Jeff Hancock, a professor at Stanford University and expert in social dynamics, said:
“Understanding how stress impacts behaviour is critical to improving cybersecurity. This year, people have had to deal with incredibly stressful situations and a lot of change. And when people are stressed, they tend to make mistakes or decisions they later regret. Sadly, hackers prey on this vulnerability. Businesses, therefore, need to educate employees on the ways a hacker might take advantage of their stress during these times, as well as the security incidents that can be caused by human error.”
The report also uncovers how age and gender play a role in people’s cybersecurity behaviours. For example, employees aged 18-30 were five times more likely than workers over 51 to have made a mistake that compromised their company’s cybersecurity. Men were also twice as likely as women to fall for phishing scams, with 34% of men saying they’d clicked on a phishing scam versus 17% of women.
Tim Sadler, CEO and co-founder of Tessian commented:
“Cybersecurity training needs to reflect the fact that different demographics use technology and respond to threats in different ways and that a one-size-fits-all approach to training won’t work. It is also unrealistic to expect every employee to spot a scam or make the right cybersecurity decision 100% of the time, especially during these uncertain times.
“To prevent simple mistakes from turning into serious security incidents, businesses must prioritise cybersecurity at the human layer. This requires understanding individual employees’ behaviours and using that insight to tailor training and policies to make safe cybersecurity practices truly resonate for each person.”
