Most British Workers Are Unaware Of Cyber Threats
One of the key ways to defend your organisation against cyber attacks involves your own employees.
In Britain, there isa significant lack of awareness among workers about cyber security, this is despite 60% of workers admitting they have fallen victim to a cyber attack, according to a new study by business security platform, Armis.
Armis surveyed 2,000 UK employees and found that only around a quarter (27%) are aware of the associated cyber risks, while one in 10 (11%) don’t worry about them at all. The most prevalent types of attacks experienced by workers or their organizations were phishing (27%), data breaches (23%) and malware (20%).
Despite 60% of respondents admitting to having been affected by a cyber attack, the study found a general lack of awareness towards cyber security. The study also revealed growing concerns about the scale of the cyber-threats facing the UK. A large-scale cyber-attack was ranked as the fourth biggest future concern (21%) among the respondents, equal to the UK going to war. Two-fifths (40%) said they would like to see a minister for cyber security installed to ensure the issue is focused on more at a government level.
The survey found that Russian-backed cyber criminals are considered the biggest threat to Britain's cyber security (20%) by the respondents, followed by financially motivated cyber criminals (17%) followed by Chinese-backed cyber criminals (16%).
It’s clear that cybersecurity awareness and training must be made a priority within the UK government... This is an issue that must be addressed from the top down. Moving forward, more emphasis should be placed on security awareness training as well as technology controls that give organisations a full picture of risk exposure." commented Conor Coughlan, General Manager EMEA at Armis.
Organisations need to invest the time and resources into both employee education and security technology as a two-pronged approach toward combating attacks.
According to the specialist incident response firm BreachQuest, organisations should take the following measures:
- Hire dedicated security awareness people that aren't engineers but rather marketing professionals who know how to engage an audience to educate your employees.
- Implement technical tools that prevent people from making easily preventable errors.
- Set up multifactor authentication, especially for email systems, VPNs and privileged accounts.
- Remove local admin privileges for standard users.
- Adopt a password manager across your organisation to improve and ease password security for all employees.
"Organisations need to understand the importance of investing in the right security to protect themselves and their customers and to avoid experiencing any downtime." according to Coughlan.
To protect themselves and your business against phishing campaigns, malware and other types of attacks, your workers should be regularly trained to have an effective level of awareness of cyber incidents and security best practices.
Armis: Techrepublic: Security Magazine: Infosecurity Magazine: Techjury: Ein News:
You Might Also Read:
Britain Is Fighting A Ransomware Epidemic: