‘User Risk Report’ finds distinct differences in personal security habits and vulnerabilities among international respondents

PITTSBURGH, JUNE 13, 2017 

Wombat Security Technologies (Wombat), the leading provider of cyber security awareness and training, today announced the release of its “2017 User Risk Report,” which provides an analysis of admitted personal security behaviors of U.S. and U.K. workers that play a major role in securing information, devices and systems at work and at home. Wombat surveyed more than 2,000 working adults — 1,000 in the U.S. and 1,000 in the U.K. — about cyber security topics and best practices that are fundamental to data and network security, including mobile device habits and password security. The survey concluded less than 24 hours prior to the start of the public warnings about the WannaCry ransomware attack.

“Increasing personal security measures is critical to preventing identity theft and related cyber attacks, especially in our continuously connected world,” said Amy Baker, VP of Marketing at Wombat. “Wombat has studied the behavior of end users extensively, as evidenced by our annual ‘State of the Phish™’ and ‘Beyond the Phish™’ reports that focus on end user data from our educational software. With this particular survey, we wanted to investigate the habits of the general population both at work and at home. What we found was a combination of perplexing and alarming, but also a unique look into the existing vulnerabilities of today’s workforce.”

Wombat’s “2017 User Risk Report” found that half of U.S. respondents have been a victim of identity theft, compared to 19 percent of U.K. respondents. This discrepancy may be attributed to lax security habits of U.S. workers. For example, the survey found that 54 percent of U.S. respondents believe a trusted location, such as a nice hotel or international airport, indicates a trusted WiFi network, while just 27 percent of U.K. respondents shared this belief. Similarly, 58 percent of U.S. workers believe an antivirus software can stop a cyberattack, while 37 percent of U.K respondents held the same belief.

Wombat also found that, while half of employees have a basic knowledge of phishing, 30 percent of workers do not know what phishing is, with 10 percent of respondents unable to provide a guess. Furthermore, researchers found that knowledge of ransomware was even more scarce, with 63 percent of U.S. respondents and 58 percent of U.K. respondents not knowing what ransomware is. These results reflect the findings of the latest “State of the Phish Report” from Wombat released in January 2017.

“We often find that those of us who work in cyber security overestimate the knowledge the general public has on cyber security risks and basic secure behaviors,” advises Baker. “This could be giving security professionals false confidence and may be the reason why just fewer than half of organizations have a security awareness training program for their employees.”

Wombat also examined how employees’ personal behaviors and choices are directly impacting corporate device security. The findings closely reflected the “2017 State of the Phish Report,” which indicated U.K. employees are far less likely than their U.S. counterparts to blur the lines between work and personal activities – 39 percent in the U.K. vs 71% in the U.S. Of those who regularly use a corporate laptop or smartphone at home, Wombat’s survey revealed some key risks:

  • 54 percent of U.S. respondents and 36 percent of U.K. respondents view/post to social media on work devices
  • 57 percent of U.S. respondents and 28 percent of U.K. respondents stream media (e.g. music and video) on work devices
  • 58 percent of U.S. respondents and 45 percent of U.K. respondents shop online on work devices
  • 52 percent of U.S. respondents and 30 percent of U.K. respondents play games on work devices
  • Additionally, Wombat found that an alarming number of these same U.S. workers allow their family members and trusted friends to check/reply to email (46 percent), view/post to social media (43 percent), stream media (47 percent), shop online (48 percent) and play games (50 percent) on their work devices.

To view the complete “2017 User Risk Report,” visit https://info.wombatsecurity.com/user-risk-report.

###

About Wombat Security Technologies  

Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS-based cyber security education solution includes a platform of integrated broad assessments, as well as a library of simulated attacks and brief interactive training modules. Wombat's solutions help organizations reduce successful phishing attacks and malware infections up to 90%. Wombat, recognized by Gartner as a leader in the Magic Quadrant for Security Awareness Computer-Based Training Vendors, is helping Fortune 1000 and Global 2000 customer in industry segments such as finance and banking, energy, technology, higher education, retail and consumer packaged goods to strengthen their cyber security defenses. 

Wombat Security Contact:  


Julie Frey  
wombat@shiftcomm.com   
512-792-2550 

Susan Mackowiak  
press@wombatsecurity.com  
412-621-1484 x 126