Your Employees Are The Major Risk To Cyber Security

Uploaded on 2019-03-12 in JOBS-Training, FREE TO VIEW, TECHNOLOGY--Resilience

Employees are still the weak link in the security system, with poor habits that potentially put organisations at risk of critical data and intellectual property loss, and severe legal and reputational repercussions, new research from Microsoft Ireland has found.

A third of Irish workers surveyed used their own email for work and 24% shared files with family and friends. 

A lack of security training, the use of personal devices with work-related data and lax practices around passwords are all security risks facing public and private sector organisations, the study found.

Almost half of employees admitted they had no security training in the past 12 months, while 36 per cent said they had plugged a non-work data device such as a USB into their work device, which could lead to data loss.

The survey found that 24 per cent of people working from home have accidently shared work-related material with friends and family, while a third used personal email for work-related or customer information storage, which could be a violation of GDPR when they leave the company.

This was despite 44 per cent saying they had problems with phishing, hacking, cyber fraud or other cyberattacks, aside from attacks that were caught by their company’s security measures.Basic password rules were also being ignored, with 44 per cent recycling passwords, and only 16 per cent having updated their passwords in the last 12 months.

“The majority of security breaches can be traced back to compromised user identity,” said Des Ryan, Microsoft Ireland Solutions Director. This made the finding that 22 per cent of people admitted to writing down their passwords more serious, he said.

A second stand-out finding for Mr Ryan was the number of people using non-work devices to backup data. “Data is now a major differentiator for people,” he said. “The fact that 36 per cent of people backed up data to USB drive, etc is really scary. Where are they moving it to?”

The research, which was conducted by Amarach on behalf of Microsoft, questioned 700 employees working in large Irish organisations employing more than 100 staff across both the public and private sector.

Irish Times

You Might Also Read:

Take An Analytical Approach To Cybersecurity Training:

 

 

 

« Huawei 5G Risk Can Be ‘Contained’
Only Four Suspects In Australia's High Level Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

GFI Software

GFI Software

GFI Software works with System Administrators, IT Professionals and IT Executives to ensure that their IT infrastructures are monitored, managed, secured and compliant.

Radware

Radware

Radware is a global leader of application delivery and cyber security solutions for virtual, cloud and software defined data centers.

Infoblox

Infoblox

Infoblox solutions help businesses automate complex network control functions to reduce costs, increase security and maximize uptime.

RoboForm

RoboForm

RoboForm's industry-leading encryption technology securely stores your passwords, with one Master Password serving as your encryption key.

Protocol Policy Systems

Protocol Policy Systems

Protocol Policy Systems specialise in IT policy deployment and management systems that deliver compliance and secure computing environments.

Pindrop Security

Pindrop Security

Pindrop solutions are leading the way to the future of voice by establishing the standard for security, identity, and trust for every voice interaction.

Newtech Recycyling

Newtech Recycyling

Newtech Recycyling specializes in the removal and disposal of IT infrastructure which has reached the end of its life cycle.

Touchstone Security

Touchstone Security

Touchstone Security is a company with a passion for technology, a hyper-focus on cybersecurity, and a special affinity for cloud technology.

Isovalent

Isovalent

Isovalent deliver the most advanced Kubernetes networking & security capabilities to the most demanding of enterprise users.

Cybeta

Cybeta

Cybeta's actionable cybersecurity intelligence keeps your business safe with strategic and operational security recommendations that prevent breaches.

Technisanct

Technisanct

Technisanct works with Governments, especially Law Enforcement and Defence agencies, helping them in monitoring threats, managing their data and resolving their forensic needs.

Rootshell Security

Rootshell Security

Rootshell Security is transforming vulnerability management with its vendor-agnostic Prism Platform and industry-leading offensive security assessments.

ConductorOne

ConductorOne

ConductorOne is building the identity security platform for the modern workforce.

SecurWeave

SecurWeave

SecurWeave's Configurable Hardware Enforced Safety and Security (CHESS) platform has been designed to meet the security and safety criticality needs of the evolving digital industry.

nodeQ

nodeQ

At nodeQ, we are pioneering the future of computer networks, leveraging our deep expertise in quantum communication, artificial intelligence, and software-defined networking.

Yondu

Yondu

Yondu empowers businesses across various industries through a wide array of innovative technology solutions to help them scale in the new digital economy.