Only 31% Of Employees Get Annual Cyber Security Training

A new Report reveals that employee education is key for small businesses to prevent cyber-attacks yet many employees are not being cyber-trained. 

Even with headline after headline about the latest data breach, people are not encouraged to defend against their cyber exposure. 

The Chubb 3rd Annual Report 
The goal of insirance firm Chubb’s 2019 Cyber Risk Survey is to determine the level of understanding individuals have about their cyber risks. While at the same time looking at the steps they are taking to protect themselves. For small businesses with limited resources, complacency can have detrimental consequences. This is because the chance of a small company crashing out of business after a cyber-attack is highly likely. And the best way to defend themselves is by making everyone in the company more aware.

Fran O’Brien, Division President of Chubb North America Personal Risk Services, said  “When it comes to your cyber-security, there’s no such thing as being over-prepared.” He also says, “While it’s important that the vast majority of respondents remain concerned about a breach, concern itself isn’t enough. Individuals often say their lack of cybersecurity action is because it seems too time-consuming in the moment. But implementing cyber safeguards today will save time and financial resources tomorrow, should a breach occur.”

If you are a valued target, sooner or later a breach is very likely to take place. and just because you are a small business, it doesn’t mean you are immune to attacks. Because 43% of cyber-attacks target small businesses.

2019 Cyber-Security Risk Statistics
In the study, 70% of the respondents say their company has “excellent” or “good” cyber-security practices. But only 31% of them receive annual company-wide training or updates from their employer.

Considering employee education lies at the core of the cybersecurity problem, more needs to be done. And the lessons they receive have to be from a reliable source. Because the survey says more than a third are learning about protection against cyber-security risks from mainstream media (35%) and family and friends (34%).

Only 19% report they learn about cyber-security protection through their employer. This means the vast majority of the workforce doesn’t have the necessary skills to protect their business. And this results in employees and individuals not being able to identify an attack when it is taking place.

Identifying Attacks
The one common form of attack the respondents defined correctly is ransomware at 54%. But it goes downhill from there as most of them couldn’t identify credential stuffing (59%), Emotet (72%), and Ryuk (74%).
These forms of attack are barely scratching the surface, and unless your company specialises in cybersecurity it is impossible for your staff to know everything. The key is to teach your employees so they can have a general understanding of these common attacks.

Cyber Security Training
Coupled with strict governance and mandatory annual training, you can bring your employees up to speed. And according to Chubb, the training, which can be taken online and limited to an hour, is enough to help employees identify breach warning signs. By identifying these signs, your employees can stop full-blown attacks so you can intervene.
Small businesses can implement policies to ensure everyone in the company becomes part of the first line of defense against a cyberattack. But even with the best efforts, it may not be possible to stop an attack. And this is why cyber insurance should be a serious consideration to fully protect your business.

According to Chubb, with the right cyber insurance, you can get an inclusive mix of defensive and protective measures. This includes capabilities which provide fast response in a worst-case scenario. In addition to a financial loss mitigation tool, it should also help individuals understand how to prepare ahead of a potential cyber-attack.

For effective employee cyber training which is engaging, endorsed by leading experts and will improve cyber behaviour across your entire organisation please contact Cyber Security Intelligence

SmallBizTrends:         Chubb:       Image: Nick Youngson

You Might Also Read:

Why Cyber Training Is So Important For Business:

Effective Cybersecurity Requires Both Cyber Training & Insurance Cover:

 

 

« Cyber Insurance Is Unsustainable On Its Current Path
Easy Cyber Knowldege Ch.4 The Internet of Things (IoT) »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

PakCERT

PakCERT

PakCERT is the national Computer Emergency Response Team for Pakistan.

XCure Solutions

XCure Solutions

XCure Solutions are a Finnish company specializing in data security, data protection and data recovery.

Security Network Munich

Security Network Munich

Security Network Munich brings together leading players in the field of information and cyber security through joint research and innovation projects.

Paygilant

Paygilant

Paygilant’s disruptive technology is designed to protect mobile payment  financial transactions against fraudulent attacks, whether executed by NFC, QR code, P2P or in-app.

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

sayTEC

sayTEC

sayTEC's mission is to develop and deliver next-generation products and services in encrypted data and voice transmission.

TCN

TCN

TCN is an advanced System Integrator and Infrastructure Company in Albania.

WWPass

WWPass

WWPass is a global cybersecurity company that provides password-less authentication and client-side encryption technology.

US-Africa Cybersecurity Group (USAFCG)

US-Africa Cybersecurity Group (USAFCG)

USAFCG provides cybersecurity consulting services and delivers training programs for capacity building in Africa.

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF) of Armenia is one of the largest technology business incubators and IT development agencies in the region.

Aristi Labs

Aristi Labs

Aristi Labs provides comprehensive security solutions to help businesses protect data and intellectual property, minimizing downtime and maximizing productivity.

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER) conducts full spectrum military cyberspace operations in order to enable freedom of action in cyberspace and deny the same to the adversary.

SafeStack Academy

SafeStack Academy

SafeStack Academy is an online cyber security and privacy education platform. Our content is designed by experts to suit small businesses, growing companies, and development teams.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

Exium

Exium

At Exium we’ve integrated networking and security in a cloud-delivered Zero Trust platform powered by 5G and open source.

Clear Ridge Defense

Clear Ridge Defense

Clear Ridge was founded in April 2015 with the mission and vision to support Joint, Service Cyber Components, and commercial clients in specialized cyber support.