A global cyber security specialist has released new information that underscores the need for educating employees about data security. The results show a dramatic disconnect between employees and IT within an organisation with 73% of U.S. employees now believing that their company provides sufficient training on how to protect sensitive information.
On the other hand, 72% of IT professionals believe that employers are not doing enough to educate employees. This research underscores the need for more collaboration between the Executive team, IT, HR and other staff within an organisation so as to ensure the safety of personal information.
The results of this study demonstrate the need for efficient data security within an organisation to be implemented across the board, especially with regard to new staff members. Management must make security a top priority in order to avoid mistakes that can lead to the loss of valuable data which cost a company dearly, both in financial penalties and reputational damage. The recent Talk Talk data breach and huge consequent costs are an example of what can, and does, go wrong.
Additionally, the same report has revealed that Four out of ten businesses expect an insider data breach in the next 12 months. As enterprises become larger, managing employee behaviour becomes harder and the risk of a breach occurring within an organisation intensifies.
The study has identified a widespread lack of employee awareness of good cyber security practice, and a slow business response to addressing insider threats.
In the survey of 4,000 employees, 58% of those involved lacked understanding of what might actually constitute a security threat from within their organisation. With such a lack of clarity, it may not come as a surprise that half of respondents admitted they disregard data protection policies at work in order to get their job done.
Such information does not come as a surprise and we recommend that businesses in Ireland learn from these worrying statistics in order to implement best practice in Data Protection compliance.