Only 31% Of Employees Get Annual Cyber Security Training

Uploaded on 2019-10-02 in JOBS-Training, FREE TO VIEW, TECHNOLOGY--Resilience

A new Report reveals that employee education is key for small businesses to prevent cyber-attacks yet many employees are not being cyber-trained. 

Even with headline after headline about the latest data breach, people are not encouraged to defend against their cyber exposure. 

The Chubb 3rd Annual Report 
The goal of insirance firm Chubb’s 2019 Cyber Risk Survey is to determine the level of understanding individuals have about their cyber risks. While at the same time looking at the steps they are taking to protect themselves. For small businesses with limited resources, complacency can have detrimental consequences. This is because the chance of a small company crashing out of business after a cyber-attack is highly likely. And the best way to defend themselves is by making everyone in the company more aware.

Fran O’Brien, Division President of Chubb North America Personal Risk Services, said  “When it comes to your cyber-security, there’s no such thing as being over-prepared.” He also says, “While it’s important that the vast majority of respondents remain concerned about a breach, concern itself isn’t enough. Individuals often say their lack of cybersecurity action is because it seems too time-consuming in the moment. But implementing cyber safeguards today will save time and financial resources tomorrow, should a breach occur.”

If you are a valued target, sooner or later a breach is very likely to take place. and just because you are a small business, it doesn’t mean you are immune to attacks. Because 43% of cyber-attacks target small businesses.

2019 Cyber-Security Risk Statistics
In the study, 70% of the respondents say their company has “excellent” or “good” cyber-security practices. But only 31% of them receive annual company-wide training or updates from their employer.

Considering employee education lies at the core of the cybersecurity problem, more needs to be done. And the lessons they receive have to be from a reliable source. Because the survey says more than a third are learning about protection against cyber-security risks from mainstream media (35%) and family and friends (34%).

Only 19% report they learn about cyber-security protection through their employer. This means the vast majority of the workforce doesn’t have the necessary skills to protect their business. And this results in employees and individuals not being able to identify an attack when it is taking place.

Identifying Attacks
The one common form of attack the respondents defined correctly is ransomware at 54%. But it goes downhill from there as most of them couldn’t identify credential stuffing (59%), Emotet (72%), and Ryuk (74%).
These forms of attack are barely scratching the surface, and unless your company specialises in cybersecurity it is impossible for your staff to know everything. The key is to teach your employees so they can have a general understanding of these common attacks.

Cyber Security Training
Coupled with strict governance and mandatory annual training, you can bring your employees up to speed. And according to Chubb, the training, which can be taken online and limited to an hour, is enough to help employees identify breach warning signs. By identifying these signs, your employees can stop full-blown attacks so you can intervene.
Small businesses can implement policies to ensure everyone in the company becomes part of the first line of defense against a cyberattack. But even with the best efforts, it may not be possible to stop an attack. And this is why cyber insurance should be a serious consideration to fully protect your business.

According to Chubb, with the right cyber insurance, you can get an inclusive mix of defensive and protective measures. This includes capabilities which provide fast response in a worst-case scenario. In addition to a financial loss mitigation tool, it should also help individuals understand how to prepare ahead of a potential cyber-attack.

For effective employee cyber training which is engaging, endorsed by leading experts and will improve cyber behaviour across your entire organisation please contact Cyber Security Intelligence

SmallBizTrends:         Chubb:       Image: Nick Youngson

You Might Also Read:

Why Cyber Training Is So Important For Business:

Effective Cybersecurity Requires Both Cyber Training & Insurance Cover:

 

 

« Cyber Insurance Is Unsustainable On Its Current Path
Easy Cyber Knowldege Ch.4 The Internet of Things (IoT) »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

SolarWinds

SolarWinds

SolarWinds as a worldwide leader in solutions for network and IT service management, application performance, and managed services.

Hogan Lovells

Hogan Lovells

Hogan Lovells is an international business law firm with offices across Europe, Asia and the USA. Practice areas include Privacy & Cybersecurity.

Bluink

Bluink

Bluink specializes in identity and access management and customer identity verification, using your smartphone as a strong authenticator and secure identity store.

Defence Intelligence

Defence Intelligence

Defence Intelligence is an information security firm specializing in advanced malware protection.

Surevine

Surevine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

Digital Security

Digital Security

Digital Security is an Ecuadorian company specialized in providing comprehensive information security solutions.

SevenShift

SevenShift

SevenShift is a security consulting firm with a wealth of experience in the worlds of Cybersecurity and Internet of Things (IoT).

RiskRecon

RiskRecon

RiskRecon makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties.

AppOmni

AppOmni

AppOmni is the only SaaS CSPM solution that gives teams all the tools they need to be successful – from security posture management to monitoring and detection to continuous compliance.

Advantio

Advantio

Advantio offers a unique combination of technologies and managed, advisory and testing services to increase your cyber resilience and compliance.

PureSquare

PureSquare

PureSquare exist to empower people with simple solutions for their increasingly complex digital security & online privacy needs.

FusionAuth

FusionAuth

FusionAuth is the customer authentication and authorization platform that makes developers' lives awesome.

Exodata

Exodata

Exodata is a French digital services company specializing in the outsourcing of IT Systems and solutions.

Camms

Camms

Camms are a team of experienced professionals dedicated to providing innovative GRC software solutions that help organizations manage risk, make informed decisions, and drive positive change.

Axiotrop

Axiotrop

AXIOTROP is a Cybersecurity firm offering leading services in assessment, remediation, and validation to protect the confidentiality, integrity, and availability of regulated information.

Supersecure

Supersecure

Supersecure is a Managed Security Service Provider (MSSP) offering a wide range of information security solutions.