4 in 10 organizations punish staff for cybersecurity errors


New research has found that 42% of organizations are taking disciplinary action against staff who make cybersecurity errors.

To examine the prevalence of punishment in businesses and the impact of this on staff, a team of researchers led by Dr John Blythe, Head of Behavioral Science at CybSafe, conducted a survey of cybersecurity awareness professionals as well as an experimental lab study, designed to mimic real-world outcomes when employees click simulated phishing emails.

The survey found that punishment continues to be a popular tool amongst UK businesses. Punishments range in severity and are often directed at those who “fail” phishing simulations: