"4 in 10 Organizations Punish Staff For Cybersecurity Errors"

To examine the prevalence of punishment in businesses and the impact of this on staff, a team of researchers led by Dr. John Blythe, Head of Behavioral Science at CybSafe, conducted a survey of cybersecurity awareness professionals as well as an experimental lab study, designed to mimic real-world outcomes when employees click simulated phishing emails.  The researchers found that 42% of the organizations surveyed take disciplinary action against staff who make cybersecurity errors.  In UK businesses, punishments range in severity and are often directed at those who “fail” phishing simulations: 15% of organizations name and shame employees, 33% of organizations decrease access privileges, 63% inform employees’ line managers, and 17% lock employee’s computers until appropriate training has been completed.

Help Net Security reports: "4 in 10 Organizations Punish Staff For Cybersecurity Errors"

Submitted by Anonymous on