When it comes to security for employees, 88 percent lack the skills to prevent an incident, a new study found.
That means only 12 percent were able to identify and dispose of information safely, recognize malware and phishing attacks and keep info safe when working remotely, according to a study conducted by MediaPro.
The MediaPro 2016 State of Privacy and Security Awareness Report ended up compiled from interviews with over 1,000 U.S. employees.
Of that 88 percent of unaware workers, 72 percent ended up labeled “novice” while 16 percent had the kind of behaviors that could put their organization at serious risk of a major privacy or security incident.
Thirty-nine percent of respondents claimed to discard password hints insecurely, for example in a bin; 25 percent failed to recognize a phishing email with a suspicious looking attachment and questionable “from address,” and 26 percent said they thought it was fine to use a personal USB to transfer work documents outside of the office.
Added on top of that, 30 percent said they thought it was fine to post on behalf of their company to a personal social media account.
“This survey clearly shows the human threat vector is still largely unsecured, and most organizations don’t really know whether their employees have the necessary level of data protection awareness to avoid preventable incidents,” said MediaPro founder Steve Conrad.
Incidents involving data being sent by email to an incorrect recipient increased by 60 percent between the first and second quarters of 2016, while the number of incidents involving failure to redact data jumped by 64 percent from Q1 to Q2.