Employees 'dodge' cybersecurity responsibility

New research shows that when it comes to company’s cyber security, the majority of employees (81%) believe it’s the IT department’s responsibility to ensure it.

  • 2 years ago Posted in

Terranova Security by HelpSystems, a global leader in security awareness training, has published the results of a study that showcases the level of cyber security awareness among workers in the UK, France, U.S., Australia and Canada.

 

The study, conducted in partnership with research company Ipsos, surveyed 500 UK employees. It concluded there is confusion among employees over who is responsible for protecting company data. Despite the fact that human error causes 95% of cyber issues, 81% of UK employees believe it’s the IT department’s responsibility.

 

In addition, 1 in 4 employees do not think cyber security is necessary for them, and 18% believe they can’t be targeted at all by cybercriminals. The findings come at a time when the danger from a data breach is at an all-time high – businesses suffered 50% more ransomware attacks in 2021 compared to 2020. As of 2022, the average cost of a data breach to a large organisation increased to $4.35 million.

 

The research also highlighted that UK businesses aren't doing enough to support their employees when it comes to providing education on common cyber threats and security best practices. Only 42% of employees say they work in a company where cyber security awareness training is mandatory. Of the 44% who haven’t participated in any cyber security training, nearly a third (31%) indicated that their company doesn’t offer any relevant training.

 

These low training rates aren’t due to a lack of interest from employees, as 76% believe cyber security training is interesting, and 56% have started or completed the training when it’s offered to them.

 

“It’s concerning to see such a high percentage of employees who believe a company’s cyber security is not their responsibility – especially in larger organisations,” said Theo Zafirakos, Chief Information Security Officer, Terranova Security. “It’s clear that many British businesses have room to grow security awareness training strategies, especially in the face of rising cybercrime. Our research also shows there’s still quite some work to do on educating people about the important role they play in protecting data at work. These people are the first line of defence against any cyber-attack, and on a positive note, our research demonstrates a strong appetite for learning more about it. By taking responsibility to invest more in education and build a security-aware culture around data protection within the business, companies will set up a powerful barrier against any cyber threats.”

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...