SMEs Need To Close The Cyber Security Training Gap
In 2020 millions of UK people began working at home because of Covid and currently in 2021, the proportion of remote workers who say loneliness and cyber security problems are serious issues has significantly increased.
Cyber criminal attackers have benefited from the uncertainty of the COVID-19 pandemic and the isolation of remote workers and have made remote worker the victims of phishing attacks.
Government research into the UK cyber security labour market carried out in 2020 estimated that 48% of UK businesses had a basic skills gap when it came to cyber security. This year, Vodafone completed and published a similar report which found that around 30% of UK SMEs said they don’t have a cyber security strategy in place. While this suggest the gap has closed, its clear the knowledge and skills shortages remain a big problem for SMEs.
In 2020 the government report found 64% of cyber firms faced problems with technical cyber security skills gaps among existing staff or job applicants. A recent 2021 Capterra looking at cyber security and home working demonstrated a situation that could prove even more critical. Just 19% of those questioned believed their company had no individual they could contact regarding cyber security breaches, a rise from 11% in 2020, while a little under 50% admitted they wouldn’t actually know who to contact within their organisation if such a breach occurred. Capterra's findings, which showed the number of employees who had received IT security training had risen only fractionally year-on-year, from 20% in 2020 to 22% in 2021, despite the wider security risks faced now from remote working.
This means companies are not only battling to ensure their employees understand the appropriate safety precautions while working away from the office, but they are also struggling to find the right security employees to put proper security in place.
Mimecast research paints another worrying picture. Some seven in 10 of those questioned believed employee behaviours such as poor password hygiene put their companies at risk but only one in five organisations had provided ongoing cyber awareness training, according to the report.
An additional problem can be when people feel disconnected from their training, so any lessons delivered don’t sink in.
Some of the biggest threats could actually be the most simple to solve. Recent research by HP's Wolf security found that 46% of office workers admitted to using their work laptop for personal “life admin”, and 30% had let someone else use their work device.
Mimecast: Gov.UK: Capterra: ITPro: Vodafone: HP Wolf:
You Might Also Read:
How To Write Learning Objectives For Cyber Security Training: