According to a recent report*, employees are to blame for 70% of corporate data breaches with 3rd party data breaches increasing two-fold in a year.
UK security leaders believe that their employees are continually exposing sensitive data to the risk of a breach, yet organisation’s are neglecting to take the necessary steps to control the risks.
Of those surveyed, the main findings were, 22% of employees were unintentionally putting data at risk and 21% - staff being caught out by phishing emails, with remote workers being the most highlighted at over a quarter of the organisations surveyed.
Perhaps more disturbingly, 20% of these were “malicious”, with 3rd parties also mishandling corporate information causing breaches at 21%, highlighting the increasing need for tighter security in the supply chain.
Nearly half (48%) admit to their company’s mobile or remote workers knowingly exposing data to a breach with 46% saying remote workers not even caring about security!
When it comes to the main problems they faced with implementing a cybersecurity plan for remote and mobile working. The main issue – which 28% struggle with – is lack of awareness among employees of the risks to data when working away from the office and even if they are aware, they will still take action that results in data being exposed or lost (23%).
Businesses don’t trust their employees to meet their responsibilities to protect data, especially when they’re working remotely, which leads the report’s author to conclude “Organisations must rebuild a culture that ensures everyone has a security-first mindset, wherever they’re working.”
Neither are companies applying the policy and technology measures necessary to prevent data being threatened – especially when it comes to BYOD with only 14% managing the risk by controlling access to systems and data using software.
The author also further concludes that with devices moving further away from the company and BYOD, the “decentralisation” of technology might well be behind the lessening of control. But despite the gains in employee satisfaction, flexibility and productivity this gives it is essential that security teams apply comprehensive measures to protect data.
If you have any concerns about security in your own organisation and would like an unbiased appraisal of this by our own industry experts why not book a ‘Security Health Check’ with us? This is an inexpensive, rapid assessment of the potential risks you might face with a brief summary report provided, highlighting some recommendations of how to improve your current security policies. Contact us here.
Comentarios