Kaspersky reveals the most common knowledge gaps in cybersecurity
Woburn, MA — April 28, 2022 – According to statistics from a corporate security awareness platform, the most frequent mistake users make is answering questions related to email and password usage, with tasks around these topics in the top 5 most commonly failed by users.
The compliance of staff members remains one of the biggest concerns when it comes to cybersecurity. A recent survey of IT workers shows that inappropriate usage of IT resources by employees is the most common incident they face in their work. At the same time, 90% of employees tend to overestimate their knowledge of cybersecurity basics.
To identify the most vulnerable areas in corporate cybersecurity awareness, Kaspersky analyzed the answers given by people while going through the online security awareness quiz. According to the internal Kaspersky Automated Security Awareness Platform data, the most difficult question is asking what card details shouldn’t be emailed with 83% choosing incorrect answers. The remaining options of most frequent wrongly answered questions consist of tasks regarding email interaction and password usage including:
- Check all signs showing that someone has accessed your account. (73% answered incorrectly)
- You buy an app from the Google Play store and the system suddenly asks you to enter your Gmail email password. What should you do? (70% answered incorrectly)
- Fraudsters have hacked your friend's email. He will not restore access to the mailbox, claiming that he has not used it for many years and does not store any important information there. Explain why access still needs to be restored. (70% answered incorrectly)
- You are on a business trip, and your Internet access is unstable. While you are in another city, a colleague urgently needs a document that can only be accessed from your work account. This colleague asks you for a password from your computer. What should you do? (51% answered incorrectly)
Users show more vigilance when it comes to confidential corporate data. 99% of people correctly answered the questions devoted to sensitive information leakage or if a person with access to confidential documents leaves the company.
“It is understandable that people tend to be more careful with confidential information. This kind of data, by definition, implies that an employee must be more attentive while working with it,” comments Denis Barinov, head of Kaspersky Academy. “At the same time, sending information via email and entering passwords are part of our everyday routine and, at first sight, don’t pose any special risks. However, this negligence can be costly for a company, as criminals still employ old methods of cybercrime, such as the brute force of phishing. That is why it is important that corporate cybersecurity training uncovers all possible weaknesses and vulnerabilities even in most common everyday scenarios.”
To help companies refresh their employees’ cybersecurity knowledge around the essential parts of their work and personal interactions, Kaspersky has introduced a free online course on social media. As cybercriminals relish the opportunity to use social networks to obtain the information they need to carry out attacks against ordinary users and their employers, the course will teach staff how to avoid becoming a victim of social media scams.
To benefit from training on safeguarding your online life, learn which information you should avoid sharing via the Internet, and how to avoid social engineering, please visit our website.
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.
 Statistics are based on the results of 12 500 Kaspersky Security Awareness Platform users, trained between January – April 2022.