Less than 30% of companies prepare employees for LGPD

This is sponsored content.

Eskive research in partnership with Flipside reveals the security scenario and the need to adapt to LGPD. Check out!

The human factor is the main vulnerability in the corporate environment and 70% of companies are not concerned with training their employees to work in compliance with the General Data Protection Law (LGPD), which is already in effect. These results are from 5th National Eskive Survey on Information Security Awareness.

According to the study, although 66% of companies devote up to 25% of all security team time to awareness programs, only 29% of companies have programs to raise awareness about the importance of data and to work in compliance with the LGPD. The survey also reveals an increase of 11%, which is considered low, in the support of top management in this type of initiative.

According to Priscila Meyer, Eskive’s CEO, despite the growth, the effort to ensure the maturation of an awareness program remains low. “Human factors play a significant role in protecting the company’s business, image and strategy. Despite the support from the top management having increased, a more aware leadership is expected regarding the prioritization of investments in security awareness training ”, highlights the executive.

The study was carried out in partnership with Flipside, events company and corporate awareness in information security and has testimonials from 300 security professionals from companies in 26 different areas.

The results

The most relevant information security threats include the growth of phishing attacks (9%) inappropriate use of professional email (16%), the use of workgroups in instant messaging applications (4%), visits to malicious sites (11%) and undue sharing on social networks (3%).

According to the executive, these threats deserve even more prominence in this period of isolation and remote work. “These fears gain even more space in the face of the current context, with the popularization of remote work, in which the digital, personal and professional environments mix,” warns Priscila.

Minimize the risk of incidents; regulatory and audit requirements regarding LGPD and security as a business strategy are among the three main causes that lead companies to invest in an awareness program, respectively.

According to the survey, informing users about privacy and fitness for LGPD is the second main reason for investing in awareness programs. “It is not possible to create a culture in relation to the use of personal data in companies, in which people understand the commercial value of this information, without first understanding the importance of valuing it and learning what the consequences are of not dealing with it properly” says Mayer.

In addition, between the years 2016 and 2019, about 33% of companies did not have any type of security awareness program. In 2020, this number is around 22%, which represents a 10% increase in information security concerns, compared to previous years.

Conclusion

For the executive, the growth in the number of attacks, the pandemic scenario, the increase in regulatory requirements, the beginning of the LGPD and consumers’ expectations regarding the level of data protection demand from organizations more and more prepared and skilled people that drive excellence in privacy and cybersecurity.

“Never has the need for an awareness program to address these challenges involving all employees so that they receive appropriate training in an effort to protect the data entrusted to them has never been more evident. Train employees to be prepared to deal with the risks inherent in the technology solutions that their companies are adopting, to help them recover and renew in the post-pandemic era, is a crucial challenge, but it must be seen as a strategy to create competitive advantage”, Explains the CEO of Eskive.

Invitation to discuss data

Eskive invites everyone to a discussion about the data collected at 5th National Eskive Survey on Information Security Awareness, along with the CEO, Priscila Meyer and journalist Thúlio Pompeu.

The event is Tuesday (08.12) at 16h. The discussion can be followed either by the Youtube as at LinkedIn. However, confirmed participants at the LinkedIn, and that follow the page @eskivetool on Instagram, they will be competing for a gift card worth R $ 150.