79% of Employees Have Knowingly Engaged in Risky Online Activities in the Past Year



79% Employees Engaged in Risky Online BehaviorWith employees not believing that it’s important to personally worry about cyber security risks, they also tend to believe they’re not a target, new data suggest as the reason for the risky behavior.

In most cyberattacks, the employee plays some role – clicking on a malicious attachment, giving up their corporate credentials to an impersonated logon page on the web, or taking specific action because they were fooled into believing their CEO or boss told them to. So, it’s important for employees to not engage in risky online behaviors.

But according to new data from security vendor Thycotic, employees simply aren’t prepared and educated to think about corporate risk, let alone their role in helping to mitigate that risk. In their newly released Balancing Risk, Productivity and Security report, Thycotic point out some specific insights that clearly point to how and why employees are creating risk:

  • 45% see the organization being at little or no risk of cyberattack
  • 51% say IT should be solely responsible to protect the organization from cyber threats
  • 79% of employees have engaged in one or more risky activities that include sharing credentials with colleagues, using the same password across multiple sites, using unauthorized personal devices to conduct work, and allowing family members to use their corporate device

One of the reasons is clear from the report’s data: 56% of employees have received no Security Awareness Training in the last year. Over half of employees aren’t having the concept of needing to be vigilant continually reinforced – so it’s no wonder these organizations are seeing employees introduce risk regularly.

If you want a vigilant and cyber security-minded employee, you need to continuously teach them about the importance of cyber vigilance. Otherwise, you’re going to end up with an organization that is demonstrated by the Thycotic data.


Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Save My Spot!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://info.knowbe4.com/kmsat-request-a-demo

Subscribe To Our Blog


Cybersecurity Awareness Month 2021 Free Resource Kit




Get the latest about social engineering

Subscribe to CyberheistNews