Your Employees Are The Major Risk To Cyber Security

Uploaded on 2019-03-12 in JOBS-Training, FREE TO VIEW, TECHNOLOGY--Resilience

Employees are still the weak link in the security system, with poor habits that potentially put organisations at risk of critical data and intellectual property loss, and severe legal and reputational repercussions, new research from Microsoft Ireland has found.

A third of Irish workers surveyed used their own email for work and 24% shared files with family and friends. 

A lack of security training, the use of personal devices with work-related data and lax practices around passwords are all security risks facing public and private sector organisations, the study found.

Almost half of employees admitted they had no security training in the past 12 months, while 36 per cent said they had plugged a non-work data device such as a USB into their work device, which could lead to data loss.

The survey found that 24 per cent of people working from home have accidently shared work-related material with friends and family, while a third used personal email for work-related or customer information storage, which could be a violation of GDPR when they leave the company.

This was despite 44 per cent saying they had problems with phishing, hacking, cyber fraud or other cyberattacks, aside from attacks that were caught by their company’s security measures.Basic password rules were also being ignored, with 44 per cent recycling passwords, and only 16 per cent having updated their passwords in the last 12 months.

“The majority of security breaches can be traced back to compromised user identity,” said Des Ryan, Microsoft Ireland Solutions Director. This made the finding that 22 per cent of people admitted to writing down their passwords more serious, he said.

A second stand-out finding for Mr Ryan was the number of people using non-work devices to backup data. “Data is now a major differentiator for people,” he said. “The fact that 36 per cent of people backed up data to USB drive, etc is really scary. Where are they moving it to?”

The research, which was conducted by Amarach on behalf of Microsoft, questioned 700 employees working in large Irish organisations employing more than 100 staff across both the public and private sector.

Irish Times

You Might Also Read:

Take An Analytical Approach To Cybersecurity Training:

 

 

 

« Huawei 5G Risk Can Be ‘Contained’
Only Four Suspects In Australia's High Level Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Flexential

Flexential

Flexential helps organizations optimize their journey of IT transformation while simultaneously balancing cost, scalability, compliance and security.

Jeffer Mangels Butler & Mitchell LLP (JMBM)

Jeffer Mangels Butler & Mitchell LLP (JMBM)

JMBM is a full service law firm providing counseling and litigation services in a wide range of areas including cyber security.

Seqrite

Seqrite

Seqrite offers a highly advanced range of enterprise and IT security solutions to protect your organization's most critical data.

PROOF

PROOF

PROOF is a Brazilian leader in cybersecurity. Our goal is to assist our Customers in managing security efficiently and in tune with business needs.

3Elos

3Elos

3Elos operates in the Information Technology market with a focus on research, development, consulting, marketing and implementation of Information Security solutions.

Hallam-ICS

Hallam-ICS

Hallam-ICS designs MEP systems for facilities and plants, control and automation solutions, and ensures safety and regulatory compliance.

Tech Nation

Tech Nation

Tech Nation is the UK’s first national scaleup programme for the cyber security sector, aimed at ambitious tech companies ready for growth, at home and abroad.

Soliton

Soliton

Soliton is a leading Japanese technology company and a pioneer in IT security solutions for protecting company resources and data from external IT security threats.

Police CyberAlarm

Police CyberAlarm

Police CyberAlarm is a free tool to help members understand and monitor malicious cyber activity. This service is made up of two parts; monitoring and vulnerability scanning.

National Cyber Security Center (NCSC) - Vietnam

National Cyber Security Center (NCSC) - Vietnam

National Cyber Security Center of Vietnam has a central monitoring function and is a technical focal point for monitoring and supporting information security for people, businesses and systems.

Cyberwatch Finland

Cyberwatch Finland

Cyberwatch Finland's services improve decision-makers’ strategic situational picture and enable successful holistic cyber risk management.

Ministry of Electronics & Information Technology (MeitY)

Ministry of Electronics & Information Technology (MeitY)

The Ministry of Electronics & Information Technology is an executive agency responsible for IT policy, strategy and development of the electronics industry.

Guardz

Guardz

Guardz helps small and growing businesses to go from zero or low cyber protection to having comprehensive security – in the quickest and most straightforward way.

OSP Cyber Academy

OSP Cyber Academy

OSP Cyber Academy are a managed service provider of cyber, information security and data protection training.

Entitle

Entitle

Entitle's SaaS-based platform automates how permissions are managed, enabling organizations to eliminate bottlenecks and implement robust cloud least privilege access.

CorePLUS Technologies

CorePLUS Technologies

CorePlus solutions are designed to empower organizations with the tools they need to ensure the utmost protection for their assets, people, and information.