Majority Of Users Have Not Received Security Awareness Training, Study Says
Many users fail to follow policies on mobile, cloud security, EMA Research study says.
More than half of enterprise employees have received no security awareness training, and that lack of training is resulting in risky behavior, according to a study published Tuesday.
The survey of 600 employees, conducted by EMA Research and sponsored by training firm Security Mentor, indicates that 56 percent of workers say they have not had security or policy awareness training from their organizations. The remainder of employees (44 percent) say they have received annual training.
The absence of training leads to frequent violations of security policy, according to the study. Some 58 percent of respondents say they store company-sensitive information on their personal devices; 59 percent say they store work information on cloud services.
Thirty-five percent of the respondents say they have clicked on an email link from an unknown sender; 33 percent say they use the same password for both work and personal devices; 30 percent say they leave mobile devices unattended in their vehicles.
"People repeatedly have been shown as the weak link in the security program," says EMA Research analyst David Monahan, who authored the study. "Without training, people will click on links in email and release sensitive information in any number of ways. In most cases they don't realize what they are doing is wrong until a third-party makes them aware of it."
The full findings of the report will be outlined in a webcast on Apr. 15.
About the Author
You May Also Like
How to Evaluate Hybrid-Cloud Network Policies and Enhance Security
September 18, 2024DORA and PCI DSS 4.0: Scale Your Mainframe Security Strategy Among Evolving Regulations
September 26, 2024Harnessing the Power of Automation to Boost Enterprise Cybersecurity
October 3, 202410 Emerging Vulnerabilities Every Enterprise Should Know
October 30, 2024
State of AI in Cybersecurity: Beyond the Hype
October 30, 2024[Virtual Event] The Essential Guide to Cloud Management
October 17, 2024Black Hat Europe - December 9-12 - Learn More
December 10, 2024SecTor - Canada's IT Security Conference Oct 22-24 - Learn More
October 22, 2024