According to data from KnowBe4’s SecurityCoach product, employees engage in risky behavior on their work devices. SecurityCoach enables IT and security professionals to develop a strong security culture by providing real-time security coaching to users in response to risky security behavior. By leveraging an organization’s existing security stack, IT and security professionals can configure real-time coaching campaigns to immediately deliver a SecurityTip to their users related to detected events.
The top ten risky behaviors of employees that organizations have detected by integrating SecurityCoach with their existing security offerings include entertainment domain/streaming services, gaming websites, greymail, adult websites, unauthorized or malicious applications, risky websites detected, unapproved removable media, sharing of personal identifiable information (PII), cloud backup or storage, and malicious email attachments opened.
Verizon’s 2022 Data Breach Investigations Report shows that the human factor is involved in 82% of data breaches. However, according to IDC, less than 3% of IT spending is allocated to securing the human layer. “With the proliferation of social engineering attacks, employees continue to be the biggest risk factor,” said Stu Sjouwerman, CEO of KnowBe4. “However, with proper training and coaching, they can become a human firewall and your last line of defense. These findings from our new SecurityCoach product are definitely concerning and reiterate the importance of developing a strong security culture.”
Organizations that want to enhance their security culture should consider implementing employee training and coaching to help mitigate the risks associated with human error. It is essential that IT and security professionals work closely with employees to provide them with the skills and knowledge they need to recognize and respond to cyber threats. Offering regular training and coaching sessions, promoting safe browsing habits, and encouraging employees to report suspicious activities can help reduce the risks associated with human error.
In conclusion, the human factor remains a significant threat to organizational security, and organizations must take proactive steps to mitigate these risks. Investing in employee education and training can help employees develop a strong security culture, becoming a significant asset to the organization’s overall security posture. The findings from KnowBe4’s SecurityCoach product emphasize the importance of developing a strong security culture and provide valuable insights into the risky behaviors exhibited by employees. With proper training and coaching, employees can become a human firewall and help reduce the risks associated with human error.