Your Employees Are The Major Risk To Cyber Security

Uploaded on 2019-03-12 in JOBS-Training, FREE TO VIEW, TECHNOLOGY--Resilience

Employees are still the weak link in the security system, with poor habits that potentially put organisations at risk of critical data and intellectual property loss, and severe legal and reputational repercussions, new research from Microsoft Ireland has found.

A third of Irish workers surveyed used their own email for work and 24% shared files with family and friends. 

A lack of security training, the use of personal devices with work-related data and lax practices around passwords are all security risks facing public and private sector organisations, the study found.

Almost half of employees admitted they had no security training in the past 12 months, while 36 per cent said they had plugged a non-work data device such as a USB into their work device, which could lead to data loss.

The survey found that 24 per cent of people working from home have accidently shared work-related material with friends and family, while a third used personal email for work-related or customer information storage, which could be a violation of GDPR when they leave the company.

This was despite 44 per cent saying they had problems with phishing, hacking, cyber fraud or other cyberattacks, aside from attacks that were caught by their company’s security measures.Basic password rules were also being ignored, with 44 per cent recycling passwords, and only 16 per cent having updated their passwords in the last 12 months.

“The majority of security breaches can be traced back to compromised user identity,” said Des Ryan, Microsoft Ireland Solutions Director. This made the finding that 22 per cent of people admitted to writing down their passwords more serious, he said.

A second stand-out finding for Mr Ryan was the number of people using non-work devices to backup data. “Data is now a major differentiator for people,” he said. “The fact that 36 per cent of people backed up data to USB drive, etc is really scary. Where are they moving it to?”

The research, which was conducted by Amarach on behalf of Microsoft, questioned 700 employees working in large Irish organisations employing more than 100 staff across both the public and private sector.

Irish Times

You Might Also Read:

Take An Analytical Approach To Cybersecurity Training:

 

 

 

« Huawei 5G Risk Can Be ‘Contained’
Only Four Suspects In Australia's High Level Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Berkman Klein Center for Internet & Society

Berkman Klein Center for Internet & Society

The Berkman Klein Center for Internet & Society is a research center at Harvard University that focuses on the study of cyberspace.

Flipside

Flipside

Information Security training provider specialized in personalized training and security awareness campaigns.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

Upper Peninsula Cybersecurity Institute - Northern Michigan University

Upper Peninsula Cybersecurity Institute - Northern Michigan University

Upper Peninsula Cybersecurity Institute at Northern Michigan University offers non-degree and industry credentials relevant to emerging careers in cybersecurity.

Madrona Venture Group

Madrona Venture Group

Madrona Venture Group invests in seed and early-stage technology companies in areas including cybersecurity.

SIXGEN

SIXGEN

SIXGEN provides incident response, operational and penetration testing, red teaming, tool development, cyber training development and continuous monitoring.

BlackFog

BlackFog

BlackFog is a leader in device data privacy, data security and ransomware prevention. Our behavioral analysis and anti data exfiltration technology stops hackers before they even get started.

SnapAttack

SnapAttack

SnapAttack is a collaborative platform that empowers your security team to stay ahead of threats, create robust behavioral analytics for your existing tools, and prove your program's effectiveness.

IntegraONE

IntegraONE

IntegraONE is a IT solutions provider offering a full range of networking and technology solutions.

Valency Networks

Valency Networks

Valency Networks provide cutting edge results in the areas of Vulnerability Assessment and Penetration Testing services for webapps, cloud apps, mobile apps and IT networks.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

Banyax

Banyax

Banyax provides 24×7 real-time Cyber Defense Center Services using the latest technology tools to provide state-of-the-art defense.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

CypherEye

CypherEye

CypherEye is a next generation trust platform that advances the current state of Multi-factor Authentication (MFA) to enable highly secure, private and auditable cyber-transactions.

US Insider Risk Management Center of Excellence (US-InRM)

US Insider Risk Management Center of Excellence (US-InRM)

The US-InRM Center of Excellence is a nonprofit organization dedicated to promoting private, public, and academic partnerships to foster knowledge sharing and resources to mitigate insider risk.

Nothreat

Nothreat

Nothreat has revolutionized how businesses like yours protect themselves from damaging cyber attacks. Our tech learns and adapts in real time, protecting clients from even zero-day attacks.