CANARY WHARF, LONDON – 97% of office workers across the UK and US trust their cybersecurity team’s ability to prevent or minimize damage from cyberattacks, according to new CybSafe research. The study examining attitudes towards cybersecurity teams within organizations has uncovered that despite minor issues around communication and processes, there are high levels of trust and appreciation amongst employees. It indicates how cybersecurity teams and professionals are increasingly viewed as a vital strategic function enabling both individuals and business success.
The survey of over 1,000 office workers found an overwhelming majority see their cybersecurity team as a necessary and helpful function, with 86% characterizing the team as necessary and 72% calling it a vital company operation.
This trust also translates into security behaviors. When receiving communications from cybersecurity teams, over half of respondents (52%) said they read emails immediately. A further 36% read emails within a day, showing focused attention to security updates for the vast majority of employees.
When it comes to the impact of security teams on business success, around three quarters believe security teams enable business goals (74%) as well as personal work objectives (77%), with just 7% of respondents stating their cybersecurity team has had an overall negative impact on their working experience.
While responses towards cybersecurity teams are largely positive, the research also reveals some concerns from respondents. For example, 38% have, on occasion, felt obstructed from doing their job efficiently due to security measures. Additionally, 24% felt the team had hindered personal progress at work. Around a quarter found the cyber team intrusive (25%,) and nearly a third are unfamiliar with their roles and responsibilities, indicating issues with visibility. Finally, 45% believe regular employees need more mandatory cyber training, suggesting an opportunity for teams to build understanding and trust further through education.
As the number and complexity of cyber attacks continue to rise, businesses are making concerted efforts to increase cybersecurity visibility for all employees. Interestingly, the research suggests that while, ultimately, security teams are responsible for the maintenance of a positive security culture, workers feel a sense of responsibility for protecting their employer’s data. In total, 82% believe everyone in an organization shares responsibility for protection, not just security teams alone.
Cybersecurity teams also enjoy high levels of trust, with 97% expressing faith in their ability to prevent or minimize cyberattack damage. 85% believe their company invests enough in cyber defenses given current threat levels.
Of respondents who contacted their cybersecurity team for guidance, 88% were satisfied with the response. Just 5% were dissatisfied.
Oz Alashe MBE, CEO of CybSafe, reacted to the research, stating, “We hear a lot of negativity regarding the uphill battle faced by many cybersecurity teams, especially those protecting sensitive data. Despite this, however, this research displays that professionals have a high level of confidence in the capabilities and actions of security professionals.
“Cybersecurity and data protection is a collective effort, but ultimately, it is the role of the cybersecurity team to guide, inform and bolster this endeavor. By increasing visibility, improving communication channels and listening to their peers’ feedback, CISOs and their teams can reach out to those individuals struggling to engage with their message and continue improving their organization’s cyber resilience from the ground up.”
Ira Winkler, CISO and Vice President, CYE and author of Security Awareness for Dummies, said:
“This does make it a pleasant surprise that users who reported were overwhelmingly satisfied with the response from the cybersecurity team. The implication is that cybersecurity teams are becoming more customer service focused and understanding of the needs of users.
“While cybersecurity friction does have a bad connotation, the reality is that it can be useful and necessary. While you don’t necessarily want to make business processes difficult, you do want to make sure that it is not easy to do the wrong things. At the same time, users and the company as a whole should understand that cybersecurity embedded in business practices enables organizations to do things they otherwise would not be able to do. For example, cloud-based applications would not be possible unless data could be secured across the internet and users could authenticate themselves properly.”
About CybSafe
CybSafe is cloud-based software that reduces organizational risk by improving people’s security decisions and behaviors. It educates, nudges, and provides real-time, tailored cyber assistance for users to secure their digital lives. It’s the only human-risk software solution that helps security professionals target specific security behaviors. It also provides security behavior, culture, and risk reporting metrics that allow you to pre-empt security problems. CybSafe is underpinned by a data-led model of human behavior and leverages SebDB, the world’s most comprehensive security behavior database. It’s designed for a modern workforce and a hybrid working environment.