The 2021 Unisys Security Index reveals that two-thirds of Brazilians working remotely stated they are primarily responsible for keeping their employers’ data secure. Of the respondents who believe they are primarily responsible for the integrity of corporate data, 41% also place that responsibility on application providers. Only 21% of those polled hold their employers accountable for data security. The results suggest that most Brazilians have a high degree of responsibility in relation to the corporate data they work with, according to Alexis Aguirre, director at Unisys Cybersecurity for Latin America. On the other hand, Aguirre noted corporate attitudes contrast with the lack of knowledge among the population about the various types of digital security fraud. “It is clear that in addition to investing in technology, it is essential to train people, as users are generally the gateway through which cybercriminals focus their actions, especially using social engineering techniques,” Aguirre adds. The Unisys study polled 11,000 consumers across 11 countries, including 1,000 Brazilian participants. The research has also covered the lack of awareness about security issues among Brazilians, with the minority of respondents stating they are aware of crimes such as SIM jacking and SMS phishing. On the other hand, separate research has found that Brazilians are concerned about the security of their data. A study carried out by Datafolha institute on behalf of Mastercard has found that fear of cyber attacks is high among Brazilian users, with 73% of respondents reported having suffered some kind of digital threat, such as receiving fake messages from companies and stolen passwords. Fostering a data protection culture in Brazil is one of the main initial objectives of the National Data Protection Authority (ANPD), a body set up in 2020. As part of efforts to raise awareness on the issue among the general public, ANPD launched a a data protection guide in September detailing how data holders can protect their data and listing steps that should be taken in case of incidents related to cybersecurity.