- Jeremy Corbyn Rickrolls everyone ahead of British election Today 10:18 AM
- Trisha Paytas denies accidentally exposing herself on TikTok Today 10:04 AM
- Report: Barr wants tech antitrust probe wrapped up in 2020 Today 9:59 AM
- ‘Zybourne Clock’ original art is selling for over $4,000 on eBay Today 9:11 AM
- What is TikTok famous club, and can you trust it? Today 9:03 AM
- ‘John Wick 4’ and ‘The Matrix 4,’ both starring Keanu Reeves, will come out on the same day Today 8:54 AM
- Smoke ’em, pass ’em Week 15: It’s Tannehill’s world Today 8:45 AM
- Trump mocks Greta Thunberg over ‘person of the year’ win Today 7:55 AM
- Temple student refers to Philly as the ‘ghetto’ in ‘unacceptable’ TikTok Today 7:52 AM
- The decade the hucksters overran the halls of power Today 6:30 AM
- Ninja mocked for not knowing how to make a sandwich Wednesday 9:30 PM
- Marvel comics writer discusses misogyny in the industry Wednesday 9:09 PM
- TikTok conspiracy theorists think Juice WRLD is still alive Wednesday 7:03 PM
- Conservatives are protesting YouTube’s new harassment rules Wednesday 5:36 PM
- YouTuber’s ‘creepy’ comment about Taylor Swift’s eggs gets ratioed Wednesday 5:31 PM
45 percent of Americans get no computer-security training at work
No wonder data breaches are so prevalent.
Despite a constant stream of data breaches and cyberattacks on American businesses, nearly half of employees at U.S. companies get no cybersecurity training at work—a fact that explains their poor performance on various security metrics.
Two-thirds of respondents in a newly released CompTIA survey, “Cyber Secure: a Look at Employee Cybersecurity Habits in the Workplace,” reuse passwords on multiple accounts. Nearly 40 percent use their work email address for personal services like banking and ecommerce. And 41 percent of employees surveyed were unfamiliar with two-factor authentication (logging in with both a password and a randomly generated code sent to a mobile device).
CompTIA, a trade group representing major IT firms, found that employees were more diligent about corporate security than personal security. More employees changed their work passwords monthly than their personal passwords. The same was true for those who changed their passwords quarterly, which was also the most popular interval for changing them. (Only 9 percent waited a year to change their work passwords.)
Among the survey’s most significant findings was the fact that, of the 1,200 full-time American employees interviewed, only 55 percent reported receiving cybersecurity training at work. There was widespread consensus that cybersecurity education should start at a much younger age, with a combined 72 percent of respondents saying that kids should begin learning about Internet best practices between the ages of five and 13.
The CompTIA survey also revealed that Americans’ perceptions of cybersecurity remain focused on their identities rather than their data. A plurality of respondents (36 percent) associated the term with identity theft, and only 18 percent associated it with hackers.
Nearly every employee surveyed used an antivirus program, whether a paid product (57 percent), a free option (30 percent), or an application that shipped with the device (11 percent). Only 2 percent of employees left their machines completely unprotected—a fact should offer some comfort to IT managers.
Corporate security experts are likely to blanch at the fact that 22 percent of respondents said they would pick up a USB flash drive if they found it sitting somewhere in public. Making matters worse, 84 percent of that curious subset said they would plug it into their device. Flash drives remain one of the easiest vectors of attack for cyber criminals. Surprisingly, millennials were more likely than members of older generations to pick up a flash drive (40 percent, compared to 22 percent of Gen Xers and 9 percent of Baby Boomers).
The CompTIA report follows other trade groups’ surveys that show a similarly low level of cybersecurity awareness and competence. CTIA–The Wireless Association found that fewer than six in 10 Americans secured their smartphones with a password, while a National Cybersecurity Awareness Month survey revealed that 40 percent of Americans used their router’s default password and 59 percent of parents let their kids download apps without permission.
Photo via Peter & Joyce Grace/Flickr (CC BY 2.0) | Remix by Jason Reed
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.