When it comes to knowledge of basic skills that when deployed can greatly reduce risk of a cyber attack, the U.S. is lacking, according to a new study by Oliver Wyman.
The study ranked 50 countries on their cyber risk literacy and available cyber risk education and training, ranking the U.S. in tenth place overall.
With the sudden influx of employees across industries working from home, would-be cyberattackers have found a target-rich environment, so the revelation the U.S. is lagging other nations in cyber literacy is significant.
Data and secure communications that was once kept safely within the walls of an organization's VPN are now passing through commercially available home network products that may not offer the same level of protection. Knowing what extra steps can be taken to avoid a breach should be a fundamental part of training for any remote worker.
"Cyberattacks are now one of the fastest growing crimes globally and are expected to cost organizations more than $600 billion a year by 2021," says Paul Mee of the Oliver Wyman Forum. "The situation has become even more pressing during the pandemic as our reliance on the internet has grown. Yet many citizens still lack the basic skills to keep themselves, their communities, and their employers safe."
In spite of this new high-threat environment, 64% of Americans have never checked if their data has been breached, and 56% don't know what to do if they've become the victims of a breach, according to the report.
The study found that cyber risk education often starts too late, and lacks standardization, assessment goals, and reinforcement. Generally the report found employers were better at promoting cyber risk education than governments.
The top 5 ranking countries in the study were Switzerland, Singapore, the UK, Australia, and the Netherlands, all of which have integrated cyber risk literacy directly into government policy and education, starting with the elementary school level.
Most countries ranked outside the top 5 did not have the same comprehensive national cyber risk literacy strategy, and typically have not integrated the education into school curricula.
Here were the U.S. rankings in the specific areas the study looked at, out of 50 countries surveyed:
- Government Policy – 36th
- Technological and Educational Inclusivity – 29th
- Public Motivation to Reduce Risk – 4th
- How Well Cyber Risk is Addressed in the Educational System – 6th
- How Well Businesses are Upskilling Their Employees – 10th
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.