SMEs Need To Close The Cyber Security Training Gap

Uploaded on 2021-07-20 in JOBS-Training, FREE TO VIEW

In 2020 millions of UK people began working at home because of Covid and currently in 2021, the proportion of remote workers who say loneliness and cyber security problems are serious issues has significantly increased. 

Cyber criminal attackers have benefited from the uncertainty of the COVID-19 pandemic and the isolation of remote workers and have made remote worker the victims of phishing attacks.

Government research into the UK cyber security labour market carried out in 2020 estimated that  48% of UK businesses had a basic skills gap when it came to cyber security.  This year, Vodafone completed and published a similar report which found that around 30% of UK SMEs said they don’t have a cyber security strategy in place. While this suggest the gap has closed, its clear the knowledge and skills shortages remain a big problem for SMEs. 

In 2020 the government report found 64% of cyber firms faced problems with technical cyber security skills gaps among existing staff or job applicants. A recent 2021 Capterra looking at cyber security and home working demonstrated a situation that could prove even more critical. Just 19% of those questioned believed their company had no individual they could contact regarding cyber security breaches, a rise from 11% in 2020, while a little under 50% admitted they wouldn’t actually know who to contact within their organisation if such a breach occurred. Capterra's findings, which showed the number of employees who had received IT security training had risen only fractionally year-on-year, from 20% in 2020 to 22% in 2021, despite the wider security risks faced now from remote working.

This means companies are not only battling to ensure their employees understand the appropriate safety precautions while working away from the office, but they are also struggling to find the right security employees to put proper security in place.  

Mimecast research paints another worrying picture. Some seven in 10 of those questioned believed employee behaviours such as poor password hygiene put their companies at risk but only one in five organisations had provided ongoing cyber awareness training, according to the report. 

An additional problem can be when people feel disconnected from their training, so any lessons delivered don’t sink in.
Some of the biggest threats could actually be the most simple to solve. Recent research by HP's Wolf security found that 46% of office workers admitted to using their work laptop for personal “life admin”, and 30% had let someone else use their work device. 

Mimecast:      Gov.UK:      Capterra:         ITPro:      Vodafone:    HP Wolf

You Might Also Read:

How To Write Learning Objectives For Cyber Security Training:

 

« Scientists Say Social Media Is A Risk To Humanity
Artificial Intelligence Is Being Badly Used In Cyber Security »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Tanium

Tanium

Tanium delivers Autonomous Endpoint Management (AEM) with the industry’s only true real-time platform for AI.

Hyve

Hyve

Hyve provide a wide range of managed web hosting services including private, hybrid and public VMware cloud hosting.

ODVA

ODVA

ODVA is a global trade and standards development organization whose members comprise the world’s leading industrial automation companies.

PROMIA

PROMIA

PROMIA is in the business of providing solutions that are designed to support highly secure, reliable, scalable and interoperable business applications.

Eseye

Eseye

Eseye is a global specialist supplier of cellular internet connectivity for intelligent IoT (Internet of Things) devices.

Uhuru Corp

Uhuru Corp

Uhuru offers a wide variety of IoT products and solutions including enebular® IoT Orchestration Service.

AXA XL

AXA XL

AXA XL is the P&C and Specialty Risk Division of AXA. Professional insurance products include Cyber Insurance.

Aptiv

Aptiv

Aptiv is a global technology company that develops safer, greener and more connected solutions enabling the future of mobility.

Japan Cybersecurity Innovation Committee (JCIC)

Japan Cybersecurity Innovation Committee (JCIC)

JCIC is an independent and not-for-profit thinktank to establish a secure and safe digital society.

DataCloak

DataCloak

DataCloak is an innovation company that focus on providing enterprise data-in-motion security solutions based on zero-trust security technology.

Sum&Substance (Sumsub)

Sum&Substance (Sumsub)

Sum&Substance is a developer of remote verification solutions. Our technology allows online services around the world to meet regulatory requirements, prevent fraud and enhance customer confidence.

UKsec: Virtual Cyber Security Summit

UKsec: Virtual Cyber Security Summit

Join 100s of UK Cyber Security Leaders Online for Expert Cyber Security Talks, Strategy Insights, Cyber Resilience Tips and More.

ViewQwest

ViewQwest

ViewQwest is a regional telecommunications & information technology services company. We specialize in providing Connectivity, Managed Network, Managed SD-WAN, and Managed Security solutions.

Patriot Consulting Technology Group

Patriot Consulting Technology Group

Patriot Consulting's mission is to help our clients manage cybersecurity risk through secure deployments of Microsoft 365.

NexusTek

NexusTek

NexusTek is a managed IT services provider with a comprehensive portfolio comprised of end-user services, cloud, infrastructure, cyber security, and IT consulting.

TrustFour

TrustFour

TrustFour is a pioneer in workload and non-human identity security, providing innovative solutions for compliance, remediation, post quantum resiliency, and advanced threat defense.