Most British Workers Are Unaware Of Cyber Threats

Uploaded on 2021-12-29 in TECHNOLOGY--Resilience, GOVERNMENT-National, FREE TO VIEW

One of the key ways to defend your organisation against cyber attacks involves your own employees. 

In Britain, there isa significant lack of awareness among workers about cyber security, this is despite 60% of workers admitting they have fallen victim to a cyber attack, according to a new study by business security platform, Armis.

Armis surveyed  2,000 UK employees and found that only around a quarter (27%) are aware of the associated cyber risks, while one in 10 (11%) don’t worry about them at all.  The most prevalent types of attacks experienced by workers or their organizations were phishing (27%), data breaches (23%) and malware (20%). 

Despite 60% of respondents admitting to having been affected by a cyber attack, the study found a general lack of awareness towards cyber security. The study also revealed growing concerns about the scale of the cyber-threats facing the UK. A large-scale cyber-attack was ranked as the fourth biggest future concern (21%) among the respondents, equal to the UK going to war. Two-fifths (40%) said they would like to see a minister for cyber security installed to ensure the issue is focused on more at a government level.

The survey found that Russian-backed cyber criminals are considered the biggest threat to Britain's cyber security (20%) by the respondents, followed by financially motivated cyber criminals (17%)  followed by Chinese-backed cyber criminals (16%).

It’s clear that cybersecurity awareness and training must be made a priority within the UK government... This is an issue that must be addressed from the top down. Moving forward, more emphasis should be placed on security awareness training as well as technology controls that give organisations a full picture of risk exposure." commented Conor Coughlan, General Manager EMEA at Armis.

Organisations need to invest the time and resources into both employee education and security technology as a two-pronged approach toward combating attacks.

According to the specialist incident response firm BreachQuest, organisations should take the following measures:

  • Hire dedicated security awareness people that aren't engineers but rather marketing professionals who know how to engage an audience to educate your employees.
  • Implement technical tools that prevent people from making easily preventable errors.
  • Set up multifactor authentication, especially for email systems, VPNs and privileged accounts.
  • Remove local admin privileges for standard users.
  •  Adopt a password manager across your organisation to improve and ease password security for all employees.

"Organisations need to understand the importance of investing in the right security to protect themselves and their customers and to avoid experiencing any downtime." according to Coughlan.

To protect themselves and your business against phishing campaigns, malware and other types of attacks, your workers should be regularly trained to have an effective level of awareness of cyber incidents and security best practices. 

Armis:       Techrepublic:     Security Magazine:     Infosecurity Magazine:    Techjury:     Ein News:   

You Might Also Read: 

Britain Is Fighting A Ransomware Epidemic:

 

« British Plan To Become A ‘Global Cyber Power’ In 2022
Britain's HMRC Tax Agency Admits Numerous Data Breaches »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Brookings Institution

Brookings Institution

The Brookings Institution is a nonprofit public policy organization. Cyber security is covered within the various study areas.

QNAP Systems

QNAP Systems

QNAP Systems, Inc. delivers world class network attached storage (NAS) and network video recorder (NVR) solutions.

Research Institute in Trustworthy Industrial Control Systems (RITICS)

Research Institute in Trustworthy Industrial Control Systems (RITICS)

RITICS is one of three Research Institutes formed as part of the UK National Cyber Security Strategy.

Sintef Digital

Sintef Digital

Sintef Digital carries out research in Information and Communication Technology for industry and the public sector.

CyPhyCon

CyPhyCon

CyPhyCon is an annual event exploring threats and solutions to cyber attacks on cyber-physical systems such as industrial control systems, Internet of Things and Industrial Internet of Things.

usecure

usecure

usecure is a global provider of computer-based cyber security awareness training, offering the market’s most time-efficient, cost-effective and admin-lite solution for reducing insider threats.

Amnesty Tech

Amnesty Tech

Amnesty Tech's Security Lab leads technical investigations into cyber-attacks against civil society and provides critical support when individuals face such attacks.

DataSixth Security Consulting

DataSixth Security Consulting

DataSixth delivers Cybersecurity Intelligence. With our unique capabilities, we’re able to deliver value, deliver answers, and deliver actionable security intelligence.

Surefire Cyber

Surefire Cyber

Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities.

Policy Monitor

Policy Monitor

Policy Monitor is a cyber security company founded by experts with extensive experience in operational and risk management.

Probity

Probity

Probity Inc. is a certified software development and systems engineering company, providing support to federal government and national defense related clients.

Approov

Approov

Approov provides a comprehensive runtime security solution for mobile apps and their APIs, unified across iOS and Android.

Bastion Networks

Bastion Networks

Bastion are a security-focussed managed solution provider and consultancy. We work with advanced cyber security vendors to produce managed security solutions to protect from online threats.

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.

Swick Technologies (SWICKtech)

Swick Technologies (SWICKtech)

SWICKtech offer IT managed services to increase IT security, stability, and performance for your organization.

Cloud Carib

Cloud Carib

Cloud Carib is the premier provider of managed cloud services in the Caribbean and Latin American regions.