Kenna Security quizzed 1,200 employees on basic cyber security knowledge.
Of the respondents who got all the questions wrong 74% said they felt safe from cyber attacks. None of those who got all the questions right said they felt safe.
The surveyors attribute this to the Dunning-Kruger effect. A theory that people with little knowledge in a topic tend to overestimate their ability in that area.
Those surveyed varied in age and industry but all used computers for most of their work. In total, 61% of the respondents failed the test, yet 69% of them said they had received cyber security training.
This is all rather dispiriting for those tasked with changing behaviours and mindsets to protect their organisations. For instance, as many respondents (26%) were storing passwords on paper (a bad idea) as were using (27%) a password manager (a recognised best practice).
If you want to put yourself to the test and see if you think the questions are a fair assessment you can find them (and the answers – no cheating!) here.