Digital connectivity is the undisputed King of Commerce these days. With the massive amount of business conducted through cyberspace, underestimating the importance of cybersecurity is a fatal flaw. The threat matrix advances every bit as fast as technology.

All too often, what leaves us most at risk of a cyberattack or online scam are our own actions – or lack thereof. Risky behaviors include weak passwords, lax security policies, and the false security of thinking “It won’t happen to me. We’re too small.” That thinking is exactly why human error is the cause of approximately 88% of data breaches.

The NCA (National Cybersecurity Alliance) and the risk management platform CybSafe are working together to correct poor cyber hygiene. Each year, the duo publishes a report on cybersecurity attitudes and behaviors, with the goal of educating both consumers and businesses on how to better secure their digital landscapes.

This year, the study surveyed over 6,000 people across the U.S., Canada, the U.K., Germany, France, and New Zealand. The survey asked about several things, including knowledge of cybersecurity risks, security best practices, and challenges faced.

Some truly some eye-opening insights are revealed in the report, including how people perceive and respond to cyber threats as well as what they can do to improve their cybersecurity posture.


Here are some of the key findings from the report:

We Are All Very Much Online

It certainly comes as no surprise that 93% of the study participants are online daily. The rate at which we create logins continues to expand, as well as those considered ‘sensitive. Sensitive accounts hold personal information that could be harmful if stolen.

Almost half (47%) of the study’s respondents have ten or more sensitive online accounts, which amplifies the risk, especially if people are using the same password for two or more of those accounts.

Online Security Can Be Frustrating

Online security is a priority to most people (84%), but as many as 39% feel frustrated, and nearly the same amount feels intimidated. While it may occasionally feel like you just can’t get ahead of the hackers, a little more than half of the people surveyed thought digital security was under their control. BUT: that still leaves a whole lot of folks that don’t think so.

Do NOT let that be a reason to let down your defenses and become an easy target. There are best practices you can put in place to safeguard your online accounts that work, including:

Enabling multi-factor authentication on your accounts

Using an email spam filter to catch phishing emails

Adding a DNS filter to block malicious websites

Using strong password best practices

Give Your Staff Access to Security Awareness Training

The absolute BEST way to reduce human errors associated with through ongoing Security Awareness Training, yet the survey found that just 26% of respondents had access to this critical training.

It also broke this down by employment status. We see that those not actively employed are most lacking. Which is not to say that those employed can use more training access and encouragement. Just 53% report having access to security awareness training - and taking advantage of it.

Security Awareness Training is the single most way employers can significantly reduce their risk of falling victim to a data breach. Business owners and managers need to not only beef it up but make it mandatory.

Cybercrime is Always Increasing

Every year sees more cybercrime than the year before. Over a quarter (27%) of survey participants said they had been a victim of cybercrime.

The most common types of cybercrimes reported include:

Phishing (47%)

Online dating scams (27%)

Identity theft (26%)

Of all the generations, Millennials reported the most cybercrime incidents. It may seem to defy logic, but Baby Boomers and the Silent Generation reported the fewest.

Best Practices to Reduce Your Risk Online

1) Create Strong, Unique Passwords:

Start with the basics. Create strong, unique passwords for each online account.

Take heed of our helpful tips HERE.

2) Institute Multi-Factor Authentication (MFA):

MFA gives your account security a huge boost by adding an extra barrier to unauthorized access, even if you have weak or compromised passwords.

3) Perform Regular Software Updates:

This is crucial. Keep all your software, including operating systems and mobile apps, up to date with the most security patches.

4) Learn to Spot and Avoid Phishing Attacks:

Always exercise caution when clicking on links or opening attachments, especially in emails from unknown sources.

Verify the legitimacy of emails and websites. Check for subtle signs, such as misspelled URLs or email addresses or unfamiliar sender addresses. Know what suffixes are correct. Anything coming from the government, like the IRS or the Social Security Administration will ONLY end with ‘.gov/’ – nothing else.

