Despite the majority of consumers being afraid of having their personal data compromised by a breach, employees are still continuing to engage in risky behavior.
Despite the majority of consumers being afraid of having their personal data compromised by a breach, employees are still continuing to engage in risky behavior.

Despite the majority of consumers being afraid of having their personal data compromised by a breach, employees are still continuing to engage in risky behavior.

OpenVPN surveyed 500 U.S. full-time employees about their cybersecurity habits to pinpoint areas of weakness that could potentially harm their organization and found 25 percent of them reuse the same password for everything while 23 percent admit to very frequently clicking on links before verifying they lead to a website they intended to visit.

Regardless of the advancements in cybersecurity training researchers found employees are by and large creating passwords they can easily remember, resulting in weak security that hackers can bypass with brute force attacks. 

The weaknesses are then passed on to other networks creating more vulnerabilities when individuals use those same weak password to protect multiple portals such as their bank account, email, and social media, risking both their personal and work information.

While biometric passwords help combat these threats, user adoption is still lagging as only 55 percent of employees use biometric passwords despite 77 percent of employees trusting biometric passwords, and 62 percent believe they are stronger than traditional alphanumeric codes.

“Cybersecurity issues won't go away, and the onus is on employers to teach their employees good cyber habits and protect themselves and business operations from malicious actors,” Francis Dinha, CEO of OpenVPN, said. “Simply telling people to avoid visiting infected websites isn't enough — more than half (57 percent) of Millennials — the largest group in the workforce now — admit to frequently clicking on links before verifying they lead to a website they were intending to visit.”

Dinha added that a holistic security education and cyber hygiene program will be required to address these issues along with clear communication and tips to help employees develop good cyber habits.

Many consumers also practice poor cybersecurity as they feel they won't ever be affected by an attack.