Research from ramsac, a leading cybersecurity support firm, has found that over 30% of UK adults couldn’t pass a cybersecurity test for 11-year-olds. By posing five simple questions that are part of the UK’s 11-14-year-olds curriculum, it was found that only 68% of responders answered all five correctly.
ramsac asked those visiting their website to answer the following five multiple choice questions:
- Which of the following helps to safeguard against phishing?
- What is malware?
- If you left your phone with work information in a public place, what should you do?
- Outside your workplace, you find a USB stick, what would you do next?
- Which URL(s) would you use to log in to Facebook with?
ramsac then collated and analysed the results to understand where the weak gaps in our human firewall, a term used to describe the human aspect of cybersecurity, exist.
Interestingly, most adults (21%) got the question on what helps to safeguard against phishing wrong, showing a clear gap in our understanding of our responsibility to prevent cyberattacks. Phishing attacks are prevented by not clicking on links from suspicious emails. While a firewall and antivirus software can detect that suspicious activity has happened, the best way to prevent a phishing attack is through not clicking or engaging with a suspect email.
In an age where data breaches and hacks are becoming all the more prevalent, it’s essential that everyone with access to the internet is aware of how to prevent and spot cyberattacks. Adults, who often have access to greater funds and potentially valuable and sensitive company information, aren’t exempt from this, and regular cybersecurity training and reminders are essential to protect them and their employer from cyber threats.
In order to help form a stronger human firewall businesses need to:
- Invest in regular cybersecurity training and testing: Having a policy document that’s read once isn’t going to cut it in 2024. Instead, businesses need to provide regular cybersecurity training that ensures people can accurately identify and respond to a wide variety of threats. Phishing simulation tests can be a fantastic way to mimic real-world scenarios and help you spot weaknesses in your human firewall.
- An open communication around cybersecurity: Companies that encourage people to ask questions and challenge anything suspicious without fear will be more resilient when it comes to potential cyberattacks.
- Regular patching and updates: One of the things that your IT team can do is to ensure patches and updates are tested and applied regularly. These help to reduce the risks of known vulnerabilities in systems from being penetrated.
Rob May, Founder and Executive Chairman of ramsac, said of these findings “It’s deeply concerning that so many UK adults are less cyber-savvy than an 11-year-old. The basics of cybersecurity – like recognising phishing attempts or knowing not to trust an unknown USB stick – aren’t just technical details; they’re essential life skills in our digital world. In the same way we teach children to look both ways before crossing the road, we must instil a sense of cyber awareness in everyone. At ramsac, we see first-hand how even the most basic gaps in understanding can lead to costly breaches. This isn’t just an IT issue; it’s about keeping individuals and organisations safe in an increasingly connected world.”