Top 10 Risky Behaviours of Employees

With data from its SecurityCoach product, KnowBe4 has revealed the top 10 risky behaviours that employees have engaged in on their work devices.

SecurityCoach helps IT/security professionals to develop a strong security culture by enabling real-time security coaching of their users in response to risky security behaviour. Leveraging an organisation’s existing security stack, IT/security professionals can configure their real-time coaching campaigns to immediately deliver a SecurityTip to their users related to a detected event.

The findings from the top 10 risky behaviours of employees that organisations have detected by integrating SecurityCoach with their existing security offerings include:

1. Entertainment domain/streaming services
2. Gaming website
3. Greymail
4. Adult website
5. Unauthorised or malicious application
6. Risky website detected
7. Unauthorised removable media
8. Sharing of personal identifiable information (PII)
9. Cloud backup or cloud storage
10. Malicious email attachment opened

The human factor is involved in 82% of data breaches, according to the 2022 Verizon Data Breach Investigations Report. However, according to IDC, less than 3% of IT spending is allocated to help secure the human layer.

“With the proliferation of social engineering attacks, employees continue to be the biggest risk factor,” said Stu Sjouwerman, CEO, KnowBe4. “However, with proper training and coaching, they can become a human firewall and your last line of defence. These findings from our new SecurityCoach product are definitely concerning and reiterate the importance of developing a strong security culture.”