Fewer than half understand their data breach reporting requirements – More than a quarter think technology will keep them safe
22 March 2023: KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced new research which has found almost than three in five (59 percent) IT decision-makers feel the government should be doing more to protect Kiwi businesses from cyber attacks.
In addition, fewer than half (45 percent) of Kiwi IT decision-makers say they are confident they understand their organisation’s responsibilities regarding government reporting of cyber incidents and data breaches.
Jacqueline Jayne, Security Awareness Advocate for APAC at KnowBe4, says: “It is clear from our research that Kiwi IT leaders and businesses are not feeling supported by the government when it comes to security issues. There is more education required for those in IT about their obligations and commitments, but also for the general public about how to stay safe online both at home and at work.”
Things that IT decision-makers believe the government should be doing include:
Providing more education and awareness to all our citizens about the cyber risks and how to stay safe online (37 percent)
Providing more training for Kiwi businesses on cyber risks (24 percent)
Providing more funding for Kiwi businesses for cyber protection (20 percent)
Who is responsible?
Jayne continues: “The reality is that cyber threats are so pervasive that keeping individuals and businesses safe requires a combined effort from the government, business leaders, IT departments and employees alike. There is no panacea or magic technology solution that will protect your business. Everyone needs to be educated about potential threats and how to avoid them.”
Worryingly, only 38 percent of New Zealand’s IT decision-makers believe that it is everyone’s responsibility to protect the organisation from cyber attacks.
37 percent believe it is the IT department’s responsibility
23 percent believe it is the government’s responsibility
21 percent believe it is the employee’s responsibility
One in three (30 percent) say technology should be protecting the organisation from cyber attacks
The employee view:
Given the IT department’s lack of clarity, it is unsurprising that employees are also unaware of who is responsible for cybersecurity. Half (52 percent) of Kiwi office workers believe that it is everyone’s responsibility to protect the organisation from cyber attacks, however:
19 percent believe that it is the IT department’s responsibility
14 percent believe that it is the employee’s responsibility
10 percent believe that it is the government’s responsibility
One in five (21 percent) say there is technology that should be protecting the organisation from cyber attacks
For more information on KnowBe4, visit www.knowbe4.com.
Research methodology:
This study was conducted online between the 30th November – 6th December 2022. The sample comprised of 1,016 New Zealand office workers (any industry) and 218 New Zealand IT decision makers (any industry). YouGov designed the questionnaire. Following the completion of interviewing, the office workers data was weighted by age, gender and region to reflect the latest population estimates in New Zealand.
About KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 56,000 organisations around the globe. Founded by IT and data security specialist, Stu Sjouwerman, KnowBe4 helps organisations address the human element of security by raising awareness about ransomware, CEO fraud, and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognised cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organisations rely on KnowBe4 to mobilise their end users as their last line of defence.