Who cares about cybersecurity awareness month?
We asked a thousand users. Here’s what they said…
1/4
of respondents are aware of Cybersecurity Awareness Month
60%
of the people who do not participate in CAM think their organization sees cybersecurity as unimportant
80%
of participants are concerned with personal protection
Who cares?
It’s June 2024, and cybersecurity professionals everywhere are gearing up for Cybersecurity Awareness Month (CAM).
As organizations prepare, we wanted to understand:
Do users know (and care) about Cybersecurity Awareness Month?
How impactful is Cybersecurity Awareness Month in positively changing security behaviors?
For those who participate, what works, and what doesn’t?
And which activities and topics workers the most?
We asked 1,000 US and UK professionals, to understand what they think of, and how they engage with, Cybersecurity Awareness Month. Some interesting trends have emerged…
You’ll find the key insights on this page. And you can download the full dataset…here! 👇
Access the full study insights to discover who cares about cybersecurity awareness month.
Only 1 in 4 workers aware of Cybersecurity Awareness Month
STAT: 23% of respondents are aware of Cybersecurity Awareness Month
If you’re on this page, you probably have October marked in your calendar as Cybersecurity Awareness Month. But not everyone does…
Our survey revealed less than a quarter (23%) of respondents are aware of Cybersecurity Awareness Month. Among those, fewer than half (42%) know it takes place in October. Additionally, only 15% of respondents said they believe their organization actively engages employees with activities and information during this month.
People have busy lives and can’t keep track of every initiative. However, this data highlights how few people are knowledgeable of Cybersecurity Awareness Month.
Are you aware there is a designated Cybersecurity Awareness Month?
Does your organization actively engage in activities during Cybersecurity Awareness Month?
Do you feel your organization sees cybersecurity as an important issue?
…Actions speak louder
STAT: 60% of the people who do not participate in CAM think their organization sees cybersecurity as unimportant
The most striking difference between organizations who participate in Cybersecurity Awareness Month, and those who don’t, is how their workers perceive their organization cares about cybersecurity.
Employees are more likely to share their organization’s values on cybersecurity if they see active participation in Cybersecurity Awareness Month. In other words, actions speak louder than words.
Organizations that engage their workforce during Cybersecurity Awareness Month are more likely to foster a security-conscious staff.
Access the full study insights to discover who cares about cybersecurity awareness month.
Security behavior improvements are linked to Cybersecurity Awareness Month participation
STAT: 79.5 % of respondants who participate in CAM believe their organization’s participation in CAM would improve security behaviors within the organization
Workers from organizations who participate are more likely to report on the positive impact of Cybersecurity Awareness Month, than those who don’t participate.
What’s even more interesting than the impact of the initiative, however, is what motivates/would motivate workers to participate.
Do you think your organization’s participation in Cybersecurity Awareness Month would improve security behaviors within the organization?
What motivates/would motivate you to participate in Cybersecurity Awareness Month?
Shared effort, shared success
STAT: 80% of participants are concerned with personal protection
Respondents who hadn’t participated in Cybersecurity Awareness Month tended to view cybersecurity from a personal perspective, with 76% motivated by personal data protection, and 55% concerned with organizational data protection.
However, those who had participated showed a broader perspective. While 80% were concerned with personal protection, nearly as many (76%) were motivated by protecting the organization’s information, highlighting a stronger sense of communal responsibility.
Additionally, over half (56%) of participants were motivated by compliance with company policy, and half were driven by a desire to excel in their roles. This broader desire to protect not only themselves, but also their organization, was significantly more common among participants, suggesting that Cybersecurity Awareness Month effectively grows a positive security culture in the workplace.
Jason Nurse, Director of Science and Research at CybSafe,
“It’s fascinating to see the positive impact Cybersecurity Awareness Month has on employee perspectives, as well as their increased sense of community and responsibility. What stands out to me, in particular, is the types of activities workers want to engage with on cybersecurity issues. Security professionals have a responsibility to humanize cybersecurity, communicating it through channels and topics that engage a workforce eager to be part of the solution.”
“For any organization preparing for October, this data serves as a cheat sheet to better understand what your employees want. Cybersecurity Awareness Month is clearly having a very positive influence. Now, we need more organizations to get involved!”
Get the complete dataset for detailed insight into:
What types of activities do workers find most/least useful when learning about cybersecurity?
What cybersecurity behaviors are people most eager to improve?
What would motivate employees to get more involved in Cybersecurity Awareness Month?
Access full study now
Biographies
Dr Jason Nurse
Director of Science and Research, CybSafe
Dr Jason Nurse is the Director of Science and Research at CybSafe, and he is also an Associate Professor in Cyber Security at the University of Kent.
At CybSafe, Dr Nurse leads a team of behavioral scientists and researchers responsible for ensuring that the company’s product is grounded in scientific evidence and empowers users to make smarter security decisions and build better habits.
Jason has spoken at venues across the world, and has contributed to (or featured in) mainstream media such as the Wall Street Journal, The BBC, Newsweek and Wired. Prior to CybSafe, Dr Nurse has engaged in research into human cyber risk, security behaviors, and cyber psychology, at the Universities of Oxford and Warwick; with his PhD specifically focused on organizational cyber security.