MediaPRO Annual Report Shows Continued Decrease in Workers’ Cybersecurity Awareness and Increase in Risky Behaviors

Third-annual State of Privacy and Security Awareness Report shows that three out of four professionals are a potential security risk, including 85 percent of financial sector employees.

BOTHELL, Wash.--()--Seventy-five percent of professionals pose a moderate or severe risk to their company’s data. According to MediaPRO’s third-annual State of Privacy and Security Awareness Report, workers in the financial sector are more likely to be a risk with 85 percent of survey respondents falling into one of the two risk categories.

MediaPRO, an industry-leading security awareness training and education provider, surveyed more than 1,000 employees across the U.S. to quantify the state of privacy and security awareness in 2018. More people fell into the risk category than 2017 and the number has nearly doubled since the inaugural survey. This comes despite continued exposure to reports of hacks and data loss.

“The overall results of this report revealed a trend we weren’t happy to see: employees performing worse across the board compared to the previous year,” said Tom Pendergast, Chief Security & Privacy Strategist at MediaPRO. “Rather than dwell on how much the average employee still has to learn, this report should be taken as a roadmap for a robust security and/or privacy awareness initiative — one that will ultimately lead to real behavior change.”

The news is filled with reports of cyberattacks, data leaks and ransomware that can cost companies an average of $7.91 million in the U.S. Yet, according to historical data from MediaPRO’s report, the number of individuals who put their organizations at serious risk for a privacy or security incident has nearly doubled since 2016.

The report is based on an annual survey that polls U.S. workers on a variety of questions based on real-world scenarios such as correctly identifying personal information, logging on to public Wi-Fi networks, and spotting phishing emails. Based on the percentage of privacy- and security-aware behaviors correctly identified, survey takers were assigned to one of three risk profiles: Risk, Novice, and Hero.

Additional notable findings from this year’s report include:

  • Employees this year performed worse than in 2017 across all eight threat vectors measured. Specifically, those surveyed did significantly worse in identifying malware warning signs, knowing how to spot a phishing email, and social media safety.
  • Employees in management roles or above showed riskier behaviors than entry- or mid-level employees. Seventy-seven percent of respondents in management showed a general lack of awareness, while 74 percent of those in subordinate positions scored the same.
  • Employees in the finance sector performed the worst of the seven industry segments analyzed, with 85 percent of finance workers showing some lack of cybersecurity and data privacy knowledge.
  • Fourteen percent of employees lacked the ability to correctly identify phishing emails. This is a notable increase in respondents who showed risky behaviors when it came to phishing attempts from our 2017 survey, in which only 8 percent of employees struggled in this area.
  • More than a quarter of respondents would take risky actions around physical security. This number has increased from 19 percent in 2016 to 27 percent in 2018.

“We live in an age where stories about cybersecurity are constantly swirling, which can actually create a sense of security fatigue,” Pendergast said. “But these levels of riskiness are alarming. It only takes one person to click on the wrong email that lets in the malware that exfiltrates your company’s data. Without everybody being more vigilant, people and company data will continue to be at risk.”

For the full results of the survey, please visit: http://pages.mediapro.com/2018-State-of-Privacy-Security-Awareness.html

About MediaPRO

MediaPRO, headquartered in Bothell, Wash., is nationally recognized for working with Fortune 500 companies and mid-sized businesses to produce employee security and privacy awareness training programs that reduce human risk and improve employee behaviors. MediaPRO’s suite of LearningLAB products are used by the most risk-aware companies in the world, have won more than 100 e-Learning awards, and have earned a place as a Leader in Gartner’s Magic Quadrant for Security Awareness Computer-Based Training. For more information, please visit www.mediapro.com, or follow MediaPRO on LinkedIn, Facebook and Twitter.

Contacts

RH Strategic for MediaPRO
Danielle Ruckert, 206-607-1311
druckert@rhstrategic.com

Contacts

RH Strategic for MediaPRO
Danielle Ruckert, 206-607-1311
druckert@rhstrategic.com