Overall, 31 percent of end users missed assessment questions related to using social media safely in the workplace. When the results were broken down by industry, education was among the top three sectors that struggle the most in the social media realm, missing 36 percent of assessment questions on safe social media use. The other two sectors with the least social media savvy: telecommunications (38 percent of questions missed) and retail (34 percent of questions missed).
After social media, the least understood cybersecurity topics across all industries were protecting and disposing of data securely (30 percent of questions missed); identifying phishing threats (28 percent of questions missed); protecting confidential information (27 percent of questions missed); and working safely outside the office (26 percent of questions missed).
The report linked the lack of understanding around common cybersecurity threats to the ever-growing problem of phishing. "Many of these risky behaviors exacerbate the phishing problem," Wombat President and CEO Joe Ferrara said in a statement. According to another Wombat study released back in January, phishing attacks have increased 13 percent since 2014. "To reduce cyber risk in organizations, security education programs must teach and assess end users across many topic areas, like oversharing on social media and proper data handling," said Ferrara.
Despite all the challenges, there are several areas of cybersecurity where employees are getting it right. The Wombat report highlighted the following categories where end users answered the highest percentage of assessment questions correctly:
The full Beyond the Phish Report can be downloaded free from the Wombat Security Technologies site (registration required).