Only 4% of IT decision makers in Singapore can correctly identify phishing SMS and email messages. Despite the apparent lack of judgment, 47% are not concerned about the risk of phishing attacks on their organization.
About 32% of these IT leaders used their work phones for personal activities, and more than 18% of employees did, according to a survey commissioned by KnowBe4, which provides training in security awareness. Chief hacking officer and reformed hacker Kevin Mitnick designed the American supplier’s training modules.
The survey further found that 53% of IT decision makers in Singapore were concerned about phishing as a risk to their organization, while 40% expressed similar concerns about corporate email attacks. The online survey, conducted by YouGov last December, surveyed 200 IT decision-makers and 1,012 employees in the city-state.
An additional 36% of IT decision makers used their corporate email for personal activities, compared to 29% of office workers.
Additionally, 51% of IT leaders expressed confidence in the steps to take following a cybersecurity incident or data breach in their organization.
And while 54% believed employees in their organization understood the business impact of cybersecurity breaches, 43% believed their staff could identify phishing and corporate email attacks. Another 40% believed that their employees would report emails they deemed suspicious.
Jacqueline Jayne, KnowBe4’s Asia-Pacific advocacy group, said: “If those charged with securing a business are unaware of the risks and are unable to send scam email and text messages, identify, their organizations are at significant risk… If those responsible for security are not aware of best practices, they will not be able to educate and train employees.”
Jayne noted that employees are more likely to fall for phishing scams if they use their business email for personal activities, such as shopping online. “Having a clear separation between work and personal activities makes it much easier to tell when an email is a scam — if you know you never shop online with your business email address, then you don’t really know that Amazon email is a scam. could be,” she says. said.
Singapore’s Anti-Scam Center received more than 23,800 reports last year, with losses totaling nearly SG$520 million. More than 12,600 bank accounts were frozen and SG$102 million recovered.
The KnowBe4 survey found that 88% of IT decision makers in Singapore planned to spend more on cybersecurity this year, with 65% saying such investments would go toward cybersecurity awareness training. Another 57% planned to spend their spending on cybersecurity tools, while 55% would invest in infrastructure and 55% in cybersecurity insurance.