Cyber security is an increasingly major issue and it is likely that businesses are more than aware of the risks and threats that face their company from hackers. However, with cyber threats now increasing and insider threats from employees now accounting for 70% of data breaches in companies, cyber security has become everyone's problem. While tech teams may be ahead of the game in terms of understanding the risks, recent data shows that the public's cyber security knowledge is worryingly poor, with American adults only being able to correctly answer an average of 5 out of 13 questions about cyber security issues.
What we know
The research, carried out by Pew Research Centre, tested over 1,000 adults on issues and terms to gauge their understanding of cyber security, and highlighted major knowledge gaps amongst the participants. While most people could correctly identify the most secure password from a given list, 17% still answered incorrectly, suggesting that they would be unable to protect their activity and data effectively with even the most basic level of authentication, leaving themselves and their employers at risk.
Public knowledge gaps surrounding more complex terms was more widespread, with 71% of participants unable to identify an example of multi-factor authentication. This highlights an inability to recognize the correct security procedure, therefore leaving them vulnerable to cyber attacks using fake authentication processes or fake screens to gain valuable information.
The dangers of uncertainty
Equally as concerning as the incorrect answers was the amount of uncertainty demonstrated by the participants, with many responding to the questions with 'unsure'. 70% used this response when asked if 'a VPN minimizes the risk of using insecure Wi-Fi networks' and 73% admitted they were also unsure what a 'botnet' was. These responses are surely a sign that the language and terminology used around cyber security has not filtered into public knowledge, leaving people confused and lacking in understanding. From this, it means that when they hear or read about cyber security, the public are not getting the full picture, so the issue does not feel real for them.
The risks involved
This lack of understanding and these knowledge gaps leads to a lack of responsibility and vigilance from employees when it comes to cyber security, which can have devastating consequences such as major data leaks. Research shows that six out of ten businesses that suffer a data breach will cease to be operational within 6 months, but it also affects the public as consumers. We recently saw Loan Company Wonga suffer as the result of a data breach that affected a quarter of a million of its European customers. Sensitive information such as names, home addresses and bank details may have been compromised. This not only puts the company at risk of investigation from the Information Commissioners office for neglecting their responsibility to keep their customer's data secure, but losing them custom and face as users of the service took to Twitter to vent their anger, causing huge reputational damage.
The importance of education
Making cyber security a public safety lesson and educating individuals on the risks involved can reduce incidences like this. It is vitally important to make the issues clear and real so that it feels like everyone's responsibility. By helping the public understand how their actions can play a part in cyber security such as using high profile cases involving human error and running real-time training scenarios, employees will be able to relate to and feel part of the problem and take active steps to prevent it.
- Read next: What Are Phishing Attacks and How Do You Spot Them?
- See how our Cloud Security Services could help you