The Information Systems Audit and Control Association (ISACA) released a study on Tuesday with findings that more than half of United Kingdom office workers say their employers have provided no cyber awareness training.
The study, entitled “2016 Cyber Security Perceptions,” surveyed more than 2,000 U.K. online consumers regarding the issue of cybersecurity.
More than one-third of respondents said that they could not confidently define a phishing attack, a scam in which someone poses as a reputable organization in email to solicit private information. One in five respondents have personally fallen prey to phishing emails.
Additionally, one in three respondents said that they preferred a faster connection compared to a secure one.
“It is critically important that we create awareness in cybersecurity and in multiple roles within an organization,” Christos Dimitriadis, chair of ISACA’s board of directors, said. “The human factor is critical when creating cybersecurity capability, and education based on practical guidance is key to reducing the related business risks.”
Additional findings include that 14 percent of respondents have used easy-to-guess passwords to save time, 16 percent have shared their passwords with others, 15 percent have used a USB stick that wasn’t theirs and 11 percent skipped the opportunity to use multi-factor authentication because it wasn’t convenient.
Despite these findings, a majority of respondents are confident in their own abilities to protect their own sensitive data.