Roughly 3 out of 4 Romanian employees with digital exposure (74%) display an insufficient level of cyber literacy, while the people with the greatest access to sensitive data, such as managers and entrepreneurs, lead the ranking of risky workplace behaviors, according to the “Cyber Literacy Audit 2026,” the first national study dedicated to cyber literacy in professional activity.

Conducted by the research agency MKOR for the company Arctic Stream (BVB: AST) on a nationally representative sample of 1,000 employees (including 200 managers and entrepreneurs), the study establishes the first national benchmark for employees’ digital activity.

The study reveals, among others, that technical security infrastructure exists in most companies, but behaviors in daily practice cancel out an important part of the investment in technology.

At a declarative level, the image of Romanian companies suggests a solid cybersecurity framework: 91% of employees say there are active security measures in their organization; 87% state that there are procedures for unexpected situations; and 84% say they have signed specific internal documents.

Operational reality, however, says otherwise. Antivirus remains the only measure recognized by the majority (71%), while VPNs, multi-factor authentication (MFA), and USB restrictions remain below the 50% threshold.

Moreover, almost half of the employees in the study (44%) use a hybrid infrastructure, combining personal devices and accounts with company ones in their professional activity. According to this study, this segment presents the highest risk profile. Roughly 69% transfer work documents through personal applications, and 48% connect personal storage space to the company computer, and the rate of incident reporting to the IT department is only 37%, compared to 55% among those working exclusively on formal infrastructure.

Moreover, almost half of managers (49%) admit that their organization acts reactively, only after an incident occurs. And only 36% of employees have signed a remote work policy, although hybrid work is a reality for a significant part of the workforce.

“The fact that almost half of the organizations in Romania intervene only after an incident occurs represents a serious alarm signal. In cybersecurity, reaction time is measured in seconds, not hours,” said Ioana Manea, Chief Innovation Officer at Arctic Stream, and General Manager - Cyber Arena Romania.

According to the MKOR and Arctic Stream study, the people with the highest level of access to sensitive data, leaders and managers, are those who most frequently ignore or bypass safety protocols to save time. 

The data shows that managers adopt more risky behaviors than employees in execution roles: 31% use public Wi-Fi networks without a VPN (compared to 23% at the execution level); 33% enter internal documents into unauthorized AI tools (compared to 24% at the execution level); 43% frequently install unauthorized software on the company laptop.

“The data from this study recalibrates a common perception in Romanian business, namely that cybersecurity is solved mainly through the acquisition of software. Operational reality shows otherwise: an inattentive employee can quickly compromise a significant investment in infrastructure. A critical aspect revealed by the research is that people with decision-making power are the ones who most often choose risky shortcuts under the pressure of delivery speed,” said Cori Cimpoca, Founder of MKOR.

radu@romania-insider.com

(Photo source: Motortion|Dreamstime.com)