cybersecurity attack. If we’re witnessing such poor results even when staff are trained, perhaps the training is the actual problem. Trainings on how to identify and handle cybersecurity risks should be interesting enough for staff to remain engaged, while varied enough to explain the different ways the risks could present themselves, i.e. via mobile or computer devices. Next to this, it’s important that cybersecurity training isn’t seen as a one-time event, but instead occurs continuously so staff remain up to date with the latest threats. Afterall, cybersecurity awareness is a daily job.

Read the original article here.

Take a look at more top articles, trends and experts by signing up to our newsletter—By getting to choose which topics interest you the most, you get the latest news delivered with ease: https://essentials.news/cybersecurity/my-essentials