Cybersecurity awareness poll

According to a recent Twitter poll run by Infosecurity Europe (www.infosecurityeurope.com/en-gb.html) 49.9% of respondents believe that lack of awareness is the biggest security failing or cause of a data breach within their organization.  Employees feel this is having a significant impact on security posture, with 43% stating their organization is ‘not at all prepared’ for a security breach.

However, almost a third (30.9%), say they think their company is very well prepared, whilst a further 26.1% say their firms are moderately well prepared.  

Carried out to mark Cyber Security Awareness Month 2021 (www.cisa.gov/cybersecurity-awareness-month), the poll also found that security vulnerabilities were cited by almost a quarter (23.3%) of respondents as the biggest security failing or cause of breach within their company, followed by lack of control over third parties (17.1%).  Lack of senior involvement in cybersecurity isn’t considered a major issue, with only 9.7% believing it is their organization’s most serious cybersecurity problem.  

On the whole, employees are willing to play their part in protecting company data, though a third (34.4%) believe they should not be held solely accountable if a breach occurred.  One in five feel it would be ‘unfair’ to be held accountable, with more than a quarter saying they ‘wouldn’t care’ if they were held accountable.  This suggests a lack of engagement or, again, awareness of what their responsibilities should be around protecting data and the true impact of failing to do so.

When asked about securing company data from attacks while working remotely, 38.6% of respondents find securing their devices is the biggest challenge they face.  Reducing pressure on staff is the greatest challenge for 22.9%, followed by securing the environment (19.8%).  Almost one in five (18.6%) haven’t noticed any change in terms of security challenges since they started remote working.

“The focus of this year’s Cybersecurity Awareness Month is on empowering individuals and organizations to play an active role in enhancing cybersecurity.  Our poll suggests there’s quite some progress still to be made here, with lack of cybersecurity awareness highlighted as a major problem,” says Nicole Mills, Exhibition Director, Infosecurity Group.  “Nor do most employees have faith that their organization is well prepared for a breach.  There’s clearly as much work to do in the culture space as the technology space when it comes to empowering and equipping people to ‘do their part’ – particularly around education to build cybersecurity awareness, knowledge and skills.”

Next year’s Infosecurity Europe conference will run from 21-23 June at ExCeL London.  More details available at www.infosecurityeurope.com/en-gb.html