
May 29th, 2023
How do you perceive your part in your organization’s information security?
“I have an important role in the secure handling of information within my organization.” A statement from our Security Awareness Culture Scan that measures, analyzes and increases information security maturity within an organization. But to what extent do employees actually feel that they as individuals play a role in their organization’s information security? We dove into our statistics to find an answer.
How do employees view their own part in keeping their organization’s information safe?
We asked 42,000 employees from various organizations whether they themselves feel they have an important role in securely handling information within their organization. The statistics show that 4 out of 5 employees feel they indeed have an important role in information security. That’s a positive statistic. But when we dive deeper into those numbers, we see that there are big differences based on company type and size.
We divided these organizations into small, medium and large companies based on the number of employees (<750, 751-2500 and >2,500, respectively). We also distinguished between multinational, government and Dutch companies.
In large organizations, employees feel that they play a slightly less important role compared to employees of small organizations. At multinationals, we see that as few as 1 in 22 feel they have no important role compared to 1 in 9 in Dutch organizations and governments.
…

How your sense of influence
affects actual behavior
When you feel that you yourself have influence over a situation, it tends to be a predictor of showing the related behavior. When a portion of an organization’s employees experience that they themselves have no influence over something, they are unlikely to exhibit the appropriate behavior there.
One possible explanation is that there is more performance pressure in larger organizations and multinationals than in small organizations and governments. Our tip to organizations is to identify which employees feel they do not play an important role in securely handling information, and to find out what their arguments are for that particular stance.
Emphasizing an individual’s impact
At Awareways, we believe that as an employee, you have a very important role in the secure handling of information. Within any organization, you can emphasize that role through examples and case studies. Tom van Ruitenbeek, program manager at Awareways:
“Take phishing as an example. An IT department cannot stop all e-mails from malicious parties with technical measures alone. So, you as an employee play a crucial part. Suppose such an e-mail ends up in your inbox and you click on a wrong link, it can have consequences for the entire organization. But I prefer to turn it around: if you as an employee report that e-mail to Security, you can stop the attack and keep your entire organization safe!”
Curious about what the attitudes and behaviors of employees within your organization are regarding information security? The Awareways Culture Scan shows the current level of information awareness within each organization. At the same time, it challenges employees to reflect on their personal knowledge and behavior, which in effect makes participation in the scan an intervention in and of itself. Moreover, it offers not only practical results, but also practicable points of attention for a targeted follow-up program.
Get in touch!
Would you like to know more about our vision or approach, or are you curious about other information? Then feel free to contact us!
Awareways
Euclideslaan 141 3584 BR Utrecht
+31 (0)30 227 14 67
info@awareways.com
