Ben DiPietro | June 16, 2017

Survey Roundup: U.S. Workers Lack Cybersecurity Smarts

A look at some recent surveys and reports dealing with risk and compliance issues. Send surveys and reports to

Red, White & Duped: A study of 2,000 workers in the U.S. and U.K. by Wombat Security found half the U.S. respondents said they were victims of identity theft compared to 19% of U.K. respondents. Forty-six percent of those in the U.S. said they were duped by a phishing email compared to 17% in the U.K. Asked what malware is, 30% of U.S. respondents said it is computer hardware that boosts a wifi signal; 6% in the U.K. gave that answer. Sixty-one percent in the U.S. knew what malware is, while 78% of U.K. workers did.

“To drive true and lasting behavior change, employee education programs must include regular delivery of both awareness and training activities,” stated the report. “When organizations consider the implications of end-user-driven risks, they should also consider the opportunities to mitigate these risks and create a workforce that has the knowledge to make informed choices and has the ability to be part of the solution rather than part of the problem.”

Modern Value: A Deloitte survey of around 580 compliance professionals, C-suite executives and board members found 56% said their compliance and regulatory efforts are neither modernized nor creating value even though 44% expect an uptick in regulatory activity in the next year. Deloitte is the sponsor of WSJ Risk & Compliance Journal.

Collaboration In Short Supply: A survey by 3M of 237 U.S.-based suppliers found 43% said they feel fully empowered to collaborate with their partners, with the rest saying they hold back due to a lack of incentives or lack of customer openness.

Who Needs That?: A report from insurance brokerage Marsh found renewal rates for cyberliability insurance policies in the U.S. declined on average 1.7% in the first quarter of 2017, the first decline since 2014.

Drowning In Data: A survey of around 1,000 chief financial officers and senior-level finance professionals by compliance and data-management firm Workiva found 60% said they spend too much time cleaning and manipulating data, while 97% said the reporting process keeps them up at night.

Elder Abuse: A report by security-ratings firm BitSight looking at more than 35,000 companies globally found more than 2,000 organizations run more than half their computers on outdated versions of an operating system, and more than 8,500 firms have more than half their computers using outdated browsers.

Taxing Work: Manufacturers on average spend 650 hours a month on tax compliance issues, yet 40% of returns filed in the past two years had errors that cost manufacturers nearly 2% of their revenue to fix, according to a report from Sovos Compliance.

SOX In Control: The annual Sarbanes-Oxley compliance survey of 468 chief audit executives and internal audit and finance leaders by consulting firm Protiviti found 70% reported improvement in their internal control over financial reporting and 50% said SOX compliance has resulted in continued improvement of business processes.

Errors At Sea: A report by insurer Allianz Global Corporate & Specialty found up to 80% of all offshore data breaches can be blamed on human error.

Fraud’s A Comin: A survey of financial professionals by TD Bank found 91% said payments fraud will become a growing problem in the next two to three years.