Skip to main content
close search
site logo
Dive Brief

Most employees update their passwords but lack formal cybersecurity training

Published May 25, 2018
By
Valerie Bolden-Barrett Contributor
CC0 Public Domain Free for commercial use No attribution required Pexels

Dive Brief:

  • Nearly half (47%) of employees don't formally acknowledge their employer's cybersecurity policy, according to a report from consulting firm Clutch. In a survey of 1,000 full-time employees, workers said they most frequently interact with company security policies via password update notices (67%), internet-use controls and permission prompts.
  • Key findings in the report reveal that password protection is employees' most common IT security behavior (76%), yet the majority of respondents (82%) use what Clutch calls "the simplest approach" to password protection by regularly updating their passwords instead of opting more complex methods. Less than half (41%) of employees in the survey used multi-factor authentication (MFA), for example.
  • The majority of respondents have reported security incidents (60%), but this contingent is slightly larger than the percentage of employees that had completed security training (59%). Most of the employees in the survey who had received training (52%) said the training occurs only once per year.

Dive Insight:

The existence of a policy doesn't necessarily mean that employees are abiding by it. That's something to keep in mind when implementing company-wide communications and training around IT security, especially relevant now due to the frequency of high-profile breaches. Unsuspecting workers can be easily duped into falling for hackers and cyber scams.

Although employees are more likely to change their passwords than engage in other cybersecurity practices, the important metric here is frequency. Updates and reminders might not offer enough protection from breaches; some organizations, fed up with the vulnerabilities of traditional passwords, have even turned to biometrics.

Employees are often on the frontline of attack by cybersecurity hackers, so it's crucial that they not only get policy training, but that they also understand and can easily follow security procedures. A Harvard Business Review report recommends that policies be kept simple and user-friendly for employees. HR can team up with IT to draft workable policies to protect employees and their organizations.

Recommended Reading

Filed Under: Learning

Editors' picks

Company Announcements

View all | Post a press release
CuraLinc Healthcare Announces Strategic Acquisition of Marquee Health
From CuraLinc Healthcare
October 29, 2024
myHR Partner is Recognized as a 2024 Power Partner Award Winner
From myHR Partner
October 22, 2024
Goodpath Partners with Bennie to Expand Access to Whole-Person Virtual Care
From Goodpath
October 15, 2024
Goodpath Launches Whole-Person Care Pathways for Diabetes and Weight Management
From Goodpath
October 23, 2024
Editors' picks
Latest in Learning
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell