Even security experts are vulnerable to common risks
Even the most seasoned and sophisticated security experts are vulnerable to common security risks. In fact, while 90% of security professionals can recognise a phishing email, 30% say they would not report one.
This was one of the findings of a human risk assessment study by AwareGO, provider of human cyber risk and awareness solutions.
Conducted at Infosecurity Europe last month, the study surveyed one hundred cyber security professionals, who were asked five questions in an effort to check how much their knowledge differs from their personal behaviour.
The focus of these questions related to critical threat areas such as phishing, sensitive data, remote work and password handling.
Ragnar Sigurdsson, head of R&D and co-founder of AwareGO, says the survey shone the spotlight on the fact that individuals of all levels can benefit from ongoing security awareness training.
“We all must stay vigilant and security aware of risks such as passwords and phishing schemes that can disrupt our business and put our organisations at risk every day.”
He says 95% of those surveyed said that they understood what sensitive data is and that they would not share anything sensitive on social media, and another 90% claimed they would not use unsecured WiFi.
Overall, survey participants earned a 70/100 resilience score across assessed threat areas. On the subject of password strength, when asked to type in their password to verify its strength, 50% entered a password – when the real trick here was to put in no password at all.
For anyone interested in how they would perform in the survey, AwareGO is maintaining a mini version of the Human Risk Assessment survey that is open for a limited time. To take this assessment, individuals can visit the Mini Human Risk Assessment on the AwareGO Web site to see how they stack up with other cyber security professionals.