Employees don’t know when to contact the IT department for help and when to solve an issue themselves. Even when they do reach out, they find support is difficult to come by, new research suggests.
According to a report from security training firm KnowBe4, based on a poll of more than 320,000 people worldwide, almost a third (30 percent) find it difficult to get IT help and support at work.
The report also states that the lack of proper cybersecurity training leaves some employees not knowing when to reach out to IT for support, and others overconfident in their cybersecurity skills.
Many organizations appear to be underinvesting in cybersecurity awareness training, as a fifth of employees feel they don’t get enough security information. The report’s authors claim the consequences of this approach are manifold, as this lack of information “could be related” to poor understanding of when to report an incident, or how to adhere to security standards. It could also lead to employees being overconfident in their ability to spot a threat, as more than half (57 percent) believe they’d be able to spot being hacked.
Cybersecurity overconfidence manifests itself elsewhere, too, the report states. Almost a quarter (24 percent) of employees don’t think a short and simple password increases the risk of an attack, while 77 percent don’t use any means to securely store passwords. The remaining quarter (23 percent) store some of their passwords on their devices, where they could easily be accessed.