This year, Tessian released four research reports, covering topics like the cybersecurity skills gap, social engineering, insider threats, and remote-working.
Now, looking back on the year, we wanted to highlight some of the most relevant insights for security leaders and the larger industry.
If you want more information about any individual insight, download the full report or check out the other suggested resources listed throughout.
If the number of women working in cybersecurity rose to equal that of men, we’d see a $30.4 billion boost to the industry’s economic contribution in the US and a £12.6 billion boost in the UK.
66% of women agree there is a gender bias problem in the cybersecurity industry.
51% of women say that a more accurate representation of the industry in the media would encourage new entrants.
“People hear 'cybersecurity' and think of hackers in hoodies. That's a bit of a caricature, maybe with some legitimacy to it - and that was even part of my own experience - but that's no all there is. ”
93% of women in cybersecurity feel secure in their roles.
In addition to surveying hundreds of women currently working in cybersecurity, we also interviewed over a dozen female practitioners with titles ranging from CISO to backend Python engineer. Read their profiles here.
Employees exfiltrate data on email 38x more than IT leaders estimate.
91% of IT leaders trust their employees to follow safe data practices while working from home….but nearly half (48%) of employees say they’re less likely to follow safe data practices when working from home.
IT leaders say that the #1 consequence of a data breach is lost customers/lost customer trust.
At least 800 emails are sent to the wrong person every year in organizations with 1,000+ employees.
43% of people have made mistakes at work that compromise cybersecurity…
“Understanding how stress impacts behavior is critical to improving cybersecurity. The events of 2020 have meant that people have had to deal with incredibly stressful situations. And when people are stressed, they tend to make mistakes or decisions they later regret. Sadly, hackers prey on this vulnerability. ”
And younger workers are 5x times more likely to make such mistakes.
A third of workers (33%) rarely or never think about cybersecurity when at work.
58% have sent an email to the wrong person at work, and 1/5 companies have lost a customer following a misdirected email.
Wondering why people make mistakes? Jeff Hancock, Professor of Communication at Stanford University and contributor to this report, discusses the psychology of human error in this panel discussion: Why People Fall for Social Engineering in a Crisis.
Phishing was the leading cause of security incidents when employees worked remotely (and email traffic increased by 129% at the start of lockdown).
75% of IT decision makers believe the future of work will be “remote” or “hybrid”.
78% of IT decision makers believe their company is at greater risk of insider threats when employees work remotely.
To learn more about the challenges security and IT leaders will have to overcome in hybrid-remote environments, read this article: 7 Concerns IT Leaders Have About Permanent Remote Working.