Enterprise workers want more transparency around cybersecurity
The nature of cybersecurity is such that much of the work goes on in the background. People notice when there's a problem but not when there isn't.
A new report from CybSafe shows that 31 percent of enterprise workers in the US and UK would like to see more transparency around what the cybersecurity team does.
The research finds that 26 percent of employees surveyed report that cybersecurity systems are sometimes slow or block progress. 25 percent see cybersecurity teams as intrusive and 24 percent feel teams have previously hindered personal work objectives. In addition, 28 percent see cyber staff as secretive and removed from daily operations.
Dr. Jason Nurse, CybSafe's director of science and research, says, "The views expressed by enterprise workers show people want to take responsibility and be part of the solution. However, companies need to equip them, which involves properly engaging people while measuring the impact of actions on the behaviors that reduce organizational risk. People don't want faceless, generic communications, but security narratives personalized and tailored to individual contexts and protocols, ultimately becoming supportive rather than restrictive."
As well as wanting increased policy transparency, 41 percent would like more real-life cybersecurity examples that translate protocols into tangible work contexts, suggesting a need to map security threats into the daily lives of workers.
Among other findings, only 15 percent see cybersecurity as underfunded at their organizations, yet 45 percent want mandatory cyber training for all team members, and 27 percent cite their current education as ineffective in providing applicable, timely guidance.
CybSafe's CEO, Oz Alashe, says:
While most appreciate the important work cyber teams at enterprise organizations do, it’s essential to reflect on gaps hampering communication with the wider workforce. People want better resourcing and more empowering, personalized assistance to help improve organizational security.
While communication of any kind can be difficult in larger corporations, those who can develop a frictionless and accessible way to engage their workforce in cybersecurity practices can significantly enhance their organization's resilience to cyber threats.
The full report is available on the CybSafe site.
Image credit: sdecoret/depositphotos.com