According to the results of a test carried out using the Kaspersky Gamified Assessment Tool with 3,907 employees, only 11% of them demonstrated excellent skills in terms of cybersecurity awareness. The less skilled subjects made most of their errors when browsing the Internet.
Tribune – 90% of people overestimate their cybersecurity abilities, and it is on the basis of this observation that Kaspersky developed the Gamified Assessment Tool: not only to change employee behavior and raise awareness, but also to help managers of IT systems and human resources departments to measure the cyber-skills of employees and to offer their teams relevant educational tools.
During the test, employees are awarded points based on the decisions they make in common situation scenarios, whether working remotely (from home or on the go), or working in the office. They are then asked to assess whether their actions carry cyber risks, and how confident they are in their choices.
One in ten participants (11%) succeeded in obtaining a certificate of excellence, awarded to those who gave correct answers and obtained more than 90% correct answers. Most users (61%) scored “average”, with scores ranging from 82% to 90% of the points, while 28% of respondents demonstrated a lack of cybersecurity knowledge, recording scores below 75% positive responses.
Players should choose the green token if they think the scenario is safe, or the red token if they think it is risky. The number of tokens used indicates the degree of confidence they have in their answer.
The Gamified Assessment Tool covers six areas of security: passwords and accounts, email, Internet browsing, messaging and social networks, computer security and protection of mobile devices. Web-browsing issues pose the most problems for internet users, with less than a quarter of respondents (24%) having correctly defined the actions to be taken. Scenarios related to mobile devices were the least complex: 43% of employees made no mistakes in identifying the cyber risks involved in these scenarios.
“The Gamified Assessment Tool is part of the “mobilization” phase of our Security Awareness portfolio. The game precedes training in Kaspersky’s Automated Security Awareness Platform, allowing employees to better understand the value of cybersecurity training. The tool also allows organizations to determine which educational program best suits the specific needs of their employees. comments Alexander Lunev, Product Manager, Security Awareness & Academic Affairs at Kaspersky. “However, even if someone is getting the best possible result in the game, that doesn’t mean they don’t need additional advanced training, or refresher knowledge from time to time. Indeed, the methods of malicious agents can evolve, and a person’s alertness may fail. That’s why we also ensure that the learning and deepening modules offered in our product are interesting for all learners, regardless of their level. »
https://www.undernews.fr/reseau-securite/neuf-employes-sur-dix-ont-besoin-dune-formation-de-base-en-matiere-de-cybersecurite.html
