KnowBe4 Report Finds Overall Improvement in Security Culture Worldwide

Global findings from the 2022 Security Culture Report indicate that large organisations reported better attitudes and behaviours than smaller organisations regarding security culture, yet small organisations scored better on all other dimensions of security culture

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced that its research arm, KnowBe4 Research, has launched the 2022 Security Culture Report, which looked at trends in security culture for the first time, finding that security culture worldwide has improved overall.

Security culture is the ideas, customs and social behaviours of an organisation that influence their security. The 2022 KnowBe4 Security Culture Report looked at the seven different dimensions of security culture (Attitudes, Behaviors, Cognition, Communication, Compliance, Norms and Responsibilities) across regions and industries worldwide.

Key findings from the report include:

• In Africa, there is a tradition and interest in security culture, especially in South Africa, where a higher level of security culture was achieved.
• In Asia, a wide variation of security culture scores across nations exists. While Japan is doing reasonably well, countries like Malaysia and Indonesia show an alarmingly low security culture index score.
• In Europe, both Sweden and Ireland are often considered as technologically advanced. Along with these two countries, Italy and Bulgaria also had higher security culture scores.
• In the USA, differences in security culture exist based on organisational size, where small organisations are outperforming larger organisations. 
• Security culture in Oceania is showing that Australia and New Zealand are quite different from each other, and neither is doing particularly well.
• Central and South America are now beginning to measure security culture, with more countries from these regions added every year.

“Security culture involves how people think about and approach a more secure environment and this report focuses on those key elements,” said Perry Carpenter, chief evangelist and strategy officer, KnowBe4. “In the new trend data, which looked at security culture over the last two to three years, security culture has improved across regions and industries overall. This was the most promising finding from our research and emphasizes that security culture should be viewed as a critical asset used to reduce risk and improve security. Further, KnowBe4’s recommendations for continuous security awareness training and simulated phishing assessments as well as measurement tools the organisation offers such as the Security Culture Survey are contributing toward creating a stronger security culture across the globe.”

The 2022 Security Culture Report includes responses from more than 257,000 employees in 1,456 organisations around the world who are also KnowBe4 customers and have completed the Security Culture Survey. To download the 2022 KnowBe4 Security Culture Report, visit https://www.knowbe4.com/organizational-cyber-security-culture-research-report.