SMEs Need To Close The Cyber Security Training Gap

In 2020 millions of UK people began working at home because of Covid and currently in 2021, the proportion of remote workers who say loneliness and cyber security problems are serious issues has significantly increased. 

Cyber criminal attackers have benefited from the uncertainty of the COVID-19 pandemic and the isolation of remote workers and have made remote worker the victims of phishing attacks.

Government research into the UK cyber security labour market carried out in 2020 estimated that  48% of UK businesses had a basic skills gap when it came to cyber security.  This year, Vodafone completed and published a similar report which found that around 30% of UK SMEs said they don’t have a cyber security strategy in place. While this suggest the gap has closed, its clear the knowledge and skills shortages remain a big problem for SMEs. 

In 2020 the government report found 64% of cyber firms faced problems with technical cyber security skills gaps among existing staff or job applicants. A recent 2021 Capterra looking at cyber security and home working demonstrated a situation that could prove even more critical. Just 19% of those questioned believed their company had no individual they could contact regarding cyber security breaches, a rise from 11% in 2020, while a little under 50% admitted they wouldn’t actually know who to contact within their organisation if such a breach occurred. Capterra's findings, which showed the number of employees who had received IT security training had risen only fractionally year-on-year, from 20% in 2020 to 22% in 2021, despite the wider security risks faced now from remote working.

This means companies are not only battling to ensure their employees understand the appropriate safety precautions while working away from the office, but they are also struggling to find the right security employees to put proper security in place.  

Mimecast research paints another worrying picture. Some seven in 10 of those questioned believed employee behaviours such as poor password hygiene put their companies at risk but only one in five organisations had provided ongoing cyber awareness training, according to the report. 

An additional problem can be when people feel disconnected from their training, so any lessons delivered don’t sink in.
Some of the biggest threats could actually be the most simple to solve. Recent research by HP's Wolf security found that 46% of office workers admitted to using their work laptop for personal “life admin”, and 30% had let someone else use their work device. 

Mimecast:      Gov.UK:      Capterra:         ITPro:      Vodafone:    HP Wolf

You Might Also Read:

How To Write Learning Objectives For Cyber Security Training:

 

« Scientists Say Social Media Is A Risk To Humanity
Artificial Intelligence Is Being Badly Used In Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

TrustedIA

TrustedIA

TrustedIA is a cyber and protective security company. Our mission is to help businesses protect themselves from disruptive events that can impact their successful operation.

CoSoSys Endpoint Protector

CoSoSys Endpoint Protector

Endpoint Protector by CoSoSys is an advanced all-in-one DLP solution for Windows, macOS, and Linux, that puts an end to unintentional data leaks and protects from malicious data theft.

Nordic IT Security

Nordic IT Security

Nordic IT Security is a cyber security business forum in Scandinavia bringing together the converging worlds of IT, Cyber and Information Security.

Dreamlab Technologies

Dreamlab Technologies

Dreamlab specialises in securing critical IT infrastructures. We offer qualitative support and advice for managing your infrastructure and cyber security needs.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

Advisera 27001Academy

Advisera 27001Academy

Advisera is a market leader in providing documentation and online support for the implementation of business standards including ISO 27001, ISO 22301 and EU GDPR.

Right-Hand Cybersecurity

Right-Hand Cybersecurity

Right-Hand Cybersecurity empowers businesses to monitor, measure and mitigate employee induced cyber risks in real-time.

TRU Staffing Partners

TRU Staffing Partners

TRU Staffing Partners is an award-winning contract staffing and executive search firm for cybersecurity, eDiscovery and privacy companies and professionals.

Globant

Globant

Globant is an It and software development company. We leverage the latest technologies and methodologies to help organizations transform in every aspect, including software security.

Ostendio

Ostendio

Ostendio is a cybersecurity and information management solutions provider that develops affordable compliance solutions for digital health companies and other regulated entities.

Assure IT

Assure IT

Assure IT is a Singapore company specialising in technology governance, risk and compliance.

MDSec

MDSec

MDSec is a consultancy with a passion for information security. Our consultants specialise in application, mobile and hardware security and targeted red team attacks.

Pathway Communications

Pathway Communications

Established in 1995, Pathway Communications – is part of the Pathway Group of Companies, a Canadian IT Managed Services organization.

Blink Ops

Blink Ops

Blink helps security teams streamline everyday workflows and protect your organization better.

Mindcore Technologies

Mindcore Technologies

Mindcore provide cyber security services, managed IT services and IT consulting services to businesses in NJ, FL, and throughout the United States.

Apexanalytix

Apexanalytix

Apexanalytix is a leading provider of supplier onboarding, risk management and recovery solutions.