5) Use Only Secure Wi-Fi Networks:

Make sure that you and your employees only connect to secure and password-protected Wi-Fi networks.

Avoid using public Wi-Fi for sensitive transactions, but if you must, then protect yourself by using a Virtual Private Network (VPN).

6) Backup Your Data:

Bluntly stated, anyone who fails to do this a fool who’s just waiting for the day when their business implodes. Regularly back up important data to an external device or a secure cloud service.

7) Enable Antivirus and Anti-Malware Software:

Install reputable antivirus (AV) and anti-malware software on all devices and perform regular scans of your systems for potential threats.

8) Be Careful with Social Media Settings:

Cybercrooks highly value the weaknesses that abound in social media. Review and adjust your privacy settings on social media platforms.

Always limit the amount of personal information visible to the public.

9) Keep Your Personal Devices Secure:

Lock your devices with strong passwords or biometric authentication.

10) Stay Informed and Educated:

Again, use regular, ongoing Security Awareness Training to keep yourself and your team educated and informed about new threats. This goes a long way in fostering a culture of vigilance and preparedness.

Frequently Asked Questions

What are the benefits of security awareness program?

Security awareness training can help organizations reduce the risk of data breaches, malware infections, phishing attempts, and other malicious activities.

For more specifics, ‘CybSafe’ goes into greater detail HERE.

How often should security awareness training be conducted?

Most experts tend to agree that training should occur about two to three times per year — or about every four to six months. Keep it fresh in your employees’ minds.

What is the difference between 2FA and MFA?

MFA uses multiple levels of authentication, starting with the password. 2FA only requires one extra step after the password - usually an identifying question. MFA provides much better login protection.

How do I find my MFA settings?

For Microsoft Azure users, you can access service settings from the Azure portal by going to ‘Azure Active Directory > Security > Multifactor authentication > Getting started > Configure > Additional cloud-based MFA settings.’ A window or tab opens with additional service settings options.

How secure is your network?

As a reputable member of the IT Support Los Angeles community since 2002, IT Support LA offers a FREE, no-risk network and security assessment. It is a non-intrusive scan that allows us to deliver a comprehensive report that is yours to keep. No strings, and no obligation to ever use our Managed IT Services.

The best defenses are expert Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider to ensure continued reliability and defenses against newly emerging threats.

With our 100% Money Back Guarantee in writing, we offer a risk-free way for prospective clients to try us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.

Among the Managed IT services we provide:

IT HelpDesk Service
Onsite IT Support
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)

IT Support LA is an award-winning Managed Services Provider (MSP):
o  3 Years awarded Best IT by the Small Business Expo
o  Awarded 2nd best company of any type in the US by the Small Business Expo SB100
o  Awarded Best IT in California by Channel Futures
o  Winner of Best IT in Los Angeles by Channel Futures
o  Listed as one of the world’s Top 501 MSPs by CRN and in the top 250 in the ‘Pioneer’ listing
o  4 years listed as one of the Top 501 MSPs in the World by Channel Futures
o  Listed as #21 MSP in the World in Channel Futures NextGen 101
o  Globee 2021 Bronze Award winner for Chief Technology Officer of the Year
o  Globee 2022 Gold Award winner for Chief Technology Officer of the Year
o  Named one of 2022’s 50 ‘Best’ businesses in California by UpCity
o  Named one of 2023’s 50 ‘Best’ businesses in California by UpCity
o  Named Best of IT Services winner by UpCity
o  Winner of Local Excellence Award for 2021, 2022 and 2023 by UpCity
o  Named Best of Cloud Consulting winner by UpCity
o  Certified as Top Managed Services Provider and Cybersecurity Pro by UpCity
o  Named Best IT Support in Los Angeles by

Schedule a Security Upgrade Assessment

How strong are your digital defenses against sophisticated threats? The bad guys are using AI. This means more dangerous phishing and network attacks. Need some help assessing your strength?

We can help you incorporate AI-based protection and fortify your network from attacks, so give us a call today to schedule a chat and schedule your FREE network and security assessment.