A new study reveals that employees feel confident in their cybersecurity knowledge about insider threats…but this result may not be a good thing.
ObserveIt’s Multigenerational Workplace and Insider Threat Risk” study surveyed 1,000 full time employees, asking them if they felt that they understood the concept of an insider threat. Although 65 per cent of those surveyed responded that they did, the data is concerning, given that The Ponemon Institutes recorded an increase by 26 per cent in the number of insider incidents since 2016, according to an article on Facilities Executive. “The fact that employees self-report understanding insider threats and adhering to cyber security policies, while insider threat-related incidents continue to rise, indicates organizations may have a false sense of security based on their expectations of employees’ understanding of insider threats,” says the article.
Employers who want to change this “passing the buck” mentality when it comes to cybersecurity may want to examine the new National Institute of Standards and Technology (NIST) guidelines that stress the responsibility of all levels of employees within a company to maintain cybersecurity standards. The aptly named “Cybersecurity is Everyone’s Job” covers the role that all team members, from business owners to human resources, IT, legal and sales and marketing, according to Security Intelligence.
Sources:
https://facilityexecutive.com/2018/08/insider-threats-cyber-security-risk-workplace/
https://securityintelligence.com/new-nist-guidebook-says-cybersecurity-is-everyones-job-heres-why/
