Employees Still Struggle to Identify Phishing Threats and Properly Protect Their Data, Report Finds

Respondents, who answered 22 percent of questions incorrectly, struggled most with assessments about mobile device encryption and protections for personally identifiable information.

The security industry relies on well-maintained, constantly updating systems to protect its customers from cybersecurity threats. But the security of those systems is often only as good as the ability of humans to identify cyberattacks as they’re happening.

Many employees are vulnerable to security threats due to their lack of knowledge on several cybersecurity issues, according to the results of Proofpoint’s annual Beyond the Phish report. The report analyzed over 130 million responses to cybersecurity questions in order to explore the knowledge of end-users ⁠—otherwise known as normal workers who use their employers’ email and Internet services.

Overall, users answered 22 percent of questions incorrectly. That’s an increase of 4 percent from the last report in 2018, but Proofpoint said its assessment has gotten tougher and more expansive since then.

Respondents had the most trouble with identifying phishing threats, knowing how to protect data throughout its lifecycle, complying with cybersecurity directives like the General Data Protection Regulation (GDPR) and protecting mobile devices and the data stored on them. Users showed the most comfort with avoiding ransomware attacks, answering nearly 90 percent of questions about the topic correctly.

Perhaps due to training sessions and a greater public awareness of malicious threats targeting corporations, the users surveyed by Proofpoint performed best on questions related to identifying potentially risky communication channels, recognizing cyber threats such as ransomware and malicious pop-up windows, and locking their computer before leaving their desk.

But the users had trouble with questions regarding mobile device encryption, protections for personally identifiable information and actions they can take following a potential physical security breach.

“Cyber criminals continue to focus on people, structuring attacks to take advantage of users who are unaware and unprepared,” the report reads. “Not all security incidents are solely the result of an attack; many arise from poor user security practices and a general lack of awareness.”

Professionals in the education and transportation industries had the poorest performance on the assessment, answering questions incorrectly about 24 percent of the time. Users in the finance industry performed best with about 20 percent incorrect answers.

The report also featured statistics on the difference in performance between users as a whole and users who received ongoing security awareness training. The company, which provides such training, found that users performed better on tough questions related to mobile devices and regulation compliance when they received quarterly training.

“Education answers the ‘why’ for users,” the report reads. “It helps them make the connection between awareness and action … Regular security awareness training is the best way to build users’ knowledge.”

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Accelerating a Pathway

    There is a new trend touting the transformational qualities of AI’s ability to deliver actionable data and predictive analysis that in many instances, seems to be a bit of an overpromise. The reality is that very few solutions in the cyber-physical security (CPS) space live up to this high expectation with the one exception being the new generation of Physical Identity and Access Management (PIAM) software – herein recategorized as PIAM+. Read Now

  • Protecting Your Zones

    It is game day. You can feel the crowd’s energy. In the parking lot. At the gate. In the stadium. On the concourse. Fans are eager to party. Food and merchandise vendors ready themselves for the rush. Read Now

  • Street Smarts

    The ongoing acceptance of AI and advanced data analytics has allowed surveillance camera technology to shift from being a tactical tool to a strategic business solution. Combining traditional surveillance technology with AI-based data-driven insights can streamline transportation systems, enhance traffic management, improve situational awareness, optimize resource allocation and streamline emergency response procedures. Read Now

  • The Progress of Biometrics

  • Next-Gen AI for Smart Cities

    The future of smart city technology is not being shaped in Silicon Valley — it is taking root in Dubuque, Iowa. With a population of about 60,000, this mid-sized city has become a live testbed for AI-driven traffic management thanks to a unique public-private collaboration led by Milestone Systems. Project Hafnia demonstrates how cities can transform urban mobility and safety through Responsible Technology—without costly infrastructure overhauls. Read Now

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.