17% of workers without experience in technology do not consider it relevant to discuss digital security issues in a company
One of the most effective ways to fight against cybersecurity risks, both personally and in companies, whether large, medium or small, is for senior managers and executives to know what are the dangers that threaten their organizations and the lexicon related.
A survey of business executives and leaders, as well as 4,123 cybersecurity managers distributed in more than 30 countries by Kaspersky, indicated that entrepreneurs do not understand basic digital security terminology.
According to the company, 98% of people who do not work in a technology-related area experienced some level of lack of knowledge on the subject.
This lack of communication occurs because workers who are experts in technology and security express themselves inappropriately or in terms that are not known.
Around 50% of inexperienced workers hide later doubts after a presentation on the subject and up to 22% of those surveyed affirm that they feel “ashamed to reveal that they do not understand the matter”. However, there are workers who do not consider it relevant to know more about cybersecurity. The study states that 17% of respondents who are not part of technology teams do not understand why it is important to discuss cybersecurity at work.
Other majority responses on information related to technology and network security by executives indicate that, although they have basic knowledge on the subject (51%), more than a third (40%) do consider that the workers of these fields should improve their communication to allow a better understanding among those who do not have experience in those issues.
On the other hand, the basic terminology used to identify cybersecurity risks was also addressed in the Kaspersky survey and it resulted that, even though in most cases the concepts can be explained to a certain level, there are a number of considerable number of people who have heard (or not) words such as: phishing (17%), ransomware (25%), malware (16%), trojan (17%), spyware (19%), among others that are common and that they don’t know what it means.
According to Sergey Zhuykov, solution architect at Kaspersky, it is necessary for companies’ Head of Information Security to focus on “clearly explaining exactly what the company is doing to minimize cybersecurity risks, as well as communicating clear metrics. This approach requires offering solutions instead of problems.”
Some recommendations to avoid situations of miscommunication or misunderstanding in the area are: – The cybersecurity team must explain in a simple way how the company can achieve its objectives by taking charge of the cybersecurity risks that may arise. – Explain what the main tasks of the cybersecurity team are and how their most relevant objectives are achieved. – Assign a cybersecurity budget that reduces vulnerability to possible risks, as well as being effective and generating metrics that highlight its importance.