- Trump accuses Jewish Democrats of having ‘great disloyalty’ or a ‘lack of knowledge’ Tuesday 8:02 PM
- 1 million ‘anonymous’ users of popular porn site exposed in breach Tuesday 6:56 PM
- Khloé Kardashian angers followers with a calorie-counting joke about True Tuesday 6:14 PM
- Spider-Man may no longer be part of the Marvel Cinematic Universe Tuesday 5:28 PM
- Robert De Niro’s company is suing ex-employee for binge-watching Netflix at work Tuesday 4:41 PM
- Intentionally misgendering a character could get you banned from Borderlands 3 Tuesday 4:06 PM
- Facebook pulls Trump re-election ad for targeting ‘strong women’ Tuesday 4:03 PM
- Kamala Harris says she will restore net neutrality if elected Tuesday 3:16 PM
- All 8 of the ‘Rocky’ movies, ranked Tuesday 2:50 PM
- Everything you need to know about the Facebook conservative bias report Tuesday 2:35 PM
- Study links emoji use to more sex Tuesday 2:10 PM
- The chicken sandwich war is in full throttle on Twitter Tuesday 1:47 PM
- Netflix’s ‘Sextuplets’ proves Marlon Wayans is no Eddie Murphy—or even Mike Myers Tuesday 1:31 PM
- Facebook is finally rolling out its clear history tool Tuesday 1:13 PM
- ‘Theater etiquette’ tweets surge after YouTuber cast in ‘Waitress’ Tuesday 12:55 PM
45 percent of Americans get no computer-security training at work
No wonder data breaches are so prevalent.
Despite a constant stream of data breaches and cyberattacks on American businesses, nearly half of employees at U.S. companies get no cybersecurity training at work—a fact that explains their poor performance on various security metrics.
Two-thirds of respondents in a newly released CompTIA survey, “Cyber Secure: a Look at Employee Cybersecurity Habits in the Workplace,” reuse passwords on multiple accounts. Nearly 40 percent use their work email address for personal services like banking and ecommerce. And 41 percent of employees surveyed were unfamiliar with two-factor authentication (logging in with both a password and a randomly generated code sent to a mobile device).
CompTIA, a trade group representing major IT firms, found that employees were more diligent about corporate security than personal security. More employees changed their work passwords monthly than their personal passwords. The same was true for those who changed their passwords quarterly, which was also the most popular interval for changing them. (Only 9 percent waited a year to change their work passwords.)
Among the survey’s most significant findings was the fact that, of the 1,200 full-time American employees interviewed, only 55 percent reported receiving cybersecurity training at work. There was widespread consensus that cybersecurity education should start at a much younger age, with a combined 72 percent of respondents saying that kids should begin learning about Internet best practices between the ages of five and 13.
The CompTIA survey also revealed that Americans’ perceptions of cybersecurity remain focused on their identities rather than their data. A plurality of respondents (36 percent) associated the term with identity theft, and only 18 percent associated it with hackers.
Nearly every employee surveyed used an antivirus program, whether a paid product (57 percent), a free option (30 percent), or an application that shipped with the device (11 percent). Only 2 percent of employees left their machines completely unprotected—a fact should offer some comfort to IT managers.
Corporate security experts are likely to blanch at the fact that 22 percent of respondents said they would pick up a USB flash drive if they found it sitting somewhere in public. Making matters worse, 84 percent of that curious subset said they would plug it into their device. Flash drives remain one of the easiest vectors of attack for cyber criminals. Surprisingly, millennials were more likely than members of older generations to pick up a flash drive (40 percent, compared to 22 percent of Gen Xers and 9 percent of Baby Boomers).
The CompTIA report follows other trade groups’ surveys that show a similarly low level of cybersecurity awareness and competence. CTIA–The Wireless Association found that fewer than six in 10 Americans secured their smartphones with a password, while a National Cybersecurity Awareness Month survey revealed that 40 percent of Americans used their router’s default password and 59 percent of parents let their kids download apps without permission.
Photo via Peter & Joyce Grace/Flickr (CC BY 2.0) | Remix by Jason Reed
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.