Two-thirds (63 percent) of UK businesses believe that their organisation is highly protected from attempts by outsiders to gain access to their systems and data, according to a survey by Willis Towers Watson. In contrast UK employees ranked insufficient understanding (61 per cent) as the biggest barrier to their organisation effectively managing cyber risks. Many businesses feel like they are technically prepared to tackle the threat of cyber crime but the biggest risks can be their employees and human error from the end user of a business’ IT system.
The Willis Towers Watson research bears this out, discovering that of the employees that did complete cyber training, nearly two-thirds (62 per cent) admit they only completed the training because it was required, and nearly half (44 per cent) believe that opening any email on their work computer is safe. This suggest that employees may not be engaged or have the sense of personal accountability which is necessary to drive long-term, sustainable behaviours with regards to online security. Complex IT security systems may be vulnerable not because of a lack of investment but a failure to get the basics right amongst all users.
It is vital that all business take action to engage their workforce with cyber security, explaining the threats and making best practice when it comes to cyber security (e.g. strong passwords) engaging and understandable. A representative from the Cyber Aware campaign, Sophos and the NCSC will discuss how you can engage your workforce with cyber crime in order to counter this threat.