Organisations with poor security cultures run a risk that is 52 times higher for employees sharing credentials.
This was a key observation from a white paper written by the research arm of security awareness training and simulated phishing platform provider KnowBe4 in its 2021 Security Culture Report.
Results from this year’s report revealed a large gap between the best performers and the poor performers when it comes to security culture. The best performers were from Banking and Financial Services industries and the worst performers were from Education and Construction.
The 2021 Security Culture Report more than doubled the sample size from the 2020 report, with more than 320,000 employees in 1,872 organisations around the world. Security culture varies across industries.
This year, a new section was added to the report called A Detailed Analysis of Security Culture, which provides an in-depth view state on specific aspects of security culture.
The purpose of the security culture survey and the Security Culture Report is to provide an objective scientific method for assessing, reporting and comparing the relative information security culture‑related strengths and weaknesses of individuals, organisations, industry sectors, regions and more.
“We look at how employees consider their sentiments about having access to security-related information, how they think about passwords and their access to the security team,” said Kai Roer, managing director, KnowBe4 Research.
To view the full report, click here.