The insecurity of people and security

Issue 1 2022 Training & Education

KnowBe4 did a survey of security habits around the world and unpacked how people behaved and the mistakes they made.The survey included more than 6000 people from across several countries, including South Africa, the US, Norway and the UK and dug deep into security behaviours around social engineering, password policies and more.


Anna Collard.

It revealed that around 53% of respondents believed they would be very comfortable reporting a violation or security issue with South Africa achieving an impressive 80%, compared with the 35% in Germany and 39% in the Netherlands. As Anna Collard, SVP of content strategy and evangelist at KnowBe4 Africa, points out, this is a good time to replicate South Africa when it comes to encouraging people to report incidents and protect the business.

“Many people do not report a security incident because the process is too difficult, or they are too scared to report it,” she explains. “This is often made more complex by the fact that people do not know how to report an issue. These facts point to security systems that are complicated and confusing and to a cultural or societal issue that makes people feel uncomfortable or unsafe when reporting an issue. And both of these challenges have to be addressed.”

People are the last line of cybersecurity defence. They can prevent an issue from escalating and stop an attack from happening. They can also be the primary reason why an attack takes place. If they are falling for a phishing attempt or not reporting an incident, then they are potentially leaving the door wide open to attackers.

“The report found that South African IT security teams are seen as the most responsive and helpful,” says Collard. “Around 60% of South African respondents believed their teams were helpful compared to the global average of 43%, which is very likely why people were comfortable flagging an issue with them. The Norwegian and Dutch teams were rated the most unhelpful.”

This pattern in responsiveness on an emotional level is invaluable as organisations can use this insight to create a more engaging security culture. The best programmes are those that emphasise the importance of the employee’s role in ensuring that the business remains secure, while also establishing a positive and emphatic relationship between people and the IT Security team.

“Another area that the survey highlights as worth focusing on is around password security and multi-factor authentication (MFA),” says Collard. “Around 44% of respondents said they used different passwords for different sites, which shows that there is awareness around computer security. But only just over 23% of respondents said they used MFA, which is a concern. South Africa was the lowest at 13% and Germany at 14%, but all end users need to focus on increasing MFA adoption to better beat the cybersecurity odds.”

Overall, the survey underscored how important training has become for companies looking to increase their security posture and behaviours. People need to be given regular insight into how their actions change the face of security and how they can play a positive role in shaping the culture of security within the business. These steps will help build a solid foundation of security within the business by fundamentally shifting how people behave online and in the business.

“Already, South African companies lead the way when it comes to proactive response times with accessible IT teams, now all that is left is to polish up our general security awareness,” concludes Collard.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

CCTV control room operator job description
Leaderware Editor's Choice Surveillance Training & Education
Control room operators are still critical components of security operations and will remain so for the foreseeable future, despite the advances of AI, which serves as a vital enhancement to the human operator.

Read more...
Strong industry ties set Securex South Africa apart
News & Events Training & Education
Securex South Africa, co-located with A-OSH EXPO, Facilities Management Expo, and Firexpo, is a meeting place of minds, where leading security, safety, fire, and facilities professionals come together, backed by strong ties with the industry’s most influential bodies.

Read more...
Gallagher Security expands Digital Badge Programme
News & Events Access Control & Identity Management Training & Education
Following a successful launch and roll out across Australia and Papua New Guinea in 2023, Gallagher announced its Digital Badge programme is now available to channel partners and end users across the rest of APAC IMEA.

Read more...
The need for integrated control room displays
Leaderware Editor's Choice Surveillance Training & Education
Display walls provide a coordinated perspective that facilitates the ongoing feel for situations, assists in the coordination of resources to deal with the situation, and facilitates follow up by response personnel.

Read more...
The need for integrated control room displays
Editor's Choice Surveillance Training & Education
Display walls provide a coordinated perspective that facilitates the ongoing feel for situations, assists in the coordination of resources to deal with the situation, and facilitates follow up by response personnel.

Read more...
Organisations fear AI-driven cyberattacks, but lack key defences
Kaspersky Information Security News & Events Training & Education
A recent Kaspersky study reveals that businesses are increasingly worried about the growing use of artificial intelligence in cyberattacks, with 56% of surveyed companies in South Africa reporting a rise in cyber incidents over the past year.

Read more...
ONVIF launches new online learning initiative
Training & Education Surveillance News & Events
ONVIF has released the first course in a new online learning initiative designed to promote greater knowledge and understanding of ONVIF's workings. The first “Introduction to ONVIF” course is now available.

Read more...
Unique fire detection challenges in hospitals
Securiton Fire & Safety Healthcare (Industry) Training & Education
Africa’s healthcare sector is a growth opportunity for business as new hospitals bring better health for millions, and the fire safety industry has a key role to play by ensuring these long-desired new hospitals do not go up in flames.

Read more...
South African youth robotics team takes world title
News & Events Training & Education
A South African youth robotics team recently won the 2024 FIRST Tech Challenge (FTC) World Championships. FTC is an international robotics competition designed to ignite high school students' passion for STEM (Science, Technology, Engineering and Mathematics).

Read more...
SMARTpod talks to The Risk Management Forum
SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Videos Training & Education
SMART Security Solutions recently released its first SMARTpod podcast, discussing the upcoming Risk Management Forum Conference 2024, which will be held on 26 September 2024 at the Indaba Conference Centre in Fourways, Johannesburg.

Read more...