U.S. employees seem only dimly aware that they can be hit with malware, judging by a new survey from security firm KnowBe4.
Of the 1,000 polled in both SMB and large enterprises, only 48%
believe it is likely or very likely that their mobile device can become infected if they click on a suspicious link or attachment in an email.
And a mere 31% feel they understand business email compromise attacks and can explain them to others. Moreover, 44% are not sure if their firm is subject to GDPR, HIPAA and four other privacy regulations,
Still, employees who are trained once a month are 34% more likely to realize that clicking on a suspicious link or attachment in an email is risky than those who are trained twice a year.
And, 55% of employees had continuous cybersecurity and data privacy training continue throughout the pandemic lockdown.
"In analyzing these findings, what stands out is that U.S. employees' knowledge of cybersecurity and data privacy best practices has significant room for improvement," states Stu Sjouwerman, CEO, KnowBe4.
Sjouwerman adds, "These alarming results highlight the critical need to implement new-school security awareness training for every U.S. employee throughout every organization in this nation. Going a step further to build a security-minded culture becomes essential as cyber criminals pose greater threats to business operations."