A majority of remote staff tend to overestimate their knowledge of cybersecurity basics according to cybersecurity firm Kaspersky.

Kaspersky, along with Area9 Lyceum, as part of their free security awareness training for remote workers, questioned workers on their knowledge of cybersecurity basics.

Though 66 per cent of participants responded correctly to cybersecurity questions, “even when learners were wrong, they mostly remained confident in their competences,” according to the analysis of anonymised learning results.

In 90 per cent of the cases when learners selected a wrong answer, they evaluated their feelings toward the given response as “I know it” or “I think I know it”.

“Analysis of anonymised learning results revealed that remote staff tend to overestimate the level of their knowledge of cybersecurity basics,” Kaspersky said.

“The most difficult learning objectives proved to be virtual machines, updates, and reasons why people should use corporate IT resources even while working outside the office,” it added.

“If employees see no danger in risky actions, let’s say, in storing sensitive documents in personal storage, they are unlikely to seek advice from IT or IT Security departments. From this perspective, it’s hard to change such behaviour, because a person has an established habit and may not recognise the associated risks. As a result, ‘unconscious incompetence’ is one of the most difficult issues to identify and solve with security awareness training,” said Denis Barinov, Head of the Kaspersky Academy.

comment COMMENT NOW