- Report: Fortnite developer Epic Games is working employees into the ground 3 Years Ago
- Damian Lillard’s game-winning 3-pointer inspired a plethora of memes Today 12:17 PM
- Gamers are blaming socialism for making the women in Mortal Kombat ‘ugly’ Today 11:36 AM
- Nickelodeon is selling SpongeBob toys based on popular memes Today 11:25 AM
- Alex Jones protests outside the White House by shouting the name of his website Today 11:13 AM
- ‘I Think You Should Leave with Tim Robinson’ has an absurd conclusion for every scenario Today 10:52 AM
- Twitch star TF Blade banned for racial slur—but he swears he didn’t say it Today 10:43 AM
- Steve King says backlash to white nationalism comment was like what Jesus went through Today 10:23 AM
- Netflix movies are still eligible for Oscars, Academy rules Today 10:21 AM
- Sheriff’s deputy makes homophobic comments on Facebook after gay teen’s suicide Today 10:02 AM
- The Marvel movies you actually need to see before ‘Avengers: Endgame’ Today 9:10 AM
- Twitter launches new tool to combat misinformation about voting Today 8:44 AM
- These Cards Will Get You Drunk is the game with one very obvious purpose Today 8:20 AM
- Conservative guy’s Elizabeth Warren op-ed inspires ‘slap in the face’ meme Today 7:37 AM
- ‘Ask Dr. Ruth’ takes a crowd-pleasing look at her life and groundbreaking career Today 7:30 AM
45 percent of Americans get no computer-security training at work
No wonder data breaches are so prevalent.
Despite a constant stream of data breaches and cyberattacks on American businesses, nearly half of employees at U.S. companies get no cybersecurity training at work—a fact that explains their poor performance on various security metrics.
Two-thirds of respondents in a newly released CompTIA survey, “Cyber Secure: a Look at Employee Cybersecurity Habits in the Workplace,” reuse passwords on multiple accounts. Nearly 40 percent use their work email address for personal services like banking and ecommerce. And 41 percent of employees surveyed were unfamiliar with two-factor authentication (logging in with both a password and a randomly generated code sent to a mobile device).
CompTIA, a trade group representing major IT firms, found that employees were more diligent about corporate security than personal security. More employees changed their work passwords monthly than their personal passwords. The same was true for those who changed their passwords quarterly, which was also the most popular interval for changing them. (Only 9 percent waited a year to change their work passwords.)
Among the survey’s most significant findings was the fact that, of the 1,200 full-time American employees interviewed, only 55 percent reported receiving cybersecurity training at work. There was widespread consensus that cybersecurity education should start at a much younger age, with a combined 72 percent of respondents saying that kids should begin learning about Internet best practices between the ages of five and 13.
The CompTIA survey also revealed that Americans’ perceptions of cybersecurity remain focused on their identities rather than their data. A plurality of respondents (36 percent) associated the term with identity theft, and only 18 percent associated it with hackers.
Nearly every employee surveyed used an antivirus program, whether a paid product (57 percent), a free option (30 percent), or an application that shipped with the device (11 percent). Only 2 percent of employees left their machines completely unprotected—a fact should offer some comfort to IT managers.
Corporate security experts are likely to blanch at the fact that 22 percent of respondents said they would pick up a USB flash drive if they found it sitting somewhere in public. Making matters worse, 84 percent of that curious subset said they would plug it into their device. Flash drives remain one of the easiest vectors of attack for cyber criminals. Surprisingly, millennials were more likely than members of older generations to pick up a flash drive (40 percent, compared to 22 percent of Gen Xers and 9 percent of Baby Boomers).
The CompTIA report follows other trade groups’ surveys that show a similarly low level of cybersecurity awareness and competence. CTIA–The Wireless Association found that fewer than six in 10 Americans secured their smartphones with a password, while a National Cybersecurity Awareness Month survey revealed that 40 percent of Americans used their router’s default password and 59 percent of parents let their kids download apps without permission.
Photo via Peter & Joyce Grace/Flickr (CC BY 2.0) | Remix by Jason Reed
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